# pub.ezanga.org goggle redirects



## Phyore (Oct 26, 2011)

Soo my Google searches seem to get redirected. An example: I type Minecraft, it searches, I hover over the top link where it shows www.minecraft.net, I then click the link at it redirects tp searches7.org which asks to "click here" if the the page does not load, that redirects to [numbers].pub.ezana.org/[followed by randomness].

I have tried a lot of ways to remove it;


Norton 360
Malwarebytes
JRT
NPE
HiJackThis
AdwCleaner
Spybot S&D
So many things, running full system scans and still no luck.


----------



## Mark1956 (May 7, 2011)

Lets first give Adwcleaner another go as it has just been updated.

Open the program and if you get a pop up stating an update is available follow the prompts to get the new version. Run the program, click on the Scan button, when that completes click on the Clean button. Accept all the prompts that appear and allow the system to reboot. Copy & Paste the log that appears after the reboot into your next reply.

If this does not fix the problem there is plenty more we can do to track it down and remove the redirect infection.


----------



## Phyore (Oct 26, 2011)

Seems it did not find anything, only found my firefox profiles and my chrome preferences.


----------



## Mark1956 (May 7, 2011)

Not doubting your own observations, but please post the log so I can see the results. Also, tell me if you only have this problem in Google, does it happen with your other browsers?


----------



## Phyore (Oct 26, 2011)

No problem, just tested it with IE and no results seems to get hijacked on google, haven't used any other search engine either.


```
# AdwCleaner v3.301 - Report created 28/07/2014 at 20:32:49
# Updated 28/07/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Jamie - PHYORE-HP
# Running from : C:\Users\Jamie\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\l2w7tuej.default\prefs.js ]


[ File : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Found [Search Provider] : hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=e2332e27-91a1-4caa-94f1-98d6c52f9575&searchtype=ds&q={searchTerms}&installDate=10/04/2013
Found [Search Provider] : hxxps://isearch.avg.com/search?cid={F04B2916-1766-4A44-BDF2-E9E56914ADDB}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}

*************************

AdwCleaner[R0].txt - [2255 octets] - [20/07/2014 21:55:31]
AdwCleaner[R1].txt - [1132 octets] - [28/07/2014 19:30:22]
AdwCleaner[R2].txt - [1398 octets] - [28/07/2014 20:32:49]
AdwCleaner[S0].txt - [2310 octets] - [20/07/2014 21:58:05]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1518 octets] ##########
```


----------



## Mark1956 (May 7, 2011)

Adwcleaner did find something in Google, but the log you posted is from a scan, when you ran the scan did you follow it up by clicking on the Clean button? If you do not use the Clean button it won't remove anything.

The ask.com and isearch.avg.com probably wont cause much of a problem, but feed.snap.do is likely to be an issue.


----------



## Phyore (Oct 26, 2011)

It was an issue I had before which I solved on Firefox, will clear that on Chrome but I'm not thinking that is the problem.


----------



## Mark1956 (May 7, 2011)

You may be right, but we need to remove those items with Adwcleaner. Run a Scan with it and then use the Clean button, then post the log produced after the reboot. You don't need to put the log in a Code box, just copy it directly into your reply.

If the problem continues we have other tools we can use to locate the problem.


----------



## Phyore (Oct 26, 2011)

# AdwCleaner v3.301 - Report created 29/07/2014 at 11:08:46
# Updated 28/07/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Jamie - PHYORE-HP
# Running from : C:\Users\Jamie\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\l2w7tuej.default\prefs.js ]

[ File : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\prefs.js ]

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2255 octets] - [20/07/2014 21:55:31]
AdwCleaner[R1].txt - [1132 octets] - [28/07/2014 19:30:22]
AdwCleaner[R2].txt - [1598 octets] - [28/07/2014 20:32:49]
AdwCleaner[R3].txt - [1658 octets] - [28/07/2014 22:05:12]
AdwCleaner[R4].txt - [1373 octets] - [29/07/2014 11:08:01]
AdwCleaner[S0].txt - [2310 octets] - [20/07/2014 21:58:05]
AdwCleaner[S1].txt - [1725 octets] - [28/07/2014 22:09:24]
AdwCleaner[S2].txt - [1294 octets] - [29/07/2014 11:08:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1354 octets] ##########


----------



## Mark1956 (May 7, 2011)

You've not told me if the problem is still there so I will assume it is.

Please run this scan and post both of the logs produced:

Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop. Do not get tempted to download and use any other software that may be advertised on the page.

*Note:* If you get a warning that the download could harm your system, please ignore it and allow the download to go ahead. FRST is perfectly safe and we would never ask you to download anything that isn't.

*Note*: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click on FRST to run it. When the tool opens click *Yes* to the disclaimer.
Press the* Scan* button. *DO NOT* check any of the Optional Scan options unless requested.
It will make a log (*FRST.txt*) in the same directory the tool is run from. Please copy and paste it into your next reply.
The first time the tool is run, it makes another log (*Addition.txt*). Please also copy and paste that into your reply.


----------



## Phyore (Oct 26, 2011)

*FRST.txt*
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Jamie (administrator) on PHYORE-HP on 29-07-2014 18:27:54
Running from C:\Users\Jamie\Desktop\SCANS
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SUPERAntiSpyware.com) J:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Safer Networking Ltd.) J:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite\hpMonitor.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwjd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) J:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jamie\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [Window Hide Tool] => J:\Program Files (x86)\Window Hide Tool\Window Hide Tool.exe [307200 2008-01-18] (FOMINE SOFTWARE)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [WTFast Tray] => J:\Program Files (x86)\WTFast\WTFast.exe [4260456 2014-05-26] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [SpybotSD TeaTimer] => J:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HPMonitor.exe.lnk
ShortcutTarget: HPMonitor.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite\hpMonitor.exe (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpwjd.exe.lnk
ShortcutTarget: hpwjd.exe.lnk -> C:\ProgramData\HP Mouse Suite Config\hpwjd.exe (Hewlett-Packard )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpwmsd.exe.lnk
ShortcutTarget: hpwmsd.exe.lnk -> C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe (Hewlett-Packard )
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (No File)
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> J:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => J:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => J:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => J:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE521BAB1279ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB,en;q=0.7,ja;q=0.3
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> J:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> J:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> J:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - J:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer]8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Homepage: https://www.google.co.uk/
FF Keyword.URL: hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=
FF NetworkProxy: "backup.ftp", "187.162.253.250"
FF NetworkProxy: "backup.ftp_port", 8888
FF NetworkProxy: "backup.socks", "187.162.253.250"
FF NetworkProxy: "backup.socks_port", 8888
FF NetworkProxy: "backup.ssl", "187.162.253.250"
FF NetworkProxy: "backup.ssl_port", 8888
FF NetworkProxy: "ftp", "187.162.253.250"
FF NetworkProxy: "ftp_port", 8888
FF NetworkProxy: "http", "187.162.253.250"
FF NetworkProxy: "http_port", 8888
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "187.162.253.250"
FF NetworkProxy: "socks_port", 8888
FF NetworkProxy: "ssl", "187.162.253.250"
FF NetworkProxy: "ssl_port", 8888
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - J:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Jamie\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: BYOND - J:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll (BYOND)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: FoxyProxy Standard - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2014-03-08]
FF Extension: Tilt - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Display Control Panel - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{2B595628-FC5A-905D-551C-31B89AC7457F} [2014-07-14]
FF Extension: HP Detect - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-11-22]
FF Extension: Page Speed - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2013-10-19]
FF Extension: Firebug - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Enhanced Steam - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2014-06-24]
FF Extension: New Tab Tools - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Pastebin - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: SQLite Manager - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Stylish - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-10-19]
FF Extension: eBay Sidebar for Firefox - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2014-02-16]
FF Extension: NoScript - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-08]
FF Extension: FFXI Helper - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{89c9e067-2605-4f75-a608-f6ea31c9d085}.xpi [2013-10-19]
FF Extension: Web Developer - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-10-19]
FF Extension: Adblock Plus - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-19]
FF Extension: DownThemAll! - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-10-19]
FF Extension: Greasemonkey - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-10-19]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-10-20]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-29]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-12-20]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-19]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-19]
CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-19]
CHR Extension: (Norton Identity Protection) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-21]
CHR Extension: (Hangouts) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-19]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-19]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; J:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5148240 2013-07-22] (INCA Internet Co., Ltd.)
S2 PinnacleUpdateSvc; J:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 SBSDWSCService; J:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 Service KMSELDI; J:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-07-24] (Sony Mobile Communications)
R3 HP8207_8307; C:\Windows\System32\drivers\HP8207_8307.sys [15360 2010-02-04] (Windows (R) Win 7 DDK provider)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140728.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
S3 intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [8982208 2012-07-25] (Intel Corporation) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140728.039\ENG64.SYS [126040 2014-07-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140728.039\EX64.SYS [2099288 2014-07-28] (Symantec Corporation)
R1 SASDIFSV; J:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; J:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1504000.00D\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 X6va015; \??\C:\WINDOWS\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 18:27 - 2014-07-29 18:27 - 00000000 ____D () C:\Users\Jamie\Desktop\SCANS
2014-07-29 18:27 - 2014-07-29 18:27 - 00000000 ____D () C:\FRST
2014-07-28 23:10 - 2014-07-28 23:10 - 00000000 ____D () C:\Users\Jamie\Downloads\[DAE] The World God Only Knows [BD.x264.1080p.AAC]
2014-07-28 19:44 - 2014-07-28 19:44 - 50574330 _____ () C:\Users\Jamie\Desktop\The Simpsons-Family Guy Crossover - Comic Con 2014.mp4
2014-07-27 22:59 - 2014-07-27 23:04 - 584087399 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 17 [1080p].mkv
2014-07-27 22:58 - 2014-07-27 23:04 - 568301507 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 04 [1080p].mkv
2014-07-27 21:23 - 2014-07-27 21:27 - 777625719 _____ () C:\Users\Jamie\Desktop\This IS Bedford, UK 2014.mp4
2014-07-27 09:16 - 2014-07-27 09:16 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Elite Hunting Log
2014-07-27 09:14 - 2014-07-27 09:14 - 01851392 _____ () C:\Users\Jamie\Desktop\Elite Hunting Log 0.6.2.msi
2014-07-27 09:14 - 2014-07-27 09:14 - 00003027 _____ () C:\Users\Jamie\Desktop\Elite Hunting Log.lnk
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elite Hunting Log
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Users\Jamie\AppData\Local\bahab
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Program Files (x86)\Elite Hunting Log
2014-07-25 21:12 - 2014-07-25 21:12 - 00005550 _____ () C:\Users\Jamie\Desktop\ph.txt
2014-07-24 16:43 - 2014-07-24 16:43 - 00030424 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggsomc.sys
2014-07-24 16:43 - 2014-07-24 16:43 - 00016088 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggflt.sys
2014-07-24 16:37 - 2014-07-24 16:37 - 06339727 _____ () C:\Users\Jamie\Desktop\wordpress-3.9.1.zip
2014-07-24 16:36 - 2014-07-24 16:36 - 00002042 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-07-24 13:11 - 2014-07-24 13:11 - 00000000 ____D () C:\SUPERDelete
2014-07-24 13:08 - 2014-07-24 13:08 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 20242904 _____ (SUPERAntiSpyware) C:\Users\Jamie\Desktop\SUPERAntiSpyware.exe
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-20 22:29 - 2014-07-20 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2014-07-20 22:13 - 2014-07-20 22:13 - 00000000 ____D () C:\WINDOWS\pss
2014-07-20 22:06 - 2014-07-20 22:06 - 00000000 _____ () C:\Users\Jamie\Desktop\New Text Document.txt
2014-07-20 22:05 - 2014-07-20 22:05 - 00000817 _____ () C:\Users\Jamie\Desktop\JRT.txt
2014-07-20 22:01 - 2014-07-20 22:01 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-20 22:00 - 2014-07-20 22:01 - 01016261 _____ (Thisisu) C:\Users\Jamie\Desktop\JRT.exe
2014-07-20 21:55 - 2014-07-29 11:08 - 00000000 ____D () C:\AdwCleaner
2014-07-20 21:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-20 21:54 - 2014-07-28 19:29 - 01365525 _____ () C:\Users\Jamie\Desktop\AdwCleaner.exe
2014-07-20 16:52 - 2014-07-20 16:52 - 00013795 _____ () C:\Users\Jamie\Desktop\hijackthis.log
2014-07-20 16:51 - 2014-07-20 16:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jamie\Desktop\HijackThis.exe
2014-07-20 00:17 - 2014-07-20 00:43 - 934489494 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 03 [1080p].mkv
2014-07-20 00:13 - 2014-07-20 00:16 - 585974408 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 16 [1080p].mkv
2014-07-18 22:48 - 2014-07-18 23:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-18 22:48 - 2014-07-18 22:48 - 00000977 _____ () C:\Users\Jamie\Desktop\Spybot - Search & Destroy.lnk
2014-07-18 22:48 - 2014-07-18 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-18 22:47 - 2014-07-18 22:47 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jamie\Desktop\spybotsd162.exe
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-07-18 13:07 - 2014-07-18 13:07 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Skyrim
2014-07-17 00:56 - 2014-07-17 00:58 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\libraries
2014-07-17 00:56 - 2014-07-17 00:58 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\assets
2014-07-17 00:56 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\versions
2014-07-17 00:50 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Direwolf20_1_6_4
2014-07-17 00:24 - 2014-07-17 00:50 - 00000000 ____D () C:\Users\Jamie\AppData\Local\ftblauncher
2014-07-16 21:58 - 2014-07-16 21:58 - 00096556 _____ () C:\Users\Jamie\Desktop\latest.log
2014-07-15 10:50 - 2014-05-15 13:19 - 00013824 _____ (Kephyr) C:\WINDOWS\system32\ffnd.exe
2014-07-15 10:43 - 2014-07-15 10:46 - 00000000 ____D () C:\Users\Jamie\AppData\Local\FreeFixer
2014-07-15 10:43 - 2014-07-15 10:43 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\FreeFixer
2014-07-15 10:43 - 2014-05-15 13:19 - 00000000 ____D () C:\Users\Jamie\Desktop\freefixer_portable
2014-07-15 10:35 - 2014-07-15 10:35 - 00280776 _____ () C:\WINDOWS\Minidump\071514-7234-01.dmp
2014-07-15 01:47 - 2014-07-15 01:47 - 00000000 ____D () C:\ProgramData\SMR410
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 _____ () C:\autoexec.bat
2014-07-15 00:44 - 2014-07-15 01:49 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-15 00:30 - 2014-07-15 00:30 - 00001394 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-07-15 00:28 - 2014-07-15 01:48 - 00000000 ____D () C:\NPE
2014-07-15 00:28 - 2014-05-28 14:03 - 00242878 _____ () C:\WINDOWS\ntbtlog.txt.bak
2014-07-15 00:27 - 2014-07-15 01:47 - 00000000 ____D () C:\Users\Jamie\AppData\Local\NPE
2014-07-15 00:27 - 2014-07-15 00:27 - 03077584 ____N (Symantec Corporation) C:\Users\Jamie\Desktop\NPE.exe
2014-07-14 19:17 - 2014-07-25 17:10 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 19:17 - 2014-07-14 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 19:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-14 19:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-14 18:47 - 2014-07-14 18:47 - 00002667 _____ () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\resmon.lnk
2014-07-14 18:25 - 2014-07-24 17:31 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Uwlxmedia
2014-07-14 18:23 - 2014-07-14 18:23 - 00000000 ____D () C:\Users\Jamie\Downloads\D3DGear
2014-07-14 17:29 - 2014-07-14 17:37 - 00000000 ____D () C:\Users\Jamie\Downloads\Warcraft III Reign of Chaos, The Frozen Throne, DoTa + Update Patch War3TFT_121b_English and map pack + CD Key
2014-07-13 21:07 - 2014-07-13 21:07 - 00000000 ____D () C:\Users\Jamie\Documents\Roms
2014-07-13 20:58 - 2014-07-13 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-13 20:53 - 2014-07-13 20:54 - 04489075 _____ ( ) C:\Users\Jamie\Desktop\setup Project64 2.1.exe
2014-07-13 20:29 - 2014-07-13 20:29 - 00195485 _____ () C:\Users\Jamie\Desktop\MyCommand.jar
2014-07-13 18:07 - 2014-07-13 18:07 - 00000893 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-07-13 16:52 - 2014-07-13 16:52 - 00000000 ____D () C:\Users\Jamie\Desktop\SMART
2014-07-13 16:50 - 2014-07-13 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-07-12 23:09 - 2014-07-12 23:09 - 00000918 _____ () C:\Users\Jamie\Desktop\BitTorrent.lnk
2014-07-12 19:22 - 2014-07-12 19:22 - 00000000 ____D () C:\Users\Jamie\AppData\Local\SyndicatedLife
2014-07-12 19:20 - 2014-07-12 19:20 - 00000000 ____D () C:\Users\Jamie\Documents\FFXIVAPP
2014-07-12 19:19 - 2014-07-12 19:22 - 00000000 ____D () C:\Users\Jamie\Desktop\FFXIV-APP
2014-07-10 22:30 - 2014-07-10 22:30 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\LOVE
2014-07-10 22:29 - 2014-07-10 22:29 - 05565454 _____ () C:\Users\Jamie\Desktop\mari0-win.zip
2014-07-10 22:29 - 2014-07-10 22:29 - 00000000 ____D () C:\Users\Jamie\Desktop\mari0-win
2014-07-10 01:44 - 2014-07-12 23:12 - 00000000 ____D () C:\Users\Jamie\Downloads\Date A Live S2
2014-07-09 21:11 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 21:09 - 2014-07-09 21:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 18:58 - 2014-05-31 11:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 18:58 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 18:58 - 2014-05-31 04:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 18:58 - 2014-05-31 04:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 18:58 - 2014-05-31 04:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 18:58 - 2014-05-31 04:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 18:58 - 2014-05-31 04:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 18:58 - 2014-05-31 04:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 18:58 - 2014-05-31 03:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 18:58 - 2014-05-31 03:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 18:58 - 2014-05-31 03:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 18:58 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 18:58 - 2014-05-31 03:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 18:58 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 18:58 - 2014-05-31 03:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 18:57 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 18:57 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 18:57 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 18:57 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 18:57 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 18:57 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 18:57 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 18:57 - 2014-06-19 00:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 18:57 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 18:57 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 18:57 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 18:57 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 18:57 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 18:57 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 18:57 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 18:57 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 18:57 - 2014-06-18 23:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 18:57 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 18:57 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 18:57 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 18:57 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 18:57 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 18:57 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 18:57 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 18:57 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 18:57 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 18:57 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 18:57 - 2014-06-16 23:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 18:57 - 2014-06-16 23:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 18:57 - 2014-06-06 15:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 18:57 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 18:57 - 2014-05-29 13:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 18:57 - 2014-05-29 08:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 18:57 - 2014-05-29 07:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 18:57 - 2014-05-29 07:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 18:57 - 2014-05-29 06:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 18:57 - 2014-05-29 06:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 18:56 - 2014-06-30 23:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 18:56 - 2014-06-28 08:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 18:56 - 2014-06-28 08:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 18:56 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 18:56 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 19:07 - 2014-07-08 19:07 - 05659136 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-07-06 21:50 - 2014-07-06 21:54 - 568229841 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 01 [1080p].mkv
2014-07-06 21:49 - 2014-07-06 22:54 - 586438463 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 14 [1080p].mkv
2014-07-03 22:23 - 2014-07-03 22:23 - 00087115 _____ () C:\Users\Jamie\Desktop\sp.schematic
2014-07-01 23:39 - 2014-07-01 23:39 - 00000006 _____ () C:\Users\Jamie\Desktop\RT.txt
2014-07-01 16:00 - 2014-07-01 16:00 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2014-07-01 15:59 - 2014-07-01 15:59 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\PDAppFlex
2014-06-29 22:55 - 2014-06-29 22:57 - 585920917 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 13 [1080p].mkv
2014-06-29 20:16 - 2014-07-22 19:25 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Adobe
2014-06-29 18:32 - 2014-07-25 17:21 - 00000024 _____ () C:\Users\Jamie\random.dat
2014-06-29 18:32 - 2014-07-25 17:18 - 00000044 _____ () C:\Users\Jamie\jagex_cl_runescape_LIVE.dat
2014-06-29 18:32 - 2014-06-29 18:32 - 00000000 ____D () C:\Users\Jamie\jagexcache
2014-06-29 18:32 - 2014-06-29 18:32 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\RSBot

