Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Gameharbor.org Malware :<
Message
<blockquote data-quote="teffalacat" data-source="post: 264504" data-attributes="member: 28033"><p>[SPOILER="Addition"]</p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014</p><p>Ran by Teffala at 2014-09-20 20:47:29</p><p>Running from C:\Users\Teffala\Desktop</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}</p><p>AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )</p><p>Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)</p><p>Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)</p><p>Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)</p><p>Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)</p><p>DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)</p><p>Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)</p><p>Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)</p><p>Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)</p><p>Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden</p><p>iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)</p><p>Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)</p><p>Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)</p><p>Intel(R) Network Connections 19.1.51.0 (Version: 19.1.51.0 - Intel) Hidden</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden</p><p>Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)</p><p>Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)</p><p>Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden</p><p>iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)</p><p>Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)</p><p>Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden</p><p>Logitech Gaming Software (Version: 8.30.28 - Logitech Inc.) Hidden</p><p>Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)</p><p>LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)</p><p>LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden</p><p>Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)</p><p>Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)</p><p>Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)</p><p>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden</p><p>Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)</p><p>Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden</p><p>Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden</p><p>Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden</p><p>Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden</p><p>Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)</p><p>Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)</p><p>Mozilla Firefox 32.0.1 (x86 en-US) (HKCU\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)</p><p>Norton 360 (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation)</p><p>NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)</p><p>Oblivion - Construction Set (HKLM-x32\...\{23D683DD-93C6-48E6-B84E-78B57778F126}) (Version: 1.00.0000 - Bethesda Softworks)</p><p>Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.2.0416 - Bethesda Softworks)</p><p>Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip)</p><p>OC Button (HKLM-x32\...\InstallShield_{E27E691E-6D86-4BC3-A5AC-E14CFD43CFAD}) (Version: 1.00.0000 - GIGABYTE)</p><p>OC Button (x32 Version: 1.00.0000 - GIGABYTE) Hidden</p><p>Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden</p><p>Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden</p><p>Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden</p><p>ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)</p><p>ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden</p><p>ON_OFF Charge B13.0403.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)</p><p>Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)</p><p>Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)</p><p>Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)</p><p>Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)</p><p>System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)</p><p>Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)</p><p>The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)</p><p>The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.677.20 - Electronic Arts Inc.)</p><p>The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)</p><p>Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)</p><p>TP-LINK TL-WDN3800 Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)</p><p>TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)</p><p>Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)</p><p>VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden</p><p>VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)</p><p>Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)</p><p>XSplit Gamecaster (HKLM-x32\...