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 18:27 - 2014-07-29 18:27 - 00000000 ____D () C:\Users\Jamie\Desktop\SCANS
2014-07-29 18:27 - 2014-07-29 18:27 - 00000000 ____D () C:\FRST
2014-07-29 18:26 - 2013-10-21 22:59 - 00004962 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for PHYORE-HP-Jamie Phyore-HP
2014-07-29 18:25 - 2014-02-09 15:52 - 00000000 __RDO () C:\Users\Jamie\SkyDrive
2014-07-29 18:25 - 2013-10-19 22:04 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 18:25 - 2013-10-19 19:15 - 01289459 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-29 18:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-29 18:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-29 12:07 - 2013-10-19 19:25 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-29 11:58 - 2013-10-19 19:21 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{57548887-F317-4E93-9757-2C5235D3754A}
2014-07-29 11:34 - 2013-10-19 22:04 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 11:28 - 2013-10-19 19:24 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-497589721-493781404-738327830-1001
2014-07-29 11:23 - 2013-10-19 19:18 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Packages
2014-07-29 11:14 - 2013-11-12 21:15 - 00509302 _____ () C:\WINDOWS\system32\perfh011.dat
2014-07-29 11:14 - 2013-11-12 21:15 - 00136508 _____ () C:\WINDOWS\system32\perfc011.dat
2014-07-29 11:14 - 2013-09-30 05:04 - 01504416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-29 11:09 - 2014-04-24 10:24 - 00119296 _____ () C:\WINDOWS\SysWOW64\zlib.dll
2014-07-29 11:09 - 2013-09-30 04:55 - 00292648 _____ () C:\WINDOWS\PFRO.log
2014-07-29 11:09 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-29 11:09 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-29 11:08 - 2014-07-20 21:55 - 00000000 ____D () C:\AdwCleaner
2014-07-29 01:11 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\vlc
2014-07-29 01:11 - 2013-10-19 19:47 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\BitTorrent
2014-07-28 23:10 - 2014-07-28 23:10 - 00000000 ____D () C:\Users\Jamie\Downloads\[DAE] The World God Only Knows [BD.x264.1080p.AAC]
2014-07-28 19:44 - 2014-07-28 19:44 - 50574330 _____ () C:\Users\Jamie\Desktop\The Simpsons-Family Guy Crossover - Comic Con 2014.mp4
2014-07-28 19:44 - 2013-10-19 19:51 - 00900096 ___SH () C:\Users\Jamie\Desktop\Thumbs.db
2014-07-28 19:29 - 2014-07-20 21:54 - 01365525 _____ () C:\Users\Jamie\Desktop\AdwCleaner.exe
2014-07-27 23:04 - 2014-07-27 22:59 - 584087399 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 17 [1080p].mkv
2014-07-27 23:04 - 2014-07-27 22:58 - 568301507 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 04 [1080p].mkv
2014-07-27 21:27 - 2014-07-27 21:23 - 777625719 _____ () C:\Users\Jamie\Desktop\This IS Bedford, UK 2014.mp4
2014-07-27 17:40 - 2013-10-19 19:46 - 00000000 ____D () C:\Users\Jamie\AppData\Local\CrashDumps
2014-07-27 09:16 - 2014-07-27 09:16 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Elite Hunting Log
2014-07-27 09:14 - 2014-07-27 09:14 - 01851392 _____ () C:\Users\Jamie\Desktop\Elite Hunting Log 0.6.2.msi
2014-07-27 09:14 - 2014-07-27 09:14 - 00003027 _____ () C:\Users\Jamie\Desktop\Elite Hunting Log.lnk
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elite Hunting Log
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Users\Jamie\AppData\Local\bahab
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Program Files (x86)\Elite Hunting Log
2014-07-25 23:16 - 2014-02-02 21:02 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-07-25 23:15 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-25 23:07 - 2014-06-19 13:15 - 00002248 ____H () C:\Users\Jamie\Documents\Default.rdp
2014-07-25 22:37 - 2014-05-25 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-07-25 21:12 - 2014-07-25 21:12 - 00005550 _____ () C:\Users\Jamie\Desktop\ph.txt
2014-07-25 17:21 - 2014-06-29 18:32 - 00000024 _____ () C:\Users\Jamie\random.dat
2014-07-25 17:18 - 2014-06-29 18:32 - 00000044 _____ () C:\Users\Jamie\jagex_cl_runescape_LIVE.dat
2014-07-25 17:10 - 2014-07-14 19:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-25 10:09 - 2013-11-03 10:13 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-24 17:43 - 2014-05-18 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 17:43 - 2014-05-18 19:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:43 - 2014-05-18 19:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 17:31 - 2014-07-14 18:25 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Uwlxmedia
2014-07-24 16:58 - 2014-02-16 15:26 - 00000000 ____D () C:\ProgramData\Origin
2014-07-24 16:58 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\mIRC
2014-07-24 16:56 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Skype
2014-07-24 16:48 - 2014-01-03 11:44 - 00311348 _____ () C:\WINDOWS\DPINST.LOG
2014-07-24 16:43 - 2014-07-24 16:43 - 00030424 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggsomc.sys
2014-07-24 16:43 - 2014-07-24 16:43 - 00016088 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggflt.sys
2014-07-24 16:42 - 2014-01-03 11:47 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-07-24 16:42 - 2014-01-03 11:47 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-07-24 16:37 - 2014-07-24 16:37 - 06339727 _____ () C:\Users\Jamie\Desktop\wordpress-3.9.1.zip
2014-07-24 16:36 - 2014-07-24 16:36 - 00002042 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-07-24 16:36 - 2014-01-03 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-07-24 16:36 - 2013-10-19 19:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-24 14:22 - 2013-11-08 00:33 - 00000000 ____D () C:\Users\Jamie\Downloads\mIRC v7.32 + Patch
2014-07-24 13:11 - 2014-07-24 13:11 - 00000000 ____D () C:\SUPERDelete
2014-07-24 13:11 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\IObit
2014-07-24 13:08 - 2014-07-24 13:08 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 20242904 _____ (SUPERAntiSpyware) C:\Users\Jamie\Desktop\SUPERAntiSpyware.exe
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-23 17:43 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\FileZilla
2014-07-23 17:24 - 2013-10-19 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 17:24 - 2013-10-19 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 19:25 - 2014-06-29 20:16 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Adobe
2014-07-20 22:29 - 2014-07-20 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2014-07-20 22:29 - 2013-11-22 15:56 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-07-20 22:13 - 2014-07-20 22:13 - 00000000 ____D () C:\WINDOWS\pss
2014-07-20 22:06 - 2014-07-20 22:06 - 00000000 _____ () C:\Users\Jamie\Desktop\New Text Document.txt
2014-07-20 22:05 - 2014-07-20 22:05 - 00000817 _____ () C:\Users\Jamie\Desktop\JRT.txt
2014-07-20 22:01 - 2014-07-20 22:01 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-20 22:01 - 2014-07-20 22:00 - 01016261 _____ (Thisisu) C:\Users\Jamie\Desktop\JRT.exe
2014-07-20 21:58 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-20 16:52 - 2014-07-20 16:52 - 00013795 _____ () C:\Users\Jamie\Desktop\hijackthis.log
2014-07-20 16:51 - 2014-07-20 16:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jamie\Desktop\HijackThis.exe
2014-07-20 00:43 - 2014-07-20 00:17 - 934489494 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 03 [1080p].mkv
2014-07-20 00:16 - 2014-07-20 00:13 - 585974408 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 16 [1080p].mkv
2014-07-18 23:09 - 2014-07-18 22:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-18 22:48 - 2014-07-18 22:48 - 00000977 _____ () C:\Users\Jamie\Desktop\Spybot - Search & Destroy.lnk
2014-07-18 22:48 - 2014-07-18 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-18 22:47 - 2014-07-18 22:47 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jamie\Desktop\spybotsd162.exe
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-07-18 15:18 - 2013-10-20 19:14 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-18 15:18 - 2013-10-20 19:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-18 15:18 - 2013-10-20 19:13 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-07-18 13:07 - 2014-07-18 13:07 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Skyrim
2014-07-18 13:07 - 2013-10-19 19:39 - 00187097 _____ () C:\WINDOWS\DirectX.log
2014-07-18 13:06 - 2013-10-04 16:11 - 00000000 ____D () C:\Users\Jamie\Documents\My Games
2014-07-17 16:52 - 2013-08-22 15:46 - 00074973 _____ () C:\WINDOWS\setupact.log
2014-07-17 00:58 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\libraries
2014-07-17 00:58 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\assets
2014-07-17 00:56 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\versions
2014-07-17 00:56 - 2014-07-17 00:50 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Direwolf20_1_6_4
2014-07-17 00:50 - 2014-07-17 00:24 - 00000000 ____D () C:\Users\Jamie\AppData\Local\ftblauncher
2014-07-17 00:50 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\ftblauncher
2014-07-17 00:24 - 2014-04-25 15:32 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\authlib
2014-07-16 21:58 - 2014-07-16 21:58 - 00096556 _____ () C:\Users\Jamie\Desktop\latest.log
2014-07-15 10:46 - 2014-07-15 10:43 - 00000000 ____D () C:\Users\Jamie\AppData\Local\FreeFixer
2014-07-15 10:43 - 2014-07-15 10:43 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\FreeFixer
2014-07-15 10:35 - 2014-07-15 10:35 - 00280776 _____ () C:\WINDOWS\Minidump\071514-7234-01.dmp
2014-07-15 10:35 - 2014-01-21 01:53 - 670468096 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-15 10:35 - 2014-01-21 01:53 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-15 01:49 - 2014-07-15 00:44 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-15 01:48 - 2014-07-15 00:28 - 00000000 ____D () C:\NPE
2014-07-15 01:47 - 2014-07-15 01:47 - 00000000 ____D () C:\ProgramData\SMR410
2014-07-15 01:47 - 2014-07-15 00:27 - 00000000 ____D () C:\Users\Jamie\AppData\Local\NPE
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 _____ () C:\autoexec.bat
2014-07-15 00:30 - 2014-07-15 00:30 - 00001394 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-07-15 00:27 - 2014-07-15 00:27 - 03077584 ____N (Symantec Corporation) C:\Users\Jamie\Desktop\NPE.exe
2014-07-14 19:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-14 19:17 - 2014-07-14 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 19:17 - 2014-02-14 15:40 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Malwarebytes
2014-07-14 19:17 - 2014-02-14 15:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 18:47 - 2014-07-14 18:47 - 00002667 _____ () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\resmon.lnk
2014-07-14 18:23 - 2014-07-14 18:23 - 00000000 ____D () C:\Users\Jamie\Downloads\D3DGear
2014-07-14 17:37 - 2014-07-14 17:29 - 00000000 ____D () C:\Users\Jamie\Downloads\Warcraft III Reign of Chaos, The Frozen Throne, DoTa + Update Patch War3TFT_121b_English and map pack + CD Key
2014-07-13 21:07 - 2014-07-13 21:07 - 00000000 ____D () C:\Users\Jamie\Documents\Roms
2014-07-13 20:58 - 2014-07-13 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-13 20:54 - 2014-07-13 20:53 - 04489075 _____ ( ) C:\Users\Jamie\Desktop\setup Project64 2.1.exe
2014-07-13 20:34 - 2013-10-19 19:46 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Eclipse
2014-07-13 20:34 - 2013-09-03 20:32 - 00000000 ____D () C:\Users\Jamie\Desktop\eclipse
2014-07-13 20:29 - 2014-07-13 20:29 - 00195485 _____ () C:\Users\Jamie\Desktop\MyCommand.jar
2014-07-13 19:21 - 2013-10-19 19:47 - 00000132 _____ () C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-07-13 18:07 - 2014-07-13 18:07 - 00000893 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-07-13 16:52 - 2014-07-13 16:52 - 00000000 ____D () C:\Users\Jamie\Desktop\SMART
2014-07-13 16:50 - 2014-07-13 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-07-13 16:50 - 2013-09-30 04:51 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-07-12 23:12 - 2014-07-10 01:44 - 00000000 ____D () C:\Users\Jamie\Downloads\Date A Live S2
2014-07-12 23:09 - 2014-07-12 23:09 - 00000918 _____ () C:\Users\Jamie\Desktop\BitTorrent.lnk
2014-07-12 23:09 - 2013-10-19 19:48 - 00000898 _____ () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-12 19:22 - 2014-07-12 19:22 - 00000000 ____D () C:\Users\Jamie\AppData\Local\SyndicatedLife
2014-07-12 19:22 - 2014-07-12 19:19 - 00000000 ____D () C:\Users\Jamie\Desktop\FFXIV-APP
2014-07-12 19:20 - 2014-07-12 19:20 - 00000000 ____D () C:\Users\Jamie\Documents\FFXIVAPP
2014-07-12 12:11 - 2013-10-19 19:18 - 00000000 ____D () C:\Users\Jamie\AppData\Local\VirtualStore
2014-07-12 11:41 - 2013-10-20 01:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-12 11:41 - 2013-10-20 01:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 10:23 - 2014-06-18 10:12 - 00000000 ____D () C:\Users\Jamie\Documents\BYOND
2014-07-10 22:30 - 2014-07-10 22:30 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\LOVE
2014-07-10 22:29 - 2014-07-10 22:29 - 05565454 _____ () C:\Users\Jamie\Desktop\mari0-win.zip
2014-07-10 22:29 - 2014-07-10 22:29 - 00000000 ____D () C:\Users\Jamie\Desktop\mari0-win
2014-07-10 19:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 11:23 - 2013-08-22 15:44 - 05102600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 02:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 02:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 02:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 21:15 - 2013-11-14 14:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 21:15 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 21:13 - 2013-11-14 14:06 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 21:10 - 2013-09-30 04:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 21:09 - 2014-07-09 21:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 19:07 - 2014-07-08 19:07 - 05659136 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:07 - 2013-10-19 19:25 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 09:34 - 2013-11-07 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-06 22:54 - 2014-07-06 21:49 - 586438463 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 14 [1080p].mkv
2014-07-06 21:54 - 2014-07-06 21:50 - 568229841 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 01 [1080p].mkv
2014-07-04 18:36 - 2013-08-27 19:56 - 00000000 ____D () C:\Users\Jamie\Documents\Adobe
2014-07-04 18:33 - 2013-10-19 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-07-04 18:33 - 2013-10-19 20:29 - 00000000 ____D () C:\Program Files\Adobe
2014-07-04 18:33 - 2013-10-19 20:28 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-04 18:33 - 2013-10-19 19:18 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Adobe
2014-07-03 22:23 - 2014-07-03 22:23 - 00087115 _____ () C:\Users\Jamie\Desktop\sp.schematic
2014-07-01 23:39 - 2014-07-01 23:39 - 00000006 _____ () C:\Users\Jamie\Desktop\RT.txt
2014-07-01 16:00 - 2014-07-01 16:00 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2014-07-01 16:00 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\PACE Anti-Piracy
2014-07-01 16:00 - 2013-10-19 19:47 - 00000000 ___HD () C:\Users\Jamie\AppData\Local\TlEgZyemtZBn
2014-07-01 15:59 - 2014-07-01 15:59 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\PDAppFlex
2014-07-01 15:44 - 2014-02-10 10:56 - 00000000 ____D () C:\Users\Jamie\Desktop\Meme
2014-07-01 15:31 - 2013-10-19 19:46 - 00001456 _____ () C:\Users\Jamie\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-06-30 23:45 - 2014-07-09 18:56 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-30 20:29 - 2013-10-03 19:19 - 00000000 ____D () C:\Users\Jamie\Downloads\Native [Deluxe Edition] [2013]
2014-06-29 22:57 - 2014-06-29 22:55 - 585920917 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 13 [1080p].mkv
2014-06-29 18:32 - 2014-06-29 18:32 - 00000000 ____D () C:\Users\Jamie\jagexcache
2014-06-29 18:32 - 2014-06-29 18:32 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\RSBot
2014-06-29 18:32 - 2013-10-19 19:15 - 00000000 ____D () C:\Users\Jamie

Files to move or delete:
====================
C:\Users\Jamie\jagex_cl_runescape_LIVE.dat
C:\Users\Jamie\random.dat

Some content of TEMP:
====================
C:\Users\Jamie\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-27 09:26

==================== End Of Log ============================


----------



## Phyore (Oct 26, 2011)

Attached due to post size limits,
*
Addition.txt*
Attached.


----------



## Mark1956 (May 7, 2011)

I've trimmed down the Addition.txt log so it fits into a post. I'll be back later.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Jamie at 2014-07-29 18:28:25
Running from C:\Users\Jamie\Desktop\SCANS
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

.sol Editor 1.1.0.1 (HKLM-x32\...\.sol Editor) (Version: 1.1.0.1 - alexisisaac.net)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
4K Video Downloader 3.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.2.0.1300 - Open Media LLC)
8BitMMO (HKLM-x32\...\Steam App 250420) (Version: - Archive Entertainment)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.20.100.31107 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C7817B39-0536-8659-D017-B50AEF795EDD}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version: - )
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{783DCCCB-FBD0-4D1D-928D-7075DA8015E6}) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
BYOND (HKLM-x32\...\BYOND) (Version: 506.1247 - BYOND)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
CrystalDiskInfo 6.1.12 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version: - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version: - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version: - Microsoft)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version: - Going Loud Studios)
Downloader (HKLM-x32\...\Downloader) (Version: - )
doxygen 1.8.7 (HKLM\...\doxygen_is1) (Version: 1.8.7 - Dimitri van Heesch)
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 1.8 - Treexy)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Elite Hunting Log (HKLM-x32\...\{8F2FC9D2-29A1-4CA4-AD41-0407F8049602}) (Version: 0.6.2 - A. Kaden)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Game Character Hub (HKLM-x32\...\Steam App 292230) (Version: - Sebastien Bini)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gear Up (HKLM-x32\...\Steam App 214420) (Version: - Doctor Entertainment AB)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
GunZ2 (HKLM-x32\...\GunZ2) (Version: - )
Horizon v2.7.6.7 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.6.7 - Daring Development Inc.)
HP IDF Software (HKLM-x32\...\{974025B1-769B-49E9-817C-C638ABE8F372}) (Version: 11.15.1000 - Hewlett-Packard Company)
HP Mouse Suite (HKLM-x32\...\{213FF60A-9899-4145-8428-D144778BE117}) (Version: 1.1.1 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Imprudence Viewer 1.3.2 (HKLM-x32\...\{D7736EE8-AFCE-4735-BBE3-652CDFBBFCA8}_is1) (Version: - The Imprudence And Kokua Projects)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Macro Recorder 5.7.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.0 - Jitbit Software)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Project MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visio MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version: - GameTuts)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PHANTASY STAR ONLINE 2 キャラクタークリエイト体験版 ver. 2.0 (HKLM-x32\...\http://pso2.jp/appid/charactercreator_ver2_is1) (Version: - SEGA)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.6.6 - PowerUp Software)
Pokémon Trading Card Game Online (HKLM-x32\...\{F66747DD-53B4-4C44-BDC2-B5A1893068F9}) (Version: 1.0.0 - The Pokémon Company International)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PremiumSoft Navicat 9.0 for MySQL (HKLM-x32\...\PremiumSoft Navicat for MySQL_is1) (Version: - PremiumSoft CyberTech Ltd.)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Python 3.3 pywin32-218 (HKLM\...\pywin32-py3.3) (Version: - )
Python 3.3.4 (64-bit) (HKLM\...\{d7e79bb6-dbe5-33c5-b105-ce6871c59db6}) (Version: 3.3.4150 - Python Software Foundation)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{6E5C415F-1388-4BA6-B926-C19318BE6075}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
ShareX 8.4.0 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 8.4.0 - ShareX Developers)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.10.201407111005 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SQLite Expert Personal 3.5.35 (HKLM-x32\...\SQLite Expert Personal 3_is1) (Version: - Bogdan Ureche)
SQLite Expert Professional 3.5.35 (HKLM-x32\...\SQLite Expert Professional 3_is1) (Version: - Bogdan Ureche)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteamTool 1.1 (HKLM-x32\...\{B442D7D6-5153-4DBC-954D-BFFAACACDFDC}_is1) (Version: 1.1 - Stefan Jones)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Test Mail Server Tool (HKLM-x32\...\{5781A356-8BC3-4AD1-8214-DDD0CCA85B2A}) (Version: 2.54 - Toolheap)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Impossible Game (HKLM-x32\...\Steam App 251630) (Version: - Grip Games)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.4.15 - Electronic Arts)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM\...\{E93151DE-8DC3-47F9-852A-3417954AA760}) (Version: 16.0.559.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{121C874E-5797-40B2-86CE-CE6624F2711A}) (Version: 15.0.1376 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Trending Words Dictionary (HKLM\...\{700F737C-4BFD-40D1-9359-C08953CC6857}) (Version: 16.0.565.1 - Microsoft Corporation)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9F71CF8-8310-4EFC-869F-47BC0FEE269D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PRJPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PRJPROR_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PRJPROR_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.VISPRO_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PRJPROR_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.VISPRO_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PRJPROR_{1BABB09A-AB4C-427F-B23C-76A278737988}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1BABB09A-AB4C-427F-B23C-76A278737988}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.VISPRO_{1BABB09A-AB4C-427F-B23C-76A278737988}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PRJPROR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.VISPRO_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PRJPROR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F900141F-C216-4095-94E4-1D47AEFAD27D}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F900141F-C216-4095-94E4-1D47AEFAD27D}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 64-Bit Edition (HKLM\...\{90150000-0054-0409-1000-0000000FF1CE}_Office15.VISPRO_{F900141F-C216-4095-94E4-1D47AEFAD27D}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PRJPROR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-003B-0000-1000-0000000FF1CE}_Office15.PRJPROR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
VidCoder 1.5.23 Beta (x64) (HKLM\...\VidCoder-Beta-x64_is1) (Version: 1.5.23 - RandomEngy)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
Window Hide Tool 2.0 (HKLM-x32\...\Window Hide Tool_is1) (Version: - FOMINE SOFTWARE)
Windows Driver Package - Hewlett - Packard (HidUsb) HIDClass (01/26/2010 1.12.7600.16385) (HKLM\...\63AD5694BB6DAB8863713F85AE50BA9F539D7A3E) (Version: 01/26/2010 1.12.7600.16385 - Hewlett - Packard)
Windows Driver Package - Hewlett-Packard (HidUsb) HIDClass (01/26/2010 1.12.7600.16385) (HKLM\...\90B012BF3F529E820A22374831C4C7D340A4CD3D) (Version: 01/26/2010 1.12.7600.16385 - Hewlett-Packard)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WTFast 3.1 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.1.1.3 - Initex & AAA Internet Publishing)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)

==================== Restore Points =========================

12-07-2014 10:39:35 Windows Update
13-07-2014 17:06:06 Installed DirectX
14-07-2014 23:30:20 Norton_Power_Eraser_20140715003019951
18-07-2014 12:06:58 Installed DirectX
20-07-2014 21:21:54 Installed HP Mouse Suite
24-07-2014 15:43:02 Installed Sony Mobile Drivers
27-07-2014 08:14:20 Installed Elite Hunting Log

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-07-15 00:30 - 00000054 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {028E1A3F-3708-4E98-89B1-89DD364DCD73} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {04BE812A-2000-4522-80A3-E97836C39CC2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05B46A4A-27CC-422B-B24D-5AAFF3BCEE72} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DF19B04-F7AE-4E83-818E-A586D811BB49} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {40F8E38F-B963-4A31-A70F-D2D2EC2E1FF4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {53563871-069C-48F6-B8D1-8C85D271030B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {5D720EA5-09CA-40C2-983E-F1D0C38D754A} - System32\Tasks\AutoPico Daily Restart => J:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {608A8A62-11E0-4172-813F-E7365D1D7B47} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E2E5741-547C-4278-86E6-26E2328C71DE} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6F68D876-CF72-4D64-99DB-1CF123032335} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {721D36DF-CD18-4D53-9AE4-6DA248A9C25A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8869A436-3842-43DF-8C1A-7AC308817DE0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C8B62DCD-6ED9-4D07-91ED-52EE49F161B6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-05-05] (Microsoft Corporation)
Task: {CA587DE6-110E-4AB9-9D07-934B727D600C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D2A56D0C-6D55-4A56-8260-9C812E8A86D3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E64830C6-9F02-4BD5-A1DD-31E216E0FE1E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EF42289B-E2E6-4BC6-BF8D-218242E65C5B} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F3F5D62F-012B-4180-AABC-08F6CA4CA87F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PHYORE-HP-Jamie Phyore-HP => J:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {F9DD7CD6-885B-407C-B7C2-AA0E8A6E3FA2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-10 13:21 - 2014-06-10 13:21 - 08892072 _____ () J:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-24 17:43 - 2014-05-24 17:43 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-06-27 08:56 - 2013-06-27 08:56 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () J:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () J:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () J:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2013-10-19 19:22 - 2014-07-23 17:24 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-10 13:21 - 2014-06-10 13:21 - 08892072 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Jamie\Cookies:X5bbsuNGvYrnZ3A1Dj4m4QXoOWo
AlternateDataStreams: C:\Users\Jamie\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Jamie\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Jamie\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Jamie\AppData\Local\Temp:ykL6IHrpGn7joQjR3yv8IeL
AlternateDataStreams: C:\Users\Jamie\AppData\Local\TlEgZyemtZBn:XAUOSDNrdSJFfilK1ndmv0nh0Rel

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKCU\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34"
HKCU\...\StartupApproved\Run: => "Wondershare Helper Compact"
HKCU\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKCU\...\StartupApproved\Run: => "Window Hide Tool"
HKCU\...\StartupApproved\Run: => "WTFast Tray"
HKCU\...\StartupApproved\Run: => "SpybotSD TeaTimer"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/29/2014 11:09:42 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/28/2014 10:10:30 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/28/2014 08:49:34 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/28/2014 10:58:31 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/27/2014 05:40:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0xd14
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (07/27/2014 09:27:24 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/25/2014 05:10:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHYORE-HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/24/2014 08:29:37 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/24/2014 05:43:25 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/22/2014 08:59:21 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

System errors:
=============
Error: (07/29/2014 00:10:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/29/2014 11:09:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).