\{22EE0000-ECB1-486F-B928-990CECFE7B32}) (Version: 1.9.1407.2114 - SplitmediaLabs)</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>16-09-2014 08:43:37 Windows Update</p><p>17-09-2014 04:21:11 Norton_Power_Eraser_20140917162111528</p><p>17-09-2014 04:28:58 Windows Update</p><p>18-09-2014 07:44:41 zoek.exe restore point</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-14 14:34 - 2009-06-11 09:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p></p><p>Task: {0E262069-A86A-4CF8-AC7B-531AF4661062} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-31] (Symantec Corporation)</p><p>Task: {1EF685B5-D965-4BBF-AFAC-F7FA181C7EA2} - System32\Tasks\{224F0C75-4785-4F09-BFB0-7B4AEA40530A} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\obse_loader.exe [2014-08-27] ()</p><p>Task: {24408EE5-F201-4A06-A529-36CA6111682D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-28] (Microsoft Corporation)</p><p>Task: {253D2E70-3AFB-4AAF-93B0-50388B2FA22D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)</p><p>Task: {268BBEA3-9C9C-4D2C-A77D-5BAD4AF71561} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)</p><p>Task: {31C4DF73-9478-416F-87BF-E2594A8B7158} - System32\Tasks\{C1F68D56-261C-44F0-B42B-CD0791B62005} => F:\Program Files\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe [2014-08-09] (Bethesda Softworks)</p><p>Task: {361C1807-1D9F-408B-969B-2C5847B5ED73} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\WSCStub.exe [2014-08-01] (Symantec Corporation)</p><p>Task: {534A6845-7CF2-4A80-A0DD-43FA841D2624} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: {6494D785-35C0-4724-ACAF-E2E1EC30543D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: {74588776-C78A-42BA-BD14-8F7FADF0061F} - System32\Tasks\{3B137F67-1133-48D8-8520-42DBF6BF6739} => C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_loader.exe [2014-07-08] ()</p><p>Task: {B32F5F75-5010-4FA0-862A-E3C526E47239} - System32\Tasks\{586CB9BC-6A2A-4158-BC91-29091ADD2A90} => F:\Program Files\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe [2014-08-09] (Bethesda Softworks)</p><p>Task: {C89ED942-D055-4511-BCBE-05B061AAB253} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-31] (Symantec Corporation)</p><p>Task: {D62B979A-CA4D-41DD-84B5-EAE936782B54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-17] (Adobe Systems Incorporated)</p><p>Task: {E0D55D86-84DA-40A4-9CEF-BA3CF4B98696} - System32\Tasks\Microsoft Office 15 Sync Maintenance for TheBae-Teffala TheBae => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-28] (Microsoft Corporation)</p><p>Task: {F8E42646-FAA4-4ADB-9EB8-1A890978B7F3} - System32\Tasks\{BA415C66-F124-4737-9535-112CCEBE344B} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-04-06] (Bethesda Softworks)</p><p>Task: {FC74819C-158A-409F-9B44-8DD794F07B14} - System32\Tasks\{DC27FF14-FA7B-4296-8CFD-5939BCA23820} => C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_loader.exe [2014-07-08] ()</p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2014-06-30 20:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll</p><p>2013-04-09 17:47 - 2013-04-09 17:47 - 00018512 _____ () C:\Program Files (x86)\GIGABYTE\OCBtn\GUP7Serv.exe</p><p>2014-08-28 20:49 - 2014-08-28 20:49 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll</p><p>2014-07-29 06:29 - 2014-07-29 06:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll</p><p>2014-07-29 06:32 - 2014-07-29 06:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll</p><p>2014-07-29 06:29 - 2014-07-29 06:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll</p><p>2014-07-29 06:31 - 2014-07-29 06:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll</p><p>2014-07-10 20:05 - 2013-04-09 11:05 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe</p><p>2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll</p><p>2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>2012-02-08 13:50 - 2012-02-08 13:50 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\OCBtn\Ycc.dll</p><p>2014-06-30 16:26 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll</p><p>2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () F:\Program Files\Program Files (x86)\iCloud\zlib1.dll</p><p>2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () F:\Program Files\Program Files (x86)\iCloud\libxml2.dll</p><p>2014-07-10 20:05 - 2013-01-22 14:40 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll</p><p>2014-07-10 20:05 - 2013-04-02 13:41 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll</p><p>2014-07-10 20:05 - 2013-04-02 13:41 - 00138752 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll</p><p>2014-07-10 20:05 - 2013-02-28 11:42 - 00115712 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL</p><p>2014-04-23 16:04 - 2014-04-23 16:04 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll</p><p>2014-08-30 17:47 - 2014-08-22 06:15 - 01171456 _____ () F:\Program Files\Program Files (x86)\Steam\libavcodec-56.dll</p><p>2014-08-30 17:47 - 2014-08-22 06:15 - 00442368 _____ () F:\Program Files\Program Files (x86)\Steam\libavutil-54.dll</p><p>2014-08-30 17:47 - 2014-08-22 06:15 - 00332800 _____ () F:\Program Files\Program Files (x86)\Steam\libavresample-2.dll</p><p>2014-07-10 19:59 - 2014-08-21 10:38 - 00774656 _____ () F:\Program Files\Program Files (x86)\Steam\SDL2.dll</p><p>2014-07-10 19:59 - 2014-08-28 23:48 - 02224320 _____ () F:\Program Files\Program Files (x86)\Steam\video.dll</p><p>2014-08-30 17:47 - 2014-08-22 06:15 - 00403968 _____ () F:\Program Files\Program Files (x86)\Steam\libavformat-56.dll</p><p>2014-08-30 17:47 - 2014-08-22 06:15 - 00485888 _____ () F:\Program Files\Program Files (x86)\Steam\libswscale-3.dll</p><p>2014-07-10 19:59 - 2014-08-28 23:48 - 00678080 _____ () F:\Program Files\Program Files (x86)\Steam\bin\chromehtml.DLL</p><p>2014-07-10 19:59 - 2014-08-21 10:38 - 34589376 _____ () F:\Program Files\Program Files (x86)\Steam\bin\libcef.dll</p><p>2014-08-16 16:12 - 2014-08-21 10:38 - 00837824 _____ () F:\Program Files\Program Files (x86)\Steam\bin\ffmpegsumo.dll</p><p>2014-09-14 21:08 - 2014-09-14 21:08 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"</p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p>Name: Teredo Tunneling Pseudo-Interface</p><p>Description: Microsoft Teredo Tunneling Adapter</p><p>Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}</p><p>Manufacturer: Microsoft</p><p>Service: tunnel</p><p>Problem: : This device cannot start. (Code10)</p><p>Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.