Error: (07/29/2014 11:09:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/29/2014 11:09:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064

Error: (07/29/2014 11:09:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SpyHunter 4 Service service failed to start due to the following error: 
%%2

Error: (07/29/2014 11:09:40 AM) (Source: Service Control Manager) (EventID: 7018) (User: )
Description: Detected circular dependencies auto-starting services. Check the service dependency tree.

Error: (07/29/2014 11:09:40 AM) (Source: Service Control Manager) (EventID: 7019) (User: )
Description: The EsgScanner service depends on a service in a group which starts later. Change the order in the service dependency tree to ensure that all services required to start this service are starting before this service is started.

Error: (07/29/2014 11:09:40 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (07/29/2014 11:09:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/29/2014 01:11:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Microsoft Office Sessions:
=========================
Error: (07/29/2014 11:09:42 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/28/2014 10:10:30 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/28/2014 08:49:34 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*J:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllJ:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8

Error: (07/28/2014 10:58:31 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*J:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllJ:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8

Error: (07/27/2014 05:40:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547acd1401cfa9b9760f3f11C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dllbb74613b-15ac-11e4-82c9-ac7289b54888Microsoft.XboxOneSmartGlassBeta_2.2.1407.24001_x64__8wekyb3d8bbweMicrosoft.XboxOneSmartGlass

Error: (07/27/2014 09:27:24 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*J:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllJ:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8

Error: (07/25/2014 05:10:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHYORE-HP)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174

Error: (07/24/2014 08:29:37 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/24/2014 05:43:25 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*J:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllJ:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8

Error: (07/22/2014 08:59:21 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

CodeIntegrity Errors:
===================================
Date: 2014-01-31 08:29:49.614
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 19:47:39.250
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-22 19:23:27.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8139.86 MB
Available physical RAM: 5851.06 MB
Total Pagefile: 16331.86 MB
Available Pagefile: 13904.46 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:83.93 GB) NTFS
Drive d: (K_VOL03) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive j: (Local Disk) (Fixed) (Total:931.51 GB) (Free:372.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 2CC340FC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 92C4F54F)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================


----------



## Phyore (Oct 26, 2011)

Any luck on this?


----------



## Mark1956 (May 7, 2011)

Hi, it has only been a day and as a volunteer helper work has to come first.

There is no sign of anything particularly bad in the logs, just a few items that need to be removed. Please follow the FRST instructions below.

I would also suggest trying this routine on Google to clear the Sync data.

Open Chrome, click on the three bars in the top right hand corner and select *Settings*.
At the top in the text of the next window click on *Google Dashboard*, at the *Chrome sync* screen click on *Stop and Clear* at the bottom. Wait to see the confirmation message:"Finished clearing synced Chrome data".
Shut Google and then open it again and check to see if the problem has gone or not.

You have disabled the Java update service in msconfig which has allowed your version of Java to become out of date which is a security risk. You also have this 64bit version *Java 7 Update 45 (64-bit)* which is not required. The bit rate refers to the browser not the bit rate of Windows. You should uninstall that version and then check for updates for the 32bit version and re-enable the Java Update Scheduler.

Please run this tool and post the log:

Please download Junkware Removal Tool  to your desktop.


Shutdown your antivirus to avoid any conflicts.
Right-mouse click JRT.exe and select Run as administrator *(If using XP just double click on the icon to run it.)*
The tool will open and start scanning your system.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Then follow this:

We are now going to run FRST in a different way.


*IMPORTANT---> *First download the attachment at the bottom of this post by clicking on it and save it in the same location as FRST.
Launch *FRST* by double clicking on it. *DO NOT* click on the *Scan* button or check any of the boxes.
You may see a message that an update is installing, if so the program will close when the update completes, you will then need to double click on *FRST* to open it again.
When the *FRST* window opens click on the *Fix* button *just once* and wait.
You will see a message confirming the fix has been run and the log saved, click on *OK* and the Fixlog will open. *Copy & Paste* the full log it into your next reply.

*NOTE:* This fix has been written specifically for the PC being dealt with in this thread, if you run it on another system it may have undesirable consequences. If you have a similar problem, ask for help by opening a new thread in the appropriate forum.


----------



## Phyore (Oct 26, 2011)

Tried the chrome thing, I oculdn't find the google dashboard bit, might be cause I'm not signed into google on chrome.

JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Jamie on 31/07/2014 at 14:52:42.83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/07/2014 at 14:57:12.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fixlog:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 01
Ran by Jamie at 2014-07-31 14:59:03 Run:1
Running from C:\Users\Jamie\Desktop\SCANS
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Jamie\jagex_cl_runescape_LIVE.dat
C:\Users\Jamie\random.dat
AlternateDataStreams: C:\Users\Jamie\AppData\Local\Temp:ykL6IHrpGn7joQjR3yv8IeL
AlternateDataStreams: C:\Users\Jamie\AppData\Local\TlEgZyemtZBn:XAUOSDNrdSJFfilK1ndmv0nh0Rel
AlternateDataStreams: C:\Users\Jamie\Cookies:X5bbsuNGvYrnZ3A1Dj4m4QXoOWo
*****************

C:\Users\Jamie\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Jamie\random.dat => Moved successfully.
C:\Users\Jamie\AppData\Local\Temp => ":ykL6IHrpGn7joQjR3yv8IeL" ADS removed successfully.
C:\Users\Jamie\AppData\Local\TlEgZyemtZBn => ":XAUOSDNrdSJFfilK1ndmv0nh0Rel" ADS removed successfully.
"C:\Users\Jamie\Cookies" => ":X5bbsuNGvYrnZ3A1Dj4m4QXoOWo" ADS not found.

==== End of Fixlog ====


----------



## Mark1956 (May 7, 2011)

Do you ever sign into Google?


----------



## Phyore (Oct 26, 2011)

Nope lol, I sign into hangouts but never chrome as Firefox is my main browser.


----------



## Mark1956 (May 7, 2011)

Ok, please run this scan and post the log.

*Eset online scan instructions.*
*IMPORTANT --->* Please make sure you follow the instruction to *uncheck* the box next to *Remove found threats*. Eset will detect anything that looks even remotely suspicious, this can include legitimate program files. If you do not uncheck the box, as instructed, Eset will automatically remove all suspect files which could leave some of your software inoperative. If you make a mistake these files can be restored from quarantine, but it would be preferable not to add any extra work to the clean up of your system. I would recommend you print out these instructions before you start unless you have another PC you can view them on during the set up and the copying of the results at the end of the scan.


Disable your existing Anti Virus following these instructions.
Please go here to use the Eset Online Scanner.
When the web page opens click on the button that looks like this:








If you are not using *Internet Explorer* you will see a message box open asking you to download the *ESET Smart Installer*, click on the link and allow it to download and then run it. Accept the *Terms of use* and click on *Start*. The required components will download.
If using Internet Explorer the *EULA* window will open immediately, put a check mark in the box and click on *Start*.
After a short delay the Windows UAC warning will pop up, accept it, then the *Computer scan settings* window will open, click on Advanced Settings and make the settings exactly as shown below:



*NOTE:* If you see the warning at the bottom of the image shown above, which says an Anti Virus program was detected click on Show list to see what is being detected and make sure you have all of the items disabled.
When done, click on *Start*. The virus signature database will then download which may take some time depending on the speed of your internet connection. The scan will automatically start when the download is complete.
This is a very thorough scan and may take several hours to complete depending on how much data you have on your hard drive. *Do not* interrupt it, be patient and let it finish. It is quite normal for the progress bar to appear to have got stuck, especially when it gets up to 99%, ignore it and wait for it to finish, it will get there in the end. Don't click on anything while the scan is running and don't use the computer.
A Scan Results window will appear at the end of the scan. If it lists any number of Infected Files click on List of found threats. Click on Copy to clipboard, come back to this thread and right click on the message box. Select *Paste* and the report will appear, add any comments you have and post the reply.
Back on the *Eset* window, click the *Back* button and then click on *Finish*.


----------



## Phyore (Oct 26, 2011)

Sorry for the delay, scanning as we speak, it is on 43%.


----------



## Mark1956 (May 7, 2011)

No problem, it is a long scan and can often show 99% and stay there for a long time, be patient and it will finish.


----------



## Phyore (Oct 26, 2011)

C:\Program Files\CamStudio 2.7\BunndleOfferManager.exe a variant of Win32/Bunndle potentially unsafe application
C:\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\Users\Jamie\Desktop\Minecraft\Mods\1.6\New_Super_Mario_Forever.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
C:\Users\Jamie\Downloads\pscan13.exe Win32/NetTool.Portscan.AC potentially unsafe application
C:\Users\Jamie\Downloads\Adobe CS6 Master Collection\Crack\Patch.rar a variant of Win32/HackTool.Patcher.BD potentially unsafe application
C:\Users\Jamie\Downloads\IObit Gamebooster v.3 Premium\IObit Gamebooster v.3 Premium.exe a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\Users\Jamie\Downloads\KMSpico 8.9 Final [Offline Activator For Windows and Office] - SceneDL (PimpRG)\KMSpico\KMSpico_Install_v8.9.exe a variant of MSIL/HackTool.IdleKMS.D potentially unsafe application
C:\Users\Jamie\Downloads\KMSpico v9.0.3 Beta By heldigard (26.10.2013)\KMSpico Install.rar a variant of MSIL/HackTool.IdleKMS.D potentially unsafe application
C:\Users\Jamie\Downloads\Norton IS 2012 FINAL + NTR2012 BETA [.h10.]\1BOX_NTR2012_v4.02.rar Win32/Packed.Autoit.E.Gen potentially unwanted application
C:\Users\Jamie\Downloads\Proxy.Labs.ProxyCap.v5.01.Incl.Patch.and.Keymaker-ZWT\keygen.exe a variant of Win32/Keygen.GY potentially unsafe application
C:\Users\Jamie\Downloads\Windows 7 all editions xXxVIGNESHxXx\Windows.7.SP1.ENG.x86-x64.xXxVIGNESH26xXx\tools\enterprise\mini-KMS Activator [1.072]\mKMSAct.exe Win32/HackKMS.B potentially unsafe application
C:\Users\Jamie\Downloads\Windows Loader\Windows Loader.exe Win32/HackTool.WinActivator.I potentially unsafe application
C:\Windows\SECOH-QAD.exe Win64/HackKMS.C potentially unsafe application
C:\Windows.old\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\Windows.old\Users\Jamie\Downloads\pscan13.exe Win32/NetTool.Portscan.AC potentially unsafe application
C:\Windows.old\Users\Jamie\Downloads\Adobe CS6 Master Collection\Crack\Patch.rar a variant of Win32/HackTool.Patcher.BD potentially unsafe application
C:\Windows.old\Users\Jamie\Downloads\IObit Gamebooster v.3 Premium\IObit Gamebooster v.3 Premium.exe a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\Windows.old\Users\Jamie\Downloads\KMSpico 8.9 Final [Offline Activator For Windows and Office] - SceneDL (PimpRG)\KMSpico\KMSpico_Install_v8.9.exe a variant of MSIL/HackTool.IdleKMS.D potentially unsafe application
C:\Windows.old\Users\Jamie\Downloads\KMSpico v9.0.3 Beta By heldigard (26.10.2013)\KMSpico Install.rar a variant of MSIL/HackTool.IdleKMS.D potentially unsafe application
C:\Windows.old\Users\Jamie\Downloads\Norton IS 2012 FINAL + NTR2012 BETA [.h10.]\1BOX_NTR2012_v4.02.rar Win32/Packed.Autoit.E.Gen potentially unwanted application
C:\Windows.old\Users\Jamie\Downloads\Proxy.Labs.ProxyCap.v5.01.Incl.Patch.and.Keymaker-ZWT\keygen.exe a variant of Win32/Keygen.GY potentially unsafe application
C:\Windows.old\Users\Jamie\Downloads\Windows 7 all editions xXxVIGNESHxXx\Windows.7.SP1.ENG.x86-x64.xXxVIGNESH26xXx\tools\enterprise\mini-KMS Activator [1.072]\mKMSAct.exe Win32/HackKMS.B potentially unsafe application
C:\Windows.old\Users\Jamie\Downloads\Windows Loader\Windows Loader.exe Win32/HackTool.WinActivator.I potentially unsafe application
J:\Program Files\KMSpico\AutoPico.exe a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application
J:\Program Files\KMSpico\KMSELDI.exe a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application
J:\Program Files\KMSpico\Service_KMS.exe a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application
J:\Users\Jamie\Desktop\Minecraft\Mods\1.6\New_Super_Mario_Forever.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
J:\Users\Jamie\Downloads\pscan13.exe Win32/NetTool.Portscan.AC potentially unsafe application
J:\Users\Jamie\Downloads\Adobe CS6 Master Collection\Crack\Patch.rar a variant of Win32/HackTool.Patcher.BD potentially unsafe application
J:\Users\Jamie\Downloads\IObit Gamebooster v.3 Premium\IObit Gamebooster v.3 Premium.exe a variant of Win32/Toolbar.Widgi potentially unwanted application
J:\Users\Jamie\Downloads\KMSpico 8.9 Final [Offline Activator For Windows and Office] - SceneDL (PimpRG)\KMSpico\KMSpico_Install_v8.9.exe a variant of MSIL/HackTool.IdleKMS.D potentially unsafe application
J:\Users\Jamie\Downloads\KMSpico v9.0.3 Beta By heldigard (26.10.2013)\KMSpico Install.rar a variant of MSIL/HackTool.IdleKMS.D potentially unsafe application
J:\Users\Jamie\Downloads\Norton IS 2012 FINAL + NTR2012 BETA [.h10.]\1BOX_NTR2012_v4.02.rar Win32/Packed.Autoit.E.Gen potentially unwanted application
J:\Users\Jamie\Downloads\Proxy.Labs.ProxyCap.v5.01.Incl.Patch.and.Keymaker-ZWT\keygen.exe a variant of Win32/Keygen.GY potentially unsafe application
J:\Users\Jamie\Downloads\Windows 7 all editions xXxVIGNESHxXx\Windows.7.SP1.ENG.x86-x64.xXxVIGNESH26xXx\tools\enterprise\mini-KMS Activator [1.072]\mKMSAct.exe Win32/HackKMS.B potentially unsafe application
J:\Users\Jamie\Downloads\Windows Loader\Windows Loader.exe Win32/HackTool.WinActivator.I potentially unsafe application
J:\Users\Phyore\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
J:\Users\Phyore\Desktop\Phone backup\Apps\Draw Some.apk a variant of Android/Inmobi.A potentially unsafe application
J:\Users\Phyore\Desktop\Phone backup\Apps\Sms Quick Delete.apk a variant of Android/AdDisplay.Wooboo.C potentially unwanted application
J:\Users\Phyore\Desktop\Phone backup\Apps\Tap Tap 4.apk a variant of Android/Inmobi.A potentially unsafe application
J:\Users\Phyore\Desktop\USB\xf-a2012-64bits.rar Win32/Keygen.BL potentially unsafe application
J:\Users\Phyore\Desktop\USB\Windows 7 Loader + Activator v2.0.6 Reloaded - DAZ [BRiNGiT]\Windows.7.Loader.v2.0.6 Reloaded -DAZ [BRiNGiT].rar Win32/HackTool.WinActivator.I potentially unsafe application
J:\Windows.old\Program Files\KMSpico\KMSELDI.exe a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application
J:\Windows.old\Program Files (x86)\Cube World\serverlauncher.exe probably unknown NewHeur_PE virus
J:\Windows.old\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application


----------



## Mark1956 (May 7, 2011)

*IMPORTANT NOTE*: *Your scan log results indicate you are using keygens/crack tools*.