</p><p>On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 3011</p><p></p><p>Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 3011</p><p></p><p>Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 2013</p><p></p><p>Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 2013</p><p></p><p>Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 1014</p><p></p><p>Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 1014</p><p></p><p>Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (09/20/2014 11:10:16 AM) (Source: VSS) (EventID: 8194) (User: )</p><p>Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.</p><p>.</p><p>This is often caused by incorrect security settings in either the writer or requestor process.</p><p></p><p></p><p>Operation:</p><p> Gathering Writer Data</p><p></p><p>Context:</p><p> Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}</p><p> Writer Name: System Writer</p><p> Writer Instance ID: {1181df69-59e9-4f26-8231-e250eef03fce}</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (09/20/2014 02:41:56 PM) (Source: NetBT) (EventID: 4321) (User: )</p><p>Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.100.</p><p>The computer with the IP address 192.168.0.107 did not allow the name to be claimed by</p><p>this computer.</p><p></p><p>Error: (09/20/2014 01:59:13 PM) (Source: DCOM) (EventID: 10010) (User: )</p><p>Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}</p><p></p><p>Error: (09/20/2014 10:17:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The Google Update Service (gupdate) service failed to start due to the following error:</p><p>%%2</p><p></p><p>Error: (09/20/2014 10:15:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load:</p><p>AppleCharger</p><p>UsbCharger</p><p></p><p>Error: (09/19/2014 08:47:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The Google Update Service (gupdate) service failed to start due to the following error:</p><p>%%2</p><p></p><p>Error: (09/19/2014 08:45:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load:</p><p>AppleCharger</p><p>UsbCharger</p><p></p><p>Error: (09/18/2014 07:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The Google Update Service (gupdate) service failed to start due to the following error:</p><p>%%2</p><p></p><p>Error: (09/18/2014 07:57:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load:</p><p>AppleCharger</p><p>UsbCharger</p><p></p><p>Error: (09/18/2014 07:51:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: )</p><p>Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.</p><p></p><p>Error: (09/18/2014 07:51:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: )</p><p>Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 3011</p><p></p><p>Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 3011</p><p></p><p>Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 2013</p><p></p><p>Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 2013</p><p></p><p>Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 1014</p><p></p><p>Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 1014</p><p></p><p>Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p></p><p>Error: (09/20/2014 11:10:16 AM) (Source: VSS) (EventID: 8194) (User: )</p><p>Description: 0x80070005, Access is denied.</p><p></p><p></p><p>Operation:</p><p> Gathering Writer Data</p><p></p><p>Context:</p><p> Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}</p><p> Writer Name: System Writer</p><p> Writer Instance ID: {1181df69-59e9-4f26-8231-e250eef03fce}</p><p></p><p></p><p>==================== Memory info ===========================</p><p></p><p>Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz</p><p>Percentage of memory in use: 29%</p><p>Total physical RAM: 8080.63 MB</p><p>Available physical RAM: 5731.92 MB</p><p>Total Pagefile: 16159.45 MB</p><p>Available Pagefile: 13186.15 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.83 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (Solid State Drive) (Fixed) (Total:119.14 GB) (Free:44.49 GB) NTFS</p><p>Drive d: (Oblivion) (CDROM) (Total:4.22 GB) (Free:0 GB) UDF</p><p>Drive f: (HDD) (Fixed) (Total:931.51 GB) (Free:675.5 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 535566F2)</p><p>Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)</p><p></p><p>========================================================</p><p>Disk: 1 (Size: 931.5 GB) (Disk ID: EA085C5A)</p><p>Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)</p><p></p><p>==================== End Of Log ============================</p><p>[/SPOILER][SPOILER="FRST"]</p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014</p><p>Ran by Teffala (administrator) on THEBAE on 20-09-2014 20:47:06</p><p>Running from C:\Users\Teffala\Desktop</p><p>Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(Intel Corporation) C:\Windows\System32\igfxCUIService.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe</p><p>() C:\Program Files (x86)\GIGABYTE\OCBtn\GUP7Serv.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe</p><p>(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\n360.exe</p><p>(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe</p><p>(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\n360.exe</p><p>(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxEM.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxHK.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxTray.exe</p><p>(Realtek Semiconductor) F:\Program Files\Program Files\Realtek\Audio\HDA\RAVCpl64.exe</p><p>(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe</p><p>(Apple Inc.) F:\Program Files\Program Files (x86)\iCloud\iCloudServices.exe</p><p>(Apple Inc.) F:\Program Files\Program Files (x86)\iCloud\ApplePhotoStreams.exe</p><p>(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe</p><p>() F:\Program Files\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe</p><p>(Apple Inc.) F:\Program Files\Program Files (x86)\iTunes\iTunesHelper.exe</p><p>(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe</p><p>(Apple Inc.) F:\Program Files\Program Files (x86)\iTunes\iTunes.exe</p><p>(Apple Inc.) F:\Program Files\Program Files (x86)\iCloud\APSDaemon.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe</p><p>(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe</p><p>(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe</p><p>(Valve Corporation) F:\Program Files\Program Files (x86)\Steam\Steam.exe</p><p>(Valve Corporation) F:\Program Files\Program Files (x86)\Steam\bin\steamwebhelper.exe</p><p>(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe</p><p>(Valve Corporation) F:\Program Files\Program Files (x86)\Steam\bin\steamwebhelper.exe</p><p>(Mozilla Corporation) F:\Program Files\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-27] (Realtek Semiconductor)</p><p>HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)</p><p>HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-29] (Logitech Inc.)</p><p>HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"</p><p>HKLM-x32\...\Run: [ISUSScheduler] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)</p><p>HKLM-x32\...\Run: [iTunesHelper] => F:\Program Files\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)</p><p>Winlogon\Notify\igfxcui: igfxdev.dll [X]</p><p>HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [ISUSPM Startup] => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup</p><p>HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart</p><p>HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [iCloudServices] => F:\Program Files\Program Files (x86)\iCloud\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)</p><p>HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [ApplePhotoStreams] => F:\Program Files\Program Files (x86)\iCloud\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)</p><p>HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [CMD] => cmd.exe /c start <a href="http://extendedunlimited.org" target="_blank">http://extendedunlimited.org</a> && exit <===== ATTENTION</p><p>HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\MountPoints2: {7e8149c8-000b-11e4-951b-806e6f6e6963} - D:\Run.exe</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk</p><p>ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()</p><p>ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)</p><p>GroupPolicy: Group Policy on Chrome detected <======= ATTENTION</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a></p><p>SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a></p><p>BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)</p><p>BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)</p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)</p><p>BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)</p><p>Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)</p><p>Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)</p><p>Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\Teffala\AppData\Roaming\Mozilla\Firefox\Profiles\vfrjt9ul.default-1411116786267</p><p>FF Homepage: about:home</p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()</p><p>FF Plugin: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Program Files\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File</p><p>FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File</p><p>FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Teffala\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)</p><p>FF Extension: Adblock Plus - C:\Users\Teffala\AppData\Roaming\Mozilla\Firefox\Profiles\vfrjt9ul.default-1411116786267\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-19]</p><p>FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn</p><p>FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-20]</p><p></p><p>Chrome:</p><p>=======</p><p>CHR HomePage: Default -> hxxp://<a