The practice of using cracking tools, keygens, warez or any pirated software is not only considered *illegal activity* but it is a *serious security risk*.



> *Cracking applications are used for illegally breaking* (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.


trendmicro.com/vinfo



> ...*warez* and *crack web pages* are being *used by cybercriminals as download sites for malware* related to *VIRUT* and *VIRUX*. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...


Keygen and Crack Sites Distribute VIRUX and FakeAV



> ...*warez/piracy sites ranked the highest in downloading spyware*...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often *the machine is trashed and rendered useless*.


University of Washington spyware study



> ...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, *software cracking type sites*...they *sneak malware onto your system*...*Where do trojan viruses originate*? One of the biggest malware distributors on the Internet are serial/warez/code *cracking sites*.


Bad Web Sites: Malware

When you use these kind of programs, be *forewarned* that some of the *worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites*. In many cases, those sites are *infested with a smörgåsbord of malware* and an increasing source of system infection. *Those who attempt to get software for free can end up with a computer system so* *badly damaged that recovery is not possible and it cannot be repaired*. When that happens there is nothing you can do besides *reformatting* and reinstalling the OS.

Before continuing, you will need to *remove all cracks* and *keygens* immediately to reduce the risk of infection/reinfection. If not, then *we are just wasting time* trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so they need to be removed.

When done, please do a repeat scan with Eset and post the new log, then run this:

Please download CKScanner and save it to your Desktop. <-Important!!!
 Double-click on *CKScanner.exe* and click *Search For Files.*
Vista/Windows 7 users right-click and select Run As Administrator.
 After a very short time, when the cursor hourglass disappears, click *Save List To File.*
 A text file will be created on your desktop named *ckfiles.txt. *
 Click OK at the file saved message box.
 Double-click the ckfiles.txt icon on your desktop to open the log and copy/paste the contents in your next reply.


----------



## Mark1956 (May 7, 2011)

Please read the post above.

Looking through your installed programs list I can see KMSpico v9.2.3 which is used to by pass windows activation, this casts serious doubt as to whether your copy of Windows 8.1 or Office 2013 are genuine. Please tell me if you have a genuine license for Windows 8.1 or Office 2013, if you do then why is KMSpico installed?


----------



## Phyore (Oct 26, 2011)

My Windows is geniune, my office is not as of yet. Planning on changing that come pay day  I shall follow the above post to remove all of them though and I shall then reply back!


----------



## Phyore (Oct 26, 2011)

C:\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\Windows.old\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
J:\Users\Phyore\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
J:\Windows.old\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application


I will get the other scan when I wake up


----------



## Mark1956 (May 7, 2011)

Ok, just post when you are ready.


----------



## Phyore (Oct 26, 2011)

Uploaded to pastebin due to post size limit: http://pastebin.com/GFXDQdzn


----------



## Mark1956 (May 7, 2011)

Ok, please now run the Eset scan again, you must have the settings exactly as shown in post 19 with the addition of having the box ticked next to Remove Found Threats. Please post the log when done.

If you have not done so already, please uninstall the pirated copy of Office and KMSpico as I will not give assistance for a PC running pirated Microsoft products.

When complete please run FRST again, when the window opens put a check mark next to Addition.txt before you run the scan, it will then produce two new logs, please post them.


----------



## Phyore (Oct 26, 2011)

C:\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
C:\Windows.old\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
J:\Users\Phyore\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined
J:\Windows.old\Users\Jamie\AppData\Local\Viber\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application deleted - quarantined

Also office uninstalled, 

FRST list to come shortly.


----------



## Phyore (Oct 26, 2011)

FRST.txt
http://pastebin.com/vZKWH5wf

Addition.txt
http://pastebin.com/EsWEAPbb


----------



## Mark1956 (May 7, 2011)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 01
Ran by Jamie (administrator) on PHYORE-HP on 06-08-2014 19:32:05
Running from C:\Users\Jamie\Desktop\SCANS
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SUPERAntiSpyware.com) J:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Safer Networking Ltd.) J:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite\hpMonitor.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwjd.exe
(Hewlett-Packard ) C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jamie\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [Window Hide Tool] => J:\Program Files (x86)\Window Hide Tool\Window Hide Tool.exe [307200 2008-01-18] (FOMINE SOFTWARE)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [WTFast Tray] => J:\Program Files (x86)\WTFast\WTFast.exe [4260456 2014-05-26] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [SpybotSD TeaTimer] => J:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-07-30] (Raptr, Inc)
HKU\S-1-5-21-497589721-493781404-738327830-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HPMonitor.exe.lnk
ShortcutTarget: HPMonitor.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite\hpMonitor.exe (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpwjd.exe.lnk
ShortcutTarget: hpwjd.exe.lnk -> C:\ProgramData\HP Mouse Suite Config\hpwjd.exe (Hewlett-Packard )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpwmsd.exe.lnk
ShortcutTarget: hpwmsd.exe.lnk -> C:\ProgramData\HP Mouse Suite Config\hpwmsd.exe (Hewlett-Packard )
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (No File)
ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE521BAB1279ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB,en;q=0.7,ja;q=0.3
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> J:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer]8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Homepage: https://www.google.co.uk/
FF Keyword.URL: hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=
FF NetworkProxy: "backup.ftp", "187.162.253.250"
FF NetworkProxy: "backup.ftp_port", 8888
FF NetworkProxy: "backup.socks", "187.162.253.250"
FF NetworkProxy: "backup.socks_port", 8888
FF NetworkProxy: "backup.ssl", "187.162.253.250"
FF NetworkProxy: "backup.ssl_port", 8888
FF NetworkProxy: "ftp", "187.162.253.250"
FF NetworkProxy: "ftp_port", 8888
FF NetworkProxy: "http", "187.162.253.250"
FF NetworkProxy: "http_port", 8888
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "187.162.253.250"
FF NetworkProxy: "socks_port", 8888
FF NetworkProxy: "ssl", "187.162.253.250"
FF NetworkProxy: "ssl_port", 8888
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Jamie\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 - J:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: BYOND - J:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll (BYOND)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: FoxyProxy Standard - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2014-03-08]
FF Extension: Tilt - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Display Control Panel - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{2B595628-FC5A-905D-551C-31B89AC7457F} [2014-07-14]
FF Extension: HP Detect - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-11-22]
FF Extension: Page Speed - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2013-10-19]
FF Extension: Firebug - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Enhanced Steam - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2014-06-24]
FF Extension: New Tab Tools - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Pastebin - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: SQLite Manager - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\[email protected] [2013-10-19]
FF Extension: Stylish - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-10-19]
FF Extension: eBay Sidebar for Firefox - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2014-02-16]
FF Extension: NoScript - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-08]
FF Extension: FFXI Helper - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{89c9e067-2605-4f75-a608-f6ea31c9d085}.xpi [2013-10-19]
FF Extension: Web Developer - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-10-19]
FF Extension: Adblock Plus - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-19]
FF Extension: DownThemAll! - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-10-19]
FF Extension: Greasemonkey - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-10-19]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-10-20]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-08-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-12-20]

Chrome: 
=======
CHR HomePage: https://www.google.co.uk/
CHR StartupUrls: "hxxp://www.google.co.uk/", "hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=e2332e27-91a1-4caa-94f1-98d6c52f9575&searchtype=hp&installDate=10/04/2013"
CHR Extension: (Google Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-19]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-19]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-08-01]
CHR Extension: (Adblock Plus) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-01]
CHR Extension: (Google Search) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-19]
CHR Extension: (Tampermonkey) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-08-01]
CHR Extension: (Google Calendar) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-08-01]
CHR Extension: (Hola Better Internet) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-08-01]
CHR Extension: (Stylish) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-08-01]
CHR Extension: (Hola Better Internet) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-01]
CHR Extension: (Facebook Fast Delete Messages) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmpnhheahecaojonebajllddfhpilan [2014-08-01]
CHR Extension: (Norton Security Toolbar) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-21]
CHR Extension: (Hangouts) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-19]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-19]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; J:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5148240 2013-07-22] (INCA Internet Co., Ltd.)
S2 PinnacleUpdateSvc; J:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 SBSDWSCService; J:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-07-24] (Sony Mobile Communications)
R3 HP8207_8307; C:\Windows\System32\drivers\HP8207_8307.sys [15360 2010-02-04] (Windows (R) Win 7 DDK provider)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140805.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
S3 intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [8982208 2012-07-25] (Intel Corporation) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140805.017\ENG64.SYS [126040 2014-08-01] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140805.017\EX64.SYS [2099288 2014-08-01] (Symantec Corporation)
R1 SASDIFSV; J:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; J:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1504000.00D\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 X6va015; \??\C:\WINDOWS\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-06 19:29 - 2014-08-06 19:29 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-06 19:29 - 2014-08-06 19:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-06 19:29 - 2014-08-06 19:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-06 19:29 - 2014-08-06 19:29 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-06 19:29 - 2014-08-06 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-06 19:29 - 2014-08-06 19:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-05 10:30 - 2014-08-05 10:30 - 00000014 _____ () C:\Users\Jamie\Desktop\tony.txt
2014-08-05 08:43 - 2014-08-05 08:47 - 00125995 _____ () C:\Users\Jamie\Desktop\ckfiles.txt
2014-08-04 23:48 - 2014-08-04 23:48 - 00468480 _____ () C:\Users\Jamie\Desktop\ckscanner.exe
2014-08-03 20:03 - 2014-08-03 20:03 - 00495616 _____ (Simon Tatham) C:\Users\Jamie\Desktop\putty.exe
2014-08-02 23:28 - 2014-08-02 23:32 - 566995427 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 05 [1080p].mkv
2014-08-02 23:24 - 2014-08-02 23:27 - 584449164 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 18 [1080p].mkv
2014-08-02 10:27 - 2014-08-02 10:27 - 00000000 ____D () C:\ProgramData\ATI
2014-08-01 23:57 - 2014-08-01 23:57 - 00002315 _____ () C:\Users\Jamie\Desktop\Chrome App Launcher.lnk
2014-08-01 23:57 - 2014-08-01 23:57 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 21:33 - 2014-08-01 21:33 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-01 21:33 - 2014-08-01 21:33 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\library_dir
2014-08-01 21:32 - 2014-08-06 19:24 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Raptr
2014-08-01 21:32 - 2014-08-02 10:27 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-01 21:32 - 2014-08-01 21:32 - 00061828 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012132470240.log
2014-08-01 21:32 - 2014-08-01 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-01 21:32 - 2014-08-01 21:32 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-01 21:31 - 2014-08-01 21:31 - 00065660 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012131586402.log
2014-08-01 21:28 - 2014-04-18 05:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-08-01 21:28 - 2014-04-18 05:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-08-01 21:28 - 2014-04-18 05:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-08-01 21:28 - 2014-04-18 05:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-08-01 21:28 - 2014-04-18 05:42 - 08010968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-08-01 21:28 - 2014-04-18 05:42 - 07520200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-08-01 21:28 - 2014-04-18 05:42 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2014-08-01 21:28 - 2014-04-18 05:42 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2014-08-01 21:28 - 2014-04-18 05:42 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-08-01 21:28 - 2014-04-18 05:42 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2014-08-01 21:28 - 2014-04-18 05:36 - 15376384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-08-01 21:28 - 2014-04-18 05:23 - 00231424 _____ () C:\WINDOWS\system32\clinfo.exe
2014-08-01 21:28 - 2014-04-18 05:22 - 28685824 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-08-01 21:28 - 2014-04-18 05:22 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-08-01 21:28 - 2014-04-18 05:22 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-08-01 21:28 - 2014-04-18 05:22 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-08-01 21:28 - 2014-04-18 05:22 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-08-01 21:28 - 2014-04-18 05:19 - 24107520 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-08-01 21:28 - 2014-04-18 05:17 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-08-01 21:28 - 2014-04-18 05:17 - 00058880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-08-01 21:28 - 2014-04-18 05:15 - 00420864 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-08-01 21:28 - 2014-04-18 05:14 - 00134144 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-08-01 21:28 - 2014-04-18 05:14 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-08-01 21:28 - 2014-04-18 05:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2014-08-01 21:28 - 2014-04-18 05:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2014-08-01 21:28 - 2014-04-18 05:12 - 27907584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-08-01 21:28 - 2014-04-18 05:12 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2014-08-01 21:28 - 2014-04-18 04:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2014-08-01 21:28 - 2014-04-18 04:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-08-01 21:28 - 2014-04-18 04:46 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-08-01 21:28 - 2014-04-18 04:46 - 00580816 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-08-01 21:28 - 2014-04-18 04:46 - 00580816 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-08-01 21:28 - 2014-04-18 04:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-08-01 21:28 - 2014-04-18 04:46 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-08-01 21:28 - 2014-04-18 04:46 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-08-01 21:28 - 2014-04-18 04:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-08-01 21:28 - 2014-04-18 04:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-08-01 21:28 - 2014-04-18 04:45 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2014-08-01 21:28 - 2014-04-18 04:45 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2014-08-01 21:28 - 2014-04-18 04:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-08-01 21:28 - 2014-04-18 04:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2014-08-01 21:28 - 2014-04-18 04:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2014-08-01 21:28 - 2014-04-18 04:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-08-01 21:28 - 2014-04-18 04:30 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-08-01 21:28 - 2014-04-18 04:29 - 00586240 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-08-01 21:28 - 2014-04-18 04:29 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-08-01 21:28 - 2014-04-18 04:28 - 03437632 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-08-01 21:28 - 2014-04-18 04:28 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-08-01 21:28 - 2014-04-18 04:21 - 00806912 _____ (AMD) C:\WINDOWS\system32\coinst_14.100.dll
2014-08-01 21:28 - 2014-04-18 04:17 - 03471376 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-08-01 21:28 - 2014-04-18 04:09 - 01177600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-08-01 21:28 - 2014-04-18 04:09 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-08-01 21:28 - 2014-04-18 04:07 - 00638976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-08-01 21:28 - 2014-04-18 04:07 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-08-01 21:28 - 2014-04-18 04:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-08-01 21:28 - 2014-04-18 04:07 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-08-01 21:28 - 2014-04-18 04:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-08-01 21:28 - 2014-04-18 04:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-08-01 21:28 - 2014-04-18 04:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-08-01 21:28 - 2014-04-10 20:58 - 00082128 _____ () C:\WINDOWS\system32\ativce02.dat
2014-08-01 21:28 - 2014-04-01 01:06 - 00234804 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2014-08-01 21:28 - 2014-04-01 01:04 - 00233008 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2014-08-01 21:28 - 2014-02-06 18:45 - 00134192 _____ () C:\WINDOWS\system32\ativce03.dat
2014-08-01 21:28 - 2014-01-16 20:00 - 00273712 _____ () C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2014-08-01 21:28 - 2014-01-16 19:59 - 00275124 _____ () C:\WINDOWS\system32\ativvaxy_vi.dat
2014-08-01 21:28 - 2014-01-16 11:34 - 00723841 _____ () C:\WINDOWS\system32\atiicdxx.dat
2014-08-01 21:03 - 2014-08-01 21:03 - 00066505 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012103445870.log
2014-08-01 21:02 - 2014-08-01 21:02 - 00060279 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012102064962.log
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Program Files\AMD
2014-08-01 21:01 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2014-08-01 21:00 - 2014-06-05 15:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-01 21:00 - 2014-06-05 14:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-01 21:00 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-01 21:00 - 2014-05-31 11:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-01 21:00 - 2014-05-31 11:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-01 21:00 - 2014-05-31 11:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-01 21:00 - 2014-05-31 11:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-01 21:00 - 2014-05-31 11:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-01 21:00 - 2014-05-31 07:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-01 21:00 - 2014-05-31 07:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-01 21:00 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-01 21:00 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-01 21:00 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-01 21:00 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-01 21:00 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-01 21:00 - 2014-05-27 16:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-01 21:00 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-01 21:00 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-01 21:00 - 2014-05-17 05:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-01 21:00 - 2014-05-17 05:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-01 21:00 - 2014-05-14 23:47 - 04720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-01 21:00 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-01 21:00 - 2014-05-13 06:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-01 21:00 - 2014-05-13 05:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-01 21:00 - 2014-05-13 05:27 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-01 21:00 - 2014-05-13 05:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-01 21:00 - 2014-05-13 04:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-01 21:00 - 2014-05-13 04:41 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-01 21:00 - 2014-05-13 04:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-01 21:00 - 2014-05-03 12:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-01 21:00 - 2014-05-03 10:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-01 21:00 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-01 21:00 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-01 21:00 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-01 21:00 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-01 21:00 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-01 21:00 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-01 21:00 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-01 21:00 - 2014-05-03 04:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-01 21:00 - 2014-05-03 04:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-01 21:00 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-01 21:00 - 2014-05-01 06:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-01 21:00 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-01 21:00 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-01 21:00 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-01 21:00 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-01 21:00 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-01 21:00 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-01 21:00 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-01 21:00 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-01 21:00 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-01 21:00 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-01 21:00 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-01 21:00 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-01 21:00 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-01 21:00 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-01 21:00 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-01 21:00 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-01 21:00 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-01 21:00 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-01 21:00 - 2014-04-26 23:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-01 21:00 - 2014-04-26 21:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-01 21:00 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-01 21:00 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-01 21:00 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-01 21:00 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-01 21:00 - 2014-04-09 07:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-01 21:00 - 2014-04-09 06:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-01 20:09 - 2014-08-01 20:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-01 19:20 - 2014-08-01 19:20 - 00284472 _____ () C:\WINDOWS\Minidump\080114-10171-01.dmp
2014-08-01 17:20 - 2014-08-01 17:36 - 3201204412 ____R () C:\Users\Jamie\Downloads\Story Patch 7-20-2014.rar
2014-07-31 19:14 - 2014-07-31 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHANTASY STAR ONLINE 2
2014-07-31 14:57 - 2014-07-31 14:57 - 00000614 _____ () C:\Users\Jamie\Desktop\JRT.txt
2014-07-31 14:50 - 2014-07-31 14:50 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Oracle
2014-07-31 14:49 - 2014-07-31 14:49 - 00004578 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-30 19:11 - 2014-08-02 21:06 - 00000000 ____D () C:\Users\Jamie\Documents\ArcheAge
2014-07-30 19:11 - 2014-07-30 19:11 - 00000000 ____D () C:\ArcheAge
2014-07-29 18:27 - 2014-08-06 19:32 - 00000000 ____D () C:\Users\Jamie\Desktop\SCANS
2014-07-29 18:27 - 2014-08-06 19:32 - 00000000 ____D () C:\FRST
2014-07-28 23:10 - 2014-08-01 01:07 - 00000000 ____D () C:\Users\Jamie\Downloads\[DAE] The World God Only Knows [BD.x264.1080p.AAC]
2014-07-27 22:59 - 2014-07-27 23:04 - 584087399 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 17 [1080p].mkv
2014-07-27 22:58 - 2014-07-27 23:04 - 568301507 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 04 [1080p].mkv
2014-07-27 09:14 - 2014-07-30 10:28 - 00000000 ____D () C:\Program Files (x86)\Elite Hunting Log
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elite Hunting Log
2014-07-25 21:12 - 2014-07-25 21:12 - 00005550 _____ () C:\Users\Jamie\Desktop\ph.txt
2014-07-24 16:43 - 2014-07-24 16:43 - 00030424 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggsomc.sys
2014-07-24 16:43 - 2014-07-24 16:43 - 00016088 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggflt.sys
2014-07-24 16:37 - 2014-07-24 16:37 - 06339727 _____ () C:\Users\Jamie\Desktop\wordpress-3.9.1.zip
2014-07-24 16:36 - 2014-07-24 16:36 - 00002042 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-07-24 13:11 - 2014-07-24 13:11 - 00000000 ____D () C:\SUPERDelete
2014-07-24 13:08 - 2014-07-24 13:08 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-20 22:29 - 2014-07-20 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2014-07-20 22:13 - 2014-07-20 22:13 - 00000000 ____D () C:\WINDOWS\pss
2014-07-20 22:01 - 2014-07-20 22:01 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-20 21:55 - 2014-07-29 11:08 - 00000000 ____D () C:\AdwCleaner
2014-07-20 21:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-20 16:52 - 2014-07-20 16:52 - 00013795 _____ () C:\Users\Jamie\Desktop\hijackthis.log
2014-07-20 16:51 - 2014-07-20 16:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jamie\Desktop\HijackThis.exe
2014-07-20 00:17 - 2014-07-20 00:43 - 934489494 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 03 [1080p].mkv
2014-07-20 00:13 - 2014-07-20 00:16 - 585974408 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 16 [1080p].mkv
2014-07-18 22:48 - 2014-07-18 23:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-18 22:48 - 2014-07-18 22:48 - 00000977 _____ () C:\Users\Jamie\Desktop\Spybot - Search & Destroy.lnk
2014-07-18 22:48 - 2014-07-18 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-18 22:47 - 2014-07-18 22:47 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jamie\Desktop\spybotsd162.exe
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-07-18 13:07 - 2014-07-18 13:07 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Skyrim
2014-07-17 00:56 - 2014-07-17 00:58 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\libraries
2014-07-17 00:56 - 2014-07-17 00:58 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\assets
2014-07-17 00:56 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\versions
2014-07-17 00:50 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Direwolf20_1_6_4
2014-07-17 00:24 - 2014-07-17 00:50 - 00000000 ____D () C:\Users\Jamie\AppData\Local\ftblauncher
2014-07-16 21:58 - 2014-07-16 21:58 - 00096556 _____ () C:\Users\Jamie\Desktop\latest.log
2014-07-15 10:50 - 2014-05-15 13:19 - 00013824 _____ (Kephyr) C:\WINDOWS\system32\ffnd.exe
2014-07-15 10:43 - 2014-07-15 10:46 - 00000000 ____D () C:\Users\Jamie\AppData\Local\FreeFixer
2014-07-15 10:43 - 2014-07-15 10:43 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\FreeFixer
2014-07-15 10:43 - 2014-05-15 13:19 - 00000000 ____D () C:\Users\Jamie\Desktop\freefixer_portable
2014-07-15 10:35 - 2014-07-15 10:35 - 00280776 _____ () C:\WINDOWS\Minidump\071514-7234-01.dmp
2014-07-15 01:47 - 2014-07-15 01:47 - 00000000 ____D () C:\ProgramData\SMR410
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 _____ () C:\autoexec.bat
2014-07-15 00:44 - 2014-07-15 01:49 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-15 00:30 - 2014-07-15 00:30 - 00001394 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-07-15 00:28 - 2014-07-15 01:48 - 00000000 ____D () C:\NPE
2014-07-15 00:28 - 2014-05-28 14:03 - 00242878 _____ () C:\WINDOWS\ntbtlog.txt.bak
2014-07-15 00:27 - 2014-07-15 01:47 - 00000000 ____D () C:\Users\Jamie\AppData\Local\NPE
2014-07-15 00:27 - 2014-07-15 00:27 - 03077584 ____N (Symantec Corporation) C:\Users\Jamie\Desktop\NPE.exe
2014-07-14 19:17 - 2014-07-25 17:10 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 19:17 - 2014-07-14 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 19:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-14 19:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-14 18:47 - 2014-07-14 18:47 - 00002667 _____ () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\resmon.lnk
2014-07-14 18:25 - 2014-07-24 17:31 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Uwlxmedia
2014-07-14 18:23 - 2014-07-14 18:23 - 00000000 ____D () C:\Users\Jamie\Downloads\D3DGear
2014-07-13 21:07 - 2014-07-13 21:07 - 00000000 ____D () C:\Users\Jamie\Documents\Roms
2014-07-13 20:58 - 2014-07-13 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-13 20:53 - 2014-07-13 20:54 - 04489075 _____ ( ) C:\Users\Jamie\Desktop\setup Project64 2.1.exe
2014-07-13 20:29 - 2014-07-13 20:29 - 00195485 _____ () C:\Users\Jamie\Desktop\MyCommand.jar
2014-07-13 18:07 - 2014-07-13 18:07 - 00000893 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-07-13 16:52 - 2014-07-13 16:52 - 00000000 ____D () C:\Users\Jamie\Desktop\SMART
2014-07-13 16:50 - 2014-07-13 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-07-12 19:22 - 2014-07-12 19:22 - 00000000 ____D () C:\Users\Jamie\AppData\Local\SyndicatedLife
2014-07-12 19:20 - 2014-07-12 19:20 - 00000000 ____D () C:\Users\Jamie\Documents\FFXIVAPP
2014-07-12 19:19 - 2014-07-12 19:22 - 00000000 ____D () C:\Users\Jamie\Desktop\FFXIV-APP