href="http://www.google.com/" target="_blank">www.google.com/</a></p><p>CHR StartupUrls: Default -> "hxxp://<a href="http://www.google.com/" target="_blank">www.google.com/</a>"</p><p>CHR DefaultSearchKeyword: Default -> google.co.nz</p><p>CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite115" alt=":p" title="Stick out tongue :p" loading="lazy" data-shortname=":p" />ageClassification}sugkey={google:suggestAPIKeyParameter}</p><p>CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll No File</p><p>CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer</p><p>CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File</p><p>CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File</p><p>CHR Plugin: (Norton Confidential) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll No File</p><p>CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File</p><p>CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File</p><p>CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File</p><p>CHR Profile: C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Drive) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]</p><p>CHR Extension: (Norton Identity Protection) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-07-02]</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-30]</p><p>CHR Extension: (YouTube) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-30]</p><p>CHR Extension: (Google Search) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-30]</p><p>CHR Extension: (Google Wallet) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-30]</p><p>CHR Extension: (Gmail) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-30]</p><p>CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Teffala\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-01]</p><p>CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()</p><p>R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)</p><p>R2 GUP7Serv; C:\Program Files (x86)\GIGABYTE\OCBtn\GUP7Serv.exe [18512 2013-04-09] ()</p><p>R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)</p><p>R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation)</p><p>R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]</p><p>S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)</p><p>S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2013-01-22] (Wireless) [File not signed]</p><p>R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)</p><p>R2 N360; C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-08-01] (Symantec Corporation)</p><p>S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]</p><p>S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]</p><p>S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [X]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] () [File not signed]</p><p>R1 BHDrvx64; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)</p><p>R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)</p><p>R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-15] (Intel Corporation)</p><p>R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-17] (Symantec Corporation)</p><p>R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-17] (Symantec Corporation)</p><p>R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)</p><p>R1 IDSVia64; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140919.001\IDSvia64.sys [633560 2014-09-16] (Symantec Corporation)</p><p>R3 NAVENG; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140919.019\ENG64.SYS [129752 2014-09-17] (Symantec Corporation)</p><p>R3 NAVEX15; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140919.019\EX64.SYS [2137304 2014-09-17] (Symantec Corporation)</p><p>R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-23] (Symantec Corporation)</p><p>R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)</p><p>R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)</p><p>R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)</p><p>R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-17] (Symantec Corporation)</p><p>R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)</p><p>R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)</p><p>S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] () [File not signed]</p><p>R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)</p><p>S3 EraserUtilDrv11311; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys [X]</p><p>S3 EraserUtilDrv11410; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11410.sys [X]</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-09-20 20:47 - 2014-09-20 20:47 - 00019374 _____ () C:\Users\Teffala\Desktop\FRST.txt</p><p>2014-09-20 20:38 - 2014-09-20 20:39 - 00000000 ____D () C:\Users\Teffala\Desktop\1ST Scans</p><p>2014-09-18 20:12 - 2014-09-20 16:09 - 00000228 _____ () C:\Users\Teffala\BullseyeCoverageError.txt</p><p>2014-09-18 19:53 - 2014-09-20 19:05 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TheBae-Teffala TheBae</p><p>2014-09-18 19:53 - 2014-09-18 19:43 - 00024064 _____ () C:\Windows\zoek-delete.exe</p><p>2014-09-18 19:44 - 2014-09-18 19:57 - 00017665 _____ () C:\zoek-results.log</p><p>2014-09-18 19:43 - 2014-09-18 19:53 - 00000000 ____D () C:\zoek_backup</p><p>2014-09-17 22:01 - 2014-09-17 22:03 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Adobe</p><p>2014-09-17 21:22 - 2014-09-17 21:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00001119 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-09-17 21:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2014-09-17 21:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys</p><p>2014-09-17 21:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys</p><p>2014-09-17 21:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll</p><p>2014-09-17 21:18 - 2014-09-17 21:19 - 00000000 ____D () C:\AdwCleaner</p><p>2014-09-17 21:11 - 2014-09-17 21:11 - 00002235 _____ () C:\Users\Teffala\Downloads\fixlist.txt</p><p>2014-09-17 17:37 - 2014-09-20 20:47 - 00000000 ____D () C:\FRST</p><p>2014-09-17 17:36 - 2014-09-17 17:37 - 02105856 _____ (Farbar) C:\Users\Teffala\Desktop\FRST64.exe</p><p>2014-09-17 17:26 - 2014-09-17 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360</p><p>2014-09-17 17:19 - 2014-09-17 17:19 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP</p><p>2014-09-17 16:30 - 2014-09-17 17:21 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration</p><p>2014-09-17 16:30 - 2014-09-17 17:21 - 00002525 _____ () C:\Users\Public\Desktop\Norton 360.lnk</p><p>2014-09-17 16:30 - 2014-09-17 16:30 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS</p><p>2014-09-17 16:30 - 2014-09-17 16:30 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT</p><p>2014-09-17 16:30 - 2014-09-17 16:30 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared</p><p>2014-09-17 16:26 - 2014-09-17 16:29 - 211811872 ____N (Symantec Corporation) C:\Users\Teffala\Downloads\N360-TW-21.1.0-EN-ROW.exe</p><p>2014-09-17 16:25 - 2014-09-17 16:25 - 00266576 _____ () C:\Windows\Minidump\091714-4352-01.dmp</p><p>2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieUserList</p><p>2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieSiteList</p><p>2014-09-17 16:18 - 2014-09-17 16:18 - 00000000 ____D () C:\NPE</p><p>2014-09-17 16:17 - 2014-09-17 16:21 - 00000000 ____D () C:\Users\Teffala\AppData\Local\NPE</p><p>2014-09-17 16:17 - 2014-09-17 16:17 - 00000000 ____D () C:\ProgramData\SMR430</p><p>2014-09-17 16:09 - 2014-09-17 17:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360</p><p>2014-09-17 16:09 - 2014-09-17 17:21 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64</p><p>2014-09-17 16:09 - 2014-09-17 16:30 - 00000000 ____D () C:\Program Files (x86)\Norton 360</p><p>2014-09-17 16:06 - 2014-09-17 16:06 - 00448512 _____ (OldTimer Tools) C:\Users\Teffala\Downloads\TFC.exe</p><p>2014-09-17 16:04 - 2014-09-17 16:08 - 235248307 _____ (Symantec Corporation) C:\Users\Teffala\Downloads\N360_21.1.0.18_MICROSOFT_LOEM60_MRF_2113_10387.exe</p><p>2014-09-15 16:49 - 2014-09-18 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes</p><p>2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69</p><p>2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iTunes</p><p>2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iPod</p><p>2014-09-13 14:47 - 2014-09-13 14:47 - 00000219 _____ () C:\Users\Teffala\Desktop\Counter-Strike Global Offensive.url</p><p>2014-09-11 19:31 - 2014-08-20 06:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2014-09-11 19:31 - 2014-08-20 05:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2014-09-11 19:31 - 2014-08-19 11:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2014-09-11 19:31 - 2014-08-19 10:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll</p><p>2014-09-11 19:31 - 2014-08-19 10:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe</p><p>2014-09-11 19:31 - 2014-08-19 10:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe</p><p>2014-09-11 19:31 - 2014-08-19 09:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2014-09-11 19:31 - 2014-08-19 09:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe</p><p>2014-09-11 19:31 - 2014-08-19 09:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2014-09-11 19:31 - 2014-08-19 09:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2014-09-11 19:31 - 2014-08-19 09:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2014-09-11 19:31 - 2014-08-19 09:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2014-09-11 19:31 - 2014-08-19 09:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2014-09-11 19:31 - 2014-08-19 09:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll</p><p>2014-09-11 19:31 - 2014-08-19 08:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2014-09-11 19:31 - 2014-08-19 08:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2014-09-11 19:31 - 2014-08-19 08:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2014-09-11 19:31 - 2014-08-19 08:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2014-09-11 19:31 - 2014-08-19 08:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2014-09-11 19:30 - 2014-06-27 14:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll</p><p>2014-09-11 19:30 - 2014-06-27 13:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll</p><p>2014-09-10 16:08 - 2014-08-01 23:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll</p><p>2014-09-10 16:08 - 2014-08-01 23:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll</p><p>2014-09-10 15:56 - 2014-09-05 14:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll</p><p>2014-09-10 15:56 - 2014-09-05 14:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2014-09-10 15:56 - 2014-07-07 14:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll</p><p>2014-09-10 15:56 - 2014-07-07 14:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll</p><p>2014-09-10 15:56 - 2014-07-07 13:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</p><p>2014-09-10 15:56 - 2014-07-07 13:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll</p><p>2014-09-10 15:56 - 2014-07-07 13:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll</p><p>2014-09-10 15:56 - 2014-06-24 15:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll</p><p>2014-09-10 15:56 - 2014-06-24 14:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll</p><p>2014-09-09 08:07 - 2014-09-09 08:07 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(2).exe</p><p>2014-09-08 08:29 - 2014-09-08 08:29 - 00001554 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk</p><p>2014-09-08 08:29 - 2014-09-08 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III</p><p>2014-09-08 00:46 - 2014-09-10 16:39 - 00001355 _____ () C:\Users\Public\Desktop\The Sims 4.lnk</p><p>2014-09-08 00:46 - 2014-09-08 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4</p><p>2014-09-07 08:00 - 2014-09-07 08:00 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(1).exe</p><p>2014-09-06 17:05 - 2014-09-06 17:05 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Unity</p><p>2014-09-06 17:04 - 2014-09-06 17:04 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Unity</p><p>2014-09-06 17:03 - 2014-09-06 17:04 - 01202032 _____ (Unity Technologies ApS) C:\Users\Teffala\Downloads\UnityWebPlayer.exe</p><p>2014-09-03 19:02 - 2014-09-03 19:02 - 00000023 _____ () C:\Windows\BlendSettings.ini</p><p>2014-08-31 16:16 - 2014-09-17 16:25 - 00000258 __RSH () C:\ProgramData\ntuser.pol</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Packages</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Bae\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator</p><p>2014-08-30 20:27 - 2014-08-30 20:27 - 00418417 _____ () C:\Users\Teffala\Downloads\Oblivion Load Order Manager v2-41399.exe</p><p>2014-08-30 20:15 - 2014-08-30 20:15 - 00002998 _____ () C:\Windows\System32\Tasks\{224F0C75-4785-4F09-BFB0-7B4AEA40530A}</p><p>2014-08-30 20:15 - 2014-08-30 20:15 - 00000102 _____ () C:\Windows\SysWOW64\obse_loader.log</p><p>2014-08-30 20:14 - 2014-08-30 20:14 - 00003008 _____ () C:\Windows\System32\Tasks\{BA415C66-F124-4737-9535-112CCEBE344B}</p><p>2014-08-30 17:52 - 2014-08-30 17:52 - 00000000 ____D () C:\Users\Teffala\Documents\4A Games</p><p>2014-08-30 13:12 - 2014-08-30 13:22 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\.minecraft</p><p>2014-08-29 17:06 - 2014-08-29 17:06 - 00281552 _____ () C:\Windows\Minidump\082914-3806-01.dmp</p><p>2014-08-28 07:51 - 2014-08-23 14:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll</p><p>2014-08-28 07:51 - 2014-08-23 13:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll</p><p>2014-08-28 07:51 - 2014-08-23 12:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2014-08-27 19:28 - 2014-08-27 19:28 - 00002213 _____ () C:\Users\Public\Desktop\TES Construction Set (Oblivion).lnk</p><p>2014-08-27 19:09 - 2014-08-27 19:09 - 07326093 _____ (Macrovision Corporation) C:\Users\Teffala\Downloads\tes_construction_set_v1.2.exe</p><p>2014-08-27 18:36 - 2014-09-17 21:42 - 00002027 _____ () C:\Users\Teffala\Desktop\obse_loader - Shortcut.lnk</p><p>2014-08-27 18:33 - 2014-08-27 18:33 - 01662426 _____ () C:\Users\Teffala\Downloads\obse_0021.zip</p><p>2014-08-27 18:24 - 2014-08-27 18:24 - 00005381 _____ () C:\Users\Teffala\Downloads\Coolsims Hair Pack esp v1-43224-1.zip</p><p>2014-08-27 18:10 - 2014-08-27 18:11 - 07019454 _____ () C:\Users\Teffala\Downloads\Short Jeans HGEC-32150-1-1.zip</p><p>2014-08-27 17:57 - 2014-08-27 17:58 - 18429643 _____ () C:\Users\Teffala\Downloads\Capes and Cloaks-4539.zip</p><p>2014-08-27 16:48 - 2014-08-27 16:49 - 00014336 ___SH () C:\Users\Teffala\Thumbs.db</p><p>2014-08-27 16:40 - 2014-09-17 21:40 - 00000000 ____D () C:\Users\Teffala\Desktop\Data</p><p>2014-08-27 16:25 - 2014-08-27 16:25 - 00001275 _____ () C:\Users\Teffala\Desktop\Oblivion Mod Manager.lnk</p><p>2014-08-27 16:25 - 2014-08-27 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oblivion Mod Manager</p><p>2014-08-26 20:30 - 2014-08-26 20:30 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games</p><p>2014-08-26 20:29 - 2014-08-26 20:35 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Oblivion</p><p>2014-08-21 19:42 - 2014-08-21 19:42 - 00000221 _____ () C:\Users\Teffala\Desktop\Metro 2033.url</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-09-20 20:47 - 2014-09-20 20:47 - 00019374 _____ () C:\Users\Teffala\Desktop\FRST.txt</p><p>2014-09-20 20:47 - 2014-09-17 17:37 - 00000000 ____D () C:\FRST</p><p>2014-09-20 20:44 - 2014-07-01 19:36 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Skype</p><p>2014-09-20 20:39 - 2014-09-20 20:38 - 00000000 ____D () C:\Users\Teffala\Desktop\1ST Scans</p><p>2014-09-20 20:38 - 2014-07-06 19:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2014-09-20 20:38 - 2009-07-14 16:51 - 00074006 _____ () C:\Windows\setupact.log</p><p>2014-09-20 20:34 - 2014-06-30 16:23 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-09-20 19:05 - 2014-09-18 19:53 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TheBae-Teffala