2014-07-10 22:30 - 2014-07-10 22:30 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\LOVE
2014-07-10 22:29 - 2014-07-10 22:29 - 05565454 _____ () C:\Users\Jamie\Desktop\mari0-win.zip
2014-07-10 22:29 - 2014-07-10 22:29 - 00000000 ____D () C:\Users\Jamie\Desktop\mari0-win
2014-07-10 01:44 - 2014-07-12 23:12 - 00000000 ____D () C:\Users\Jamie\Downloads\Date A Live S2
2014-07-09 21:11 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 21:09 - 2014-07-09 21:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 18:58 - 2014-05-31 11:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 18:58 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 18:58 - 2014-05-31 04:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 18:58 - 2014-05-31 04:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 18:58 - 2014-05-31 04:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 18:58 - 2014-05-31 04:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 18:58 - 2014-05-31 04:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 18:58 - 2014-05-31 04:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 18:58 - 2014-05-31 03:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 18:58 - 2014-05-31 03:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 18:58 - 2014-05-31 03:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 18:58 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 18:58 - 2014-05-31 03:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 18:58 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 18:58 - 2014-05-31 03:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 18:57 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 18:57 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 18:57 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 18:57 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 18:57 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 18:57 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 18:57 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 18:57 - 2014-06-19 00:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 18:57 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 18:57 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 18:57 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 18:57 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 18:57 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 18:57 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 18:57 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 18:57 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 18:57 - 2014-06-18 23:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 18:57 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 18:57 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 18:57 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 18:57 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 18:57 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 18:57 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 18:57 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 18:57 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 18:57 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 18:57 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 18:57 - 2014-06-16 23:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 18:57 - 2014-06-16 23:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 18:57 - 2014-06-06 15:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 18:57 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 18:57 - 2014-05-29 13:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 18:57 - 2014-05-29 08:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 18:57 - 2014-05-29 07:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 18:57 - 2014-05-29 07:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 18:57 - 2014-05-29 06:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 18:57 - 2014-05-29 06:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 18:56 - 2014-06-30 23:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 18:56 - 2014-06-28 08:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 18:56 - 2014-06-28 08:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 18:56 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 18:56 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 19:07 - 2014-07-08 19:07 - 05659136 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-06 19:32 - 2014-07-29 18:27 - 00000000 ____D () C:\Users\Jamie\Desktop\SCANS
2014-08-06 19:32 - 2014-07-29 18:27 - 00000000 ____D () C:\FRST
2014-08-06 19:29 - 2014-08-06 19:29 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-06 19:29 - 2014-08-06 19:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-06 19:29 - 2014-08-06 19:29 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-06 19:29 - 2014-08-06 19:29 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-06 19:29 - 2014-08-06 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-06 19:29 - 2014-08-06 19:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-06 19:29 - 2013-10-19 20:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-06 19:26 - 2013-10-19 19:21 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{57548887-F317-4E93-9757-2C5235D3754A}
2014-08-06 19:24 - 2014-08-01 21:32 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Raptr
2014-08-06 19:23 - 2014-02-09 15:52 - 00000000 __RDO () C:\Users\Jamie\SkyDrive
2014-08-06 19:23 - 2013-10-19 22:04 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-06 19:23 - 2013-10-19 19:15 - 02050588 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-06 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-06 11:07 - 2013-10-19 19:25 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-06 10:34 - 2013-10-19 22:04 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-06 10:31 - 2013-10-19 19:24 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-497589721-493781404-738327830-1001
2014-08-06 10:26 - 2013-10-20 01:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-06 10:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-06 10:25 - 2013-09-30 04:51 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-08-06 10:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-06 10:23 - 2013-08-22 14:25 - 00000076 _____ () C:\WINDOWS\win.ini
2014-08-06 01:50 - 2014-02-02 21:02 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-08-06 00:58 - 2013-10-19 19:47 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Viber
2014-08-06 00:49 - 2013-10-21 22:59 - 00004962 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for PHYORE-HP-Jamie Phyore-HP
2014-08-05 23:35 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\vlc
2014-08-05 10:30 - 2014-08-05 10:30 - 00000014 _____ () C:\Users\Jamie\Desktop\tony.txt
2014-08-05 08:47 - 2014-08-05 08:43 - 00125995 _____ () C:\Users\Jamie\Desktop\ckfiles.txt
2014-08-05 04:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-04 23:48 - 2014-08-04 23:48 - 00468480 _____ () C:\Users\Jamie\Desktop\ckscanner.exe
2014-08-04 23:21 - 2013-10-19 19:46 - 00000000 ____D () C:\Users\Jamie\AppData\Local\CrashDumps
2014-08-03 23:06 - 2013-11-12 21:15 - 00509302 _____ () C:\WINDOWS\system32\perfh011.dat
2014-08-03 23:06 - 2013-11-12 21:15 - 00136508 _____ () C:\WINDOWS\system32\perfc011.dat
2014-08-03 23:06 - 2013-09-30 05:04 - 01504416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-03 20:10 - 2014-03-01 19:35 - 00000600 _____ () C:\Users\Jamie\AppData\Local\PUTTY.RND
2014-08-03 20:03 - 2014-08-03 20:03 - 00495616 _____ (Simon Tatham) C:\Users\Jamie\Desktop\putty.exe
2014-08-03 02:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-02 23:34 - 2013-11-03 10:13 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-02 23:33 - 2013-10-19 19:47 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\BitTorrent
2014-08-02 23:32 - 2014-08-02 23:28 - 566995427 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 05 [1080p].mkv
2014-08-02 23:27 - 2014-08-02 23:24 - 584449164 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 18 [1080p].mkv
2014-08-02 23:15 - 2013-10-19 19:51 - 00906752 ___SH () C:\Users\Jamie\Desktop\Thumbs.db
2014-08-02 21:06 - 2014-07-30 19:11 - 00000000 ____D () C:\Users\Jamie\Documents\ArcheAge
2014-08-02 10:46 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-02 10:27 - 2014-08-02 10:27 - 00000000 ____D () C:\ProgramData\ATI
2014-08-02 10:27 - 2014-08-01 21:32 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-01 23:57 - 2014-08-01 23:57 - 00002315 _____ () C:\Users\Jamie\Desktop\Chrome App Launcher.lnk
2014-08-01 23:57 - 2014-08-01 23:57 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 21:33 - 2014-08-01 21:33 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-01 21:33 - 2014-08-01 21:33 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\library_dir
2014-08-01 21:32 - 2014-08-01 21:32 - 00061828 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012132470240.log
2014-08-01 21:32 - 2014-08-01 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-01 21:32 - 2014-08-01 21:32 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-01 21:32 - 2013-11-22 20:23 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-08-01 21:32 - 2013-11-22 20:22 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-01 21:32 - 2013-10-20 03:48 - 00000000 ____D () C:\ProgramData\AMD
2014-08-01 21:31 - 2014-08-01 21:31 - 00065660 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012131586402.log
2014-08-01 21:11 - 2013-09-30 04:55 - 00306256 _____ () C:\WINDOWS\PFRO.log
2014-08-01 21:11 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-01 21:11 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-01 21:03 - 2014-08-01 21:03 - 00066505 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012103445870.log
2014-08-01 21:02 - 2014-08-01 21:02 - 00060279 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201408012102064962.log
2014-08-01 21:02 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Skype
2014-08-01 21:02 - 2013-10-19 19:15 - 00000000 ____D () C:\Users\Jamie
2014-08-01 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-01 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-01 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-08-01 21:01 - 2014-08-01 21:01 - 00000000 ____D () C:\Program Files\AMD
2014-08-01 21:01 - 2013-11-22 20:12 - 00000000 ____D () C:\AMD
2014-08-01 20:53 - 2013-10-19 19:39 - 00205570 _____ () C:\WINDOWS\DirectX.log
2014-08-01 20:09 - 2014-08-01 20:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-01 19:20 - 2014-08-01 19:20 - 00284472 _____ () C:\WINDOWS\Minidump\080114-10171-01.dmp
2014-08-01 19:20 - 2014-04-24 10:24 - 00119296 _____ () C:\WINDOWS\SysWOW64\zlib.dll
2014-08-01 19:20 - 2014-01-21 01:53 - 873088622 _____ () C:\WINDOWS\MEMORY.DMP
2014-08-01 19:20 - 2014-01-21 01:53 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-01 19:20 - 2013-11-11 00:25 - 00000000 ____D () C:\Users\Jamie\Desktop\PSO2
2014-08-01 17:36 - 2014-08-01 17:20 - 3201204412 ____R () C:\Users\Jamie\Downloads\Story Patch 7-20-2014.rar
2014-08-01 16:58 - 2013-11-21 09:57 - 01002418 _____ () C:\translation.bin
2014-08-01 16:58 - 2013-11-21 09:57 - 00044544 _____ () C:\translator.dll
2014-08-01 01:07 - 2014-07-28 23:10 - 00000000 ____D () C:\Users\Jamie\Downloads\[DAE] The World God Only Knows [BD.x264.1080p.AAC]
2014-07-31 20:19 - 2013-10-19 19:46 - 00007602 _____ () C:\Users\Jamie\AppData\Local\resmon.resmoncfg
2014-07-31 19:17 - 2013-12-30 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-07-31 19:14 - 2014-07-31 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHANTASY STAR ONLINE 2
2014-07-31 14:57 - 2014-07-31 14:57 - 00000614 _____ () C:\Users\Jamie\Desktop\JRT.txt
2014-07-31 14:50 - 2014-07-31 14:50 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Oracle
2014-07-31 14:49 - 2014-07-31 14:49 - 00004578 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-31 14:48 - 2013-11-01 21:49 - 00000000 ____D () C:\Program Files\Java
2014-07-31 01:15 - 2013-10-19 19:18 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Packages
2014-07-30 19:11 - 2014-07-30 19:11 - 00000000 ____D () C:\ArcheAge
2014-07-30 10:28 - 2014-07-27 09:14 - 00000000 ____D () C:\Program Files (x86)\Elite Hunting Log
2014-07-29 11:08 - 2014-07-20 21:55 - 00000000 ____D () C:\AdwCleaner
2014-07-27 23:04 - 2014-07-27 22:59 - 584087399 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 17 [1080p].mkv
2014-07-27 23:04 - 2014-07-27 22:58 - 568301507 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 04 [1080p].mkv
2014-07-27 09:14 - 2014-07-27 09:14 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elite Hunting Log
2014-07-25 23:15 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-25 23:07 - 2014-06-19 13:15 - 00002248 ____H () C:\Users\Jamie\Documents\Default.rdp
2014-07-25 22:37 - 2014-05-25 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-07-25 21:12 - 2014-07-25 21:12 - 00005550 _____ () C:\Users\Jamie\Desktop\ph.txt
2014-07-25 17:10 - 2014-07-14 19:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-24 17:43 - 2014-05-18 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 17:43 - 2014-05-18 19:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:43 - 2014-05-18 19:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 17:31 - 2014-07-14 18:25 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Uwlxmedia
2014-07-24 16:58 - 2014-02-16 15:26 - 00000000 ____D () C:\ProgramData\Origin
2014-07-24 16:58 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\mIRC
2014-07-24 16:48 - 2014-01-03 11:44 - 00311348 _____ () C:\WINDOWS\DPINST.LOG
2014-07-24 16:43 - 2014-07-24 16:43 - 00030424 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggsomc.sys
2014-07-24 16:43 - 2014-07-24 16:43 - 00016088 _____ (Sony Mobile Communications) C:\WINDOWS\system32\Drivers\ggflt.sys
2014-07-24 16:42 - 2014-01-03 11:47 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-07-24 16:42 - 2014-01-03 11:47 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-07-24 16:37 - 2014-07-24 16:37 - 06339727 _____ () C:\Users\Jamie\Desktop\wordpress-3.9.1.zip
2014-07-24 16:36 - 2014-07-24 16:36 - 00002042 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-07-24 16:36 - 2014-01-03 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-07-24 16:36 - 2013-10-19 19:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-24 13:11 - 2014-07-24 13:11 - 00000000 ____D () C:\SUPERDelete
2014-07-24 13:11 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\IObit
2014-07-24 13:08 - 2014-07-24 13:08 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-24 13:07 - 2014-07-24 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-23 17:43 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\FileZilla
2014-07-23 17:24 - 2013-10-19 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 17:24 - 2013-10-19 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 19:25 - 2014-06-29 20:16 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Adobe
2014-07-21 22:04 - 2013-11-07 18:39 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET65F3.tmp
2014-07-21 22:04 - 2013-11-07 18:39 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6AEE.tmp
2014-07-21 22:04 - 2013-11-07 18:39 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET6E1B.tmp
2014-07-21 22:04 - 2013-11-07 18:39 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6E4C.tmp
2014-07-21 22:04 - 2013-11-07 18:39 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET6DD9.tmp
2014-07-21 22:04 - 2013-11-07 18:39 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET75FD.tmp
2014-07-21 22:03 - 2014-08-01 21:01 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2014-07-20 22:29 - 2014-07-20 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2014-07-20 22:29 - 2013-11-22 15:56 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-07-20 22:13 - 2014-07-20 22:13 - 00000000 ____D () C:\WINDOWS\pss
2014-07-20 22:01 - 2014-07-20 22:01 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-20 21:58 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-20 16:52 - 2014-07-20 16:52 - 00013795 _____ () C:\Users\Jamie\Desktop\hijackthis.log
2014-07-20 16:51 - 2014-07-20 16:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jamie\Desktop\HijackThis.exe
2014-07-20 00:43 - 2014-07-20 00:17 - 934489494 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Sword Art Online II - 03 [1080p].mkv
2014-07-20 00:16 - 2014-07-20 00:13 - 585974408 ____R () C:\Users\Jamie\Downloads\[HorribleSubs] Fairy Tail S2 - 16 [1080p].mkv
2014-07-18 23:09 - 2014-07-18 22:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-18 22:48 - 2014-07-18 22:48 - 00000977 _____ () C:\Users\Jamie\Desktop\Spybot - Search & Destroy.lnk
2014-07-18 22:48 - 2014-07-18 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-07-18 22:47 - 2014-07-18 22:47 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jamie\Desktop\spybotsd162.exe
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-07-18 15:18 - 2013-10-20 19:14 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-18 15:18 - 2013-10-20 19:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-18 15:18 - 2013-10-20 19:13 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-07-18 13:07 - 2014-07-18 13:07 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Skyrim
2014-07-18 13:06 - 2013-10-04 16:11 - 00000000 ____D () C:\Users\Jamie\Documents\My Games
2014-07-17 16:52 - 2013-08-22 15:46 - 00074973 _____ () C:\WINDOWS\setupact.log
2014-07-17 00:58 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\libraries
2014-07-17 00:58 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\assets
2014-07-17 00:56 - 2014-07-17 00:56 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\versions
2014-07-17 00:56 - 2014-07-17 00:50 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Direwolf20_1_6_4
2014-07-17 00:50 - 2014-07-17 00:24 - 00000000 ____D () C:\Users\Jamie\AppData\Local\ftblauncher
2014-07-17 00:50 - 2013-10-19 19:48 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\ftblauncher
2014-07-17 00:24 - 2014-04-25 15:32 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\authlib
2014-07-16 21:58 - 2014-07-16 21:58 - 00096556 _____ () C:\Users\Jamie\Desktop\latest.log
2014-07-15 10:46 - 2014-07-15 10:43 - 00000000 ____D () C:\Users\Jamie\AppData\Local\FreeFixer
2014-07-15 10:43 - 2014-07-15 10:43 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\FreeFixer
2014-07-15 10:35 - 2014-07-15 10:35 - 00280776 _____ () C:\WINDOWS\Minidump\071514-7234-01.dmp
2014-07-15 01:49 - 2014-07-15 00:44 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-15 01:48 - 2014-07-15 00:28 - 00000000 ____D () C:\NPE
2014-07-15 01:47 - 2014-07-15 01:47 - 00000000 ____D () C:\ProgramData\SMR410
2014-07-15 01:47 - 2014-07-15 00:27 - 00000000 ____D () C:\Users\Jamie\AppData\Local\NPE
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-15 00:45 - 2014-07-15 00:45 - 00000000 _____ () C:\autoexec.bat
2014-07-15 00:30 - 2014-07-15 00:30 - 00001394 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.bak
2014-07-15 00:27 - 2014-07-15 00:27 - 03077584 ____N (Symantec Corporation) C:\Users\Jamie\Desktop\NPE.exe
2014-07-14 19:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-14 19:17 - 2014-07-14 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-14 19:17 - 2014-02-14 15:40 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\Malwarebytes
2014-07-14 19:17 - 2014-02-14 15:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 18:47 - 2014-07-14 18:47 - 00002667 _____ () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\resmon.lnk
2014-07-14 18:23 - 2014-07-14 18:23 - 00000000 ____D () C:\Users\Jamie\Downloads\D3DGear
2014-07-13 21:07 - 2014-07-13 21:07 - 00000000 ____D () C:\Users\Jamie\Documents\Roms
2014-07-13 20:58 - 2014-07-13 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2014-07-13 20:54 - 2014-07-13 20:53 - 04489075 _____ ( ) C:\Users\Jamie\Desktop\setup Project64 2.1.exe
2014-07-13 20:34 - 2013-10-19 19:46 - 00000000 ____D () C:\Users\Jamie\AppData\Local\Eclipse
2014-07-13 20:34 - 2013-09-03 20:32 - 00000000 ____D () C:\Users\Jamie\Desktop\eclipse
2014-07-13 20:29 - 2014-07-13 20:29 - 00195485 _____ () C:\Users\Jamie\Desktop\MyCommand.jar
2014-07-13 19:21 - 2013-10-19 19:47 - 00000132 _____ () C:\Users\Jamie\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-07-13 18:07 - 2014-07-13 18:07 - 00000893 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-07-13 16:52 - 2014-07-13 16:52 - 00000000 ____D () C:\Users\Jamie\Desktop\SMART
2014-07-13 16:50 - 2014-07-13 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-07-12 23:12 - 2014-07-10 01:44 - 00000000 ____D () C:\Users\Jamie\Downloads\Date A Live S2
2014-07-12 23:09 - 2013-10-19 19:48 - 00000898 _____ () C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-07-12 19:22 - 2014-07-12 19:22 - 00000000 ____D () C:\Users\Jamie\AppData\Local\SyndicatedLife
2014-07-12 19:22 - 2014-07-12 19:19 - 00000000 ____D () C:\Users\Jamie\Desktop\FFXIV-APP
2014-07-12 19:20 - 2014-07-12 19:20 - 00000000 ____D () C:\Users\Jamie\Documents\FFXIVAPP
2014-07-12 12:11 - 2013-10-19 19:18 - 00000000 ____D () C:\Users\Jamie\AppData\Local\VirtualStore
2014-07-12 10:23 - 2014-06-18 10:12 - 00000000 ____D () C:\Users\Jamie\Documents\BYOND
2014-07-10 22:30 - 2014-07-10 22:30 - 00000000 ____D () C:\Users\Jamie\AppData\Roaming\LOVE
2014-07-10 22:29 - 2014-07-10 22:29 - 05565454 _____ () C:\Users\Jamie\Desktop\mari0-win.zip
2014-07-10 22:29 - 2014-07-10 22:29 - 00000000 ____D () C:\Users\Jamie\Desktop\mari0-win
2014-07-10 11:23 - 2013-08-22 15:44 - 05102600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 02:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 02:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 02:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 21:15 - 2013-11-14 14:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 21:13 - 2013-11-14 14:06 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 21:10 - 2013-09-30 04:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 21:09 - 2014-07-09 21:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 19:07 - 2014-07-08 19:07 - 05659136 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:07 - 2013-10-19 19:25 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 09:34 - 2013-11-07 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

Some content of TEMP:
====================
C:\Users\Jamie\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Jamie\AppData\Local\Temp\ose00000.exe
C:\Users\Jamie\AppData\Local\Temp\ose00001.exe
C:\Users\Jamie\AppData\Local\Temp\ose00002.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-06 03:38

==================== End Of Log ============================


----------



## Mark1956 (May 7, 2011)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 01
Ran by Jamie at 2014-08-06 19:32:32
Running from C:\Users\Jamie\Desktop\SCANS
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

.sol Editor 1.1.0.1 (HKLM-x32\...\.sol Editor) (Version: 1.1.0.1 - alexisisaac.net)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
4K Video Downloader 3.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.2.0.1300 - Open Media LLC)
8BitMMO (HKLM-x32\...\Steam App 250420) (Version: - Archive Entertainment)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version: - )
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{783DCCCB-FBD0-4D1D-928D-7075DA8015E6}) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
BYOND (HKLM-x32\...\BYOND) (Version: 506.1247 - BYOND)
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1107.1128.20543 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1107.1129.20543 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CrystalDiskInfo 6.1.12 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version: - Going Loud Studios)
Downloader (HKLM-x32\...\Downloader) (Version: - )
doxygen 1.8.7 (HKLM\...\doxygen_is1) (Version: 1.8.7 - Dimitri van Heesch)
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 1.8 - Treexy)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Elite Hunting Log (HKLM-x32\...\{8F2FC9D2-29A1-4CA4-AD41-0407F8049602}) (Version: 0.6.2 - A. Kaden)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY III (HKLM-x32\...\Steam App 239120) (Version: - Square Enix)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Game Character Hub (HKLM-x32\...\Steam App 292230) (Version: - Sebastien Bini)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gear Up (HKLM-x32\...\Steam App 214420) (Version: - Doctor Entertainment AB)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
GunZ2 (HKLM-x32\...\GunZ2) (Version: - )
Horizon v2.7.6.7 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.6.7 - Daring Development Inc.)
HP IDF Software (HKLM-x32\...\{974025B1-769B-49E9-817C-C638ABE8F372}) (Version: 11.15.1000 - Hewlett-Packard Company)
HP Mouse Suite (HKLM-x32\...\{213FF60A-9899-4145-8428-D144778BE117}) (Version: 1.1.1 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Imprudence Viewer 1.3.2 (HKLM-x32\...\{D7736EE8-AFCE-4735-BBE3-652CDFBBFCA8}_is1) (Version: - The Imprudence And Kokua Projects)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Macro Recorder 5.7.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.0 - Jitbit Software)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version: - GameTuts)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PHANTASY STAR ONLINE 2 (HKLM-x32\...\http://pso2.jp/appid/release_is1) (Version: - SEGA)
PHANTASY STAR ONLINE 2 キャラクタークリエイト体験版 ver. 2.0 (HKLM-x32\...\http://pso2.jp/appid/charactercreator_ver2_is1) (Version: - SEGA)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.6.6 - PowerUp Software)
Pokémon Trading Card Game Online (HKLM-x32\...\{F66747DD-53B4-4C44-BDC2-B5A1893068F9}) (Version: 1.0.0 - The Pokémon Company International)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PremiumSoft Navicat 9.0 for MySQL (HKLM-x32\...\PremiumSoft Navicat for MySQL_is1) (Version: - PremiumSoft CyberTech Ltd.)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Python 3.3 pywin32-218 (HKLM\...\pywin32-py3.3) (Version: - )
Python 3.3.4 (64-bit) (HKLM\...\{d7e79bb6-dbe5-33c5-b105-ce6871c59db6}) (Version: 3.3.4150 - Python Software Foundation)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
ShareX 8.4.0 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 8.4.0 - ShareX Developers)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.10.201407111005 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SQLite Expert Personal 3.5.35 (HKLM-x32\...\SQLite Expert Personal 3_is1) (Version: - Bogdan Ureche)
SQLite Expert Professional 3.5.35 (HKLM-x32\...\SQLite Expert Professional 3_is1) (Version: - Bogdan Ureche)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteamTool 1.1 (HKLM-x32\...\{B442D7D6-5153-4DBC-954D-BFFAACACDFDC}_is1) (Version: 1.1 - Stefan Jones)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Test Mail Server Tool (HKLM-x32\...\{5781A356-8BC3-4AD1-8214-DDD0CCA85B2A}) (Version: 2.54 - Toolheap)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Impossible Game (HKLM-x32\...\Steam App 251630) (Version: - Grip Games)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.4.15 - Electronic Arts)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM\...\{E93151DE-8DC3-47F9-852A-3417954AA760}) (Version: 16.0.559.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{121C874E-5797-40B2-86CE-CE6624F2711A}) (Version: 15.0.1376 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Trending Words Dictionary (HKLM\...\{700F737C-4BFD-40D1-9359-C08953CC6857}) (Version: 16.0.565.1 - Microsoft Corporation)
VidCoder 1.5.23 Beta (x64) (HKLM\...\VidCoder-Beta-x64_is1) (Version: 1.5.23 - RandomEngy)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
Window Hide Tool 2.0 (HKLM-x32\...\Window Hide Tool_is1) (Version: - FOMINE SOFTWARE)
Windows Driver Package - Hewlett - Packard (HidUsb) HIDClass (01/26/2010 1.12.7600.16385) (HKLM\...\63AD5694BB6DAB8863713F85AE50BA9F539D7A3E) (Version: 01/26/2010 1.12.7600.16385 - Hewlett - Packard)
Windows Driver Package - Hewlett-Packard (HidUsb) HIDClass (01/26/2010 1.12.7600.16385) (HKLM\...\90B012BF3F529E820A22374831C4C7D340A4CD3D) (Version: 01/26/2010 1.12.7600.16385 - Hewlett-Packard)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WTFast 3.1 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.1.1.3 - Initex & AAA Internet Publishing)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-497589721-493781404-738327830-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-497589721-493781404-738327830-1001_Classes\CLSID\{6b421fed-d072-4b01-8219-76b866cd71fc}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-497589721-493781404-738327830-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-497589721-493781404-738327830-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-497589721-493781404-738327830-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-497589721-493781404-738327830-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jamie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

20-07-2014 21:21:54 Installed HP Mouse Suite
24-07-2014 15:43:02 Installed Sony Mobile Drivers
27-07-2014 08:14:20 Installed Elite Hunting Log
31-07-2014 13:47:44 Removed Java 7 Update 45 (64-bit)
01-08-2014 19:52:59 Installed DirectX
06-08-2014 09:23:14 Removed Microsoft Office Professional Plus 2013
06-08-2014 09:23:21 PROPLUS

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-08-05 20:01 - 00000704 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
106.185.32.13 gs001.pso2gs.net #PSO2Proxy Public Server Ship 01
106.185.32.13 gs016.pso2gs.net #PSO2Proxy Public Server Ship 02
106.185.32.13 gs031.pso2gs.net #PSO2Proxy Public Server Ship 03
106.185.32.13 gs046.pso2gs.net #PSO2Proxy Public Server Ship 04
106.185.32.13 gs061.pso2gs.net #PSO2Proxy Public Server Ship 05
106.185.32.13 gs076.pso2gs.net #PSO2Proxy Public Server Ship 06
106.185.32.13 gs091.pso2gs.net #PSO2Proxy Public Server Ship 07
106.185.32.13 gs106.pso2gs.net #PSO2Proxy Public Server Ship 08
106.185.32.13 gs121.pso2gs.net #PSO2Proxy Public Server Ship 09
106.185.32.13 gs136.pso2gs.net #PSO2Proxy Public Server Ship 10

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04BE812A-2000-4522-80A3-E97836C39CC2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05B46A4A-27CC-422B-B24D-5AAFF3BCEE72} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {17ACCF2F-4317-43ED-9720-777BAEA1F39C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DF19B04-F7AE-4E83-818E-A586D811BB49} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {53563871-069C-48F6-B8D1-8C85D271030B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {608A8A62-11E0-4172-813F-E7365D1D7B47} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E2E5741-547C-4278-86E6-26E2328C71DE} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6F68D876-CF72-4D64-99DB-1CF123032335} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {721D36DF-CD18-4D53-9AE4-6DA248A9C25A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8869A436-3842-43DF-8C1A-7AC308817DE0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C8B62DCD-6ED9-4D07-91ED-52EE49F161B6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-05-05] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E64830C6-9F02-4BD5-A1DD-31E216E0FE1E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EF42289B-E2E6-4BC6-BF8D-218242E65C5B} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F3F5D62F-012B-4180-AABC-08F6CA4CA87F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PHYORE-HP-Jamie Phyore-HP => J:\Program Files\Microsoft Office\Office15\MsoSync.exe
Task: {F9DD7CD6-885B-407C-B7C2-AA0E8A6E3FA2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () J:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-27 08:56 - 2013-06-27 08:56 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () J:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () J:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () J:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2013-10-19 19:22 - 2014-07-23 17:24 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Jamie\Cookies:X5bbsuNGvYrnZ3A1Dj4m4QXoOWo
AlternateDataStreams: C:\Users\Jamie\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Jamie\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Jamie\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKCU\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKCU\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34"
HKCU\...\StartupApproved\Run: => "Wondershare Helper Compact"
HKCU\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKCU\...\StartupApproved\Run: => "Window Hide Tool"
HKCU\...\StartupApproved\Run: => "WTFast Tray"
HKCU\...\StartupApproved\Run: => "SpybotSD TeaTimer"
HKCU\...\StartupApproved\Run: => "HydraVisionDesktopManager"

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/06/2014 07:32:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17195, time stamp: 0x53894a69
Exception code: 0xc000027b
Fault offset: 0x00000000000547ac
Faulting process id: 0x281c
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (08/06/2014 03:39:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/06/2014 03:39:21 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/05/2014 07:49:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PSO2 Tweaker.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
at System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
at ..()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (08/05/2014 02:58:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/05/2014 02:58:13 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/05/2014 00:08:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (08/05/2014 00:08:44 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/04/2014 11:21:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dreamweaver.exe, version: 12.0.0.5808, time stamp: 0x4f7617ae
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000374
Fault offset: 0x000df636
Faulting process id: 0x2b48
Faulting application start time: 0xDreamweaver.exe0
Faulting application path: Dreamweaver.exe1
Faulting module path: Dreamweaver.exe2
Report Id: Dreamweaver.exe3
Faulting package full name: Dreamweaver.exe4
Faulting package-relative application ID: Dreamweaver.exe5

Error: (08/04/2014 10:19:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PSO2 Tweaker.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
at System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
at ..()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

System errors:
=============
Error: (08/06/2014 05:09:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/05/2014 05:32:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/04/2014 10:59:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/03/2014 04:35:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/02/2014 11:09:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/02/2014 01:39:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/01/2014 09:11:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/01/2014 09:11:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).

Error: (08/01/2014 09:11:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064

Error: (08/01/2014 09:11:23 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Microsoft Office Sessions:
=========================
Error: (08/06/2014 07:32:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac281c01cfb1a4ca353ebeC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll0bdc1f6f-1d98-11e4-82cf-ac7289b54888Microsoft.XboxOneSmartGlassBeta_2.2.1407.24001_x64__8wekyb3d8bbweMicrosoft.XboxOneSmartGlass

Error: (08/06/2014 03:39:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/06/2014 03:39:21 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*J:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllJ:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8

Error: (08/05/2014 07:49:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PSO2 Tweaker.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
at System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
at ..()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (08/05/2014 02:58:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/05/2014 02:58:13 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*J:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllJ:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8

Error: (08/05/2014 00:08:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/05/2014 00:08:44 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*J:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllJ:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8

Error: (08/04/2014 11:21:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dreamweaver.exe12.0.0.58084f7617aentdll.dll6.3.9600.1711453648f36c0000374000df6362b4801cfb0303d0b1e8fC:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exeC:\WINDOWS\SYSTEM32\ntdll.dllb6193248-1c25-11e4-82cf-ac7289b54888

Error: (08/04/2014 10:19:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PSO2 Tweaker.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
at System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
at System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
at ..()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

CodeIntegrity Errors:
===================================
Date: 2014-08-01 21:32:37.041
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-01-31 08:29:49.614
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 19:47:39.250
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-22 19:23:27.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 8139.86 MB
Available physical RAM: 5265.84 MB
Total Pagefile: 16331.86 MB
Available Pagefile: 12665.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:93.28 GB) NTFS
Drive d: (K_VOL03) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive j: (Local Disk) (Fixed) (Total:931.51 GB) (Free:389.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 2CC340FC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 92C4F54F)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================


----------



## Mark1956 (May 7, 2011)

I just had time to post the logs for you. Please always post logs directly into your replies as this makes it much easier to refer back to them.

I'll be back later to check the logs and decide on the next step.


----------



## Mark1956 (May 7, 2011)

Some Adware has appeared in Google since the last scan, please run Adwcleaner again, after the Scan click on the Clean button and post the log produced after the reboot.

When done, please tell me if the redirects are still occurring.


----------



## Phyore (Oct 26, 2011)

# AdwCleaner v3.304 - Report created 08/08/2014 at 22:21:32
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Jamie - PHYORE-HP
# Running from : C:\Users\Jamie\Desktop\SCANS\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\l2w7tuej.default\prefs.js ]

[ File : C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\qfiwr18s.default\prefs.js ]

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=GB&userid=e2332e27-91a1-4caa-94f1-98d6c52f9575&searchtype=hp&installDate=10/04/2013

*************************

AdwCleaner[R0].txt - [2255 octets] - [20/07/2014 21:55:31]
AdwCleaner[R1].txt - [1132 octets] - [28/07/2014 19:30:22]
AdwCleaner[R2].txt - [1598 octets] - [28/07/2014 20:32:49]
AdwCleaner[R3].txt - [1658 octets] - [28/07/2014 22:05:12]
AdwCleaner[R4].txt - [1373 octets] - [29/07/2014 11:08:01]
AdwCleaner[R5].txt - [1670 octets] - [08/08/2014 22:20:54]
AdwCleaner[S0].txt - [2310 octets] - [20/07/2014 21:58:05]
AdwCleaner[S1].txt - [1725 octets] - [28/07/2014 22:09:24]
AdwCleaner[S2].txt - [1434 octets] - [29/07/2014 11:08:46]
AdwCleaner[S3].txt - [1593 octets] - [08/08/2014 22:21:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1653 octets] ##########

If it cleaned from Chrome it might not help my Firefox problem, but I shall post again should the redirect happen


----------



## Phyore (Oct 26, 2011)

So woke up this morning, the redirects in Firefox are still happening.


----------



## Mark1956 (May 7, 2011)

Ok, are you aware of the Proxy that is set up in Firefox, that may have something to do with it.


----------



## Phyore (Oct 26, 2011)

There's a proxy on it? I did not know this. There is the 187.162.253.250 proxy I used a while back, but it is using the system proxy.


----------



## Mark1956 (May 7, 2011)

That all looks fine and matches the information shown in the log.

Try this:

Start Firefox.
Click on the Help button and select "Restart with Add-ons disabled"

Run it for a while and check to see if the redirects have stopped, let me know the outcome.


----------



## Phyore (Oct 26, 2011)

Been browsing around at the moment and no redirects seem to be happening. (Safe mode Firefox)


----------



## Mark1956 (May 7, 2011)

Sorry for the delay, been tied up with work.

As you are seeing no redirects with Firefox in Safe Mode then the redirects must be due to one of your Add-ons. Please follow this guide to delete all the Add-ons that you don't require or did not install intentionally: https://support.mozilla.org/en-US/kb/disable-or-remove-add-ons

When done, reboot the system and run Firefox as normal and let me know how it is.


----------



## Phyore (Oct 26, 2011)

Sory about the late reply, I will try that shortly.


----------



## Mark1956 (May 7, 2011)

:up:


----------



## Phyore (Oct 26, 2011)

I don't seem to be having any problems at the moment now  Will post back if any occur! Thank you for the great help ^.^


----------



## Mark1956 (May 7, 2011)

You're most welcome. You can remove any tools used just by right clicking on the item and any saved logs and selecting Delete. I would recommend you keep Adwcleaner and run regular scans with it for Adware.


----------