TheBae</p><p>2014-09-20 18:34 - 2014-06-30 16:23 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2014-09-20 17:04 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\system32\NDF</p><p>2014-09-20 16:09 - 2014-09-18 20:12 - 00000228 _____ () C:\Users\Teffala\BullseyeCoverageError.txt</p><p>2014-09-20 15:31 - 2014-06-30 16:17 - 01296644 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-09-20 10:23 - 2014-08-13 15:54 - 00000000 ____D () C:\Users\Teffala\AppData\Local\LogMeIn Hamachi</p><p>2014-09-20 10:22 - 2009-07-14 16:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2014-09-20 10:22 - 2009-07-14 16:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2014-09-20 10:19 - 2009-07-14 17:13 - 00784286 _____ () C:\Windows\system32\PerfStringBackup.INI</p><p>2014-09-20 10:15 - 2014-06-30 16:37 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys</p><p>2014-09-20 10:15 - 2009-07-14 17:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2014-09-18 20:12 - 2014-06-30 16:17 - 00000000 ____D () C:\Users\Teffala</p><p>2014-09-18 19:57 - 2014-09-18 19:44 - 00017665 _____ () C:\zoek-results.log</p><p>2014-09-18 19:57 - 2010-11-21 15:47 - 00858034 _____ () C:\Windows\PFRO.log</p><p>2014-09-18 19:53 - 2014-09-18 19:43 - 00000000 ____D () C:\zoek_backup</p><p>2014-09-18 19:51 - 2014-07-08 21:10 - 00000000 ____D () C:\Users\Teffala\AppData\Local\CrashDumps</p><p>2014-09-18 19:43 - 2014-09-18 19:53 - 00024064 _____ () C:\Windows\zoek-delete.exe</p><p>2014-09-18 12:25 - 2014-09-15 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes</p><p>2014-09-18 12:25 - 2014-06-30 16:25 - 00000000 ____D () C:\ProgramData\Norton</p><p>2014-09-18 12:25 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\registration</p><p>2014-09-17 22:03 - 2014-09-17 22:01 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Adobe</p><p>2014-09-17 22:02 - 2014-07-06 19:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</p><p>2014-09-17 22:02 - 2014-07-06 19:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2014-09-17 22:02 - 2014-07-06 19:31 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater</p><p>2014-09-17 21:42 - 2014-08-27 18:36 - 00002027 _____ () C:\Users\Teffala\Desktop\obse_loader - Shortcut.lnk</p><p>2014-09-17 21:40 - 2014-08-27 16:40 - 00000000 ____D () C:\Users\Teffala\Desktop\Data</p><p>2014-09-17 21:27 - 2014-09-17 21:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00001119 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-09-17 21:19 - 2014-09-17 21:18 - 00000000 ____D () C:\AdwCleaner</p><p>2014-09-17 21:11 - 2014-09-17 21:11 - 00002235 _____ () C:\Users\Teffala\Downloads\fixlist.txt</p><p>2014-09-17 17:37 - 2014-09-17 17:36 - 02105856 _____ (Farbar) C:\Users\Teffala\Desktop\FRST64.exe</p><p>2014-09-17 17:26 - 2014-09-17 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360</p><p>2014-09-17 17:21 - 2014-09-17 16:30 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration</p><p>2014-09-17 17:21 - 2014-09-17 16:30 - 00002525 _____ () C:\Users\Public\Desktop\Norton 360.lnk</p><p>2014-09-17 17:21 - 2014-09-17 16:09 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360</p><p>2014-09-17 17:21 - 2014-09-17 16:09 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64</p><p>2014-09-17 17:19 - 2014-09-17 17:19 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP</p><p>2014-09-17 16:30 - 2014-09-17 16:30 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS</p><p>2014-09-17 16:30 - 2014-09-17 16:30 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT</p><p>2014-09-17 16:30 - 2014-09-17 16:30 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared</p><p>2014-09-17 16:30 - 2014-09-17 16:09 - 00000000 ____D () C:\Program Files (x86)\Norton 360</p><p>2014-09-17 16:29 - 2014-09-17 16:26 - 211811872 ____N (Symantec Corporation) C:\Users\Teffala\Downloads\N360-TW-21.1.0-EN-ROW.exe</p><p>2014-09-17 16:25 - 2014-09-17 16:25 - 00266576 _____ () C:\Windows\Minidump\091714-4352-01.dmp</p><p>2014-09-17 16:25 - 2014-08-31 16:16 - 00000258 __RSH () C:\ProgramData\ntuser.pol</p><p>2014-09-17 16:25 - 2014-07-27 23:15 - 223682904 _____ () C:\Windows\MEMORY.DMP</p><p>2014-09-17 16:25 - 2014-07-27 23:15 - 00000000 ____D () C:\Windows\Minidump</p><p>2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieUserList</p><p>2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieSiteList</p><p>2014-09-17 16:21 - 2014-09-17 16:17 - 00000000 ____D () C:\Users\Teffala\AppData\Local\NPE</p><p>2014-09-17 16:18 - 2014-09-17 16:18 - 00000000 ____D () C:\NPE</p><p>2014-09-17 16:17 - 2014-09-17 16:17 - 00000000 ____D () C:\ProgramData\SMR430</p><p>2014-09-17 16:08 - 2014-09-17 16:04 - 235248307 _____ (Symantec Corporation) C:\Users\Teffala\Downloads\N360_21.1.0.18_MICROSOFT_LOEM60_MRF_2113_10387.exe</p><p>2014-09-17 16:06 - 2014-09-17 16:06 - 00448512 _____ (OldTimer Tools) C:\Users\Teffala\Downloads\TFC.exe</p><p>2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69</p><p>2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iTunes</p><p>2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iPod</p><p>2014-09-15 16:49 - 2014-07-15 10:49 - 00001721 _____ () C:\Users\Public\Desktop\iTunes.lnk</p><p>2014-09-13 14:47 - 2014-09-13 14:47 - 00000219 _____ () C:\Users\Teffala\Desktop\Counter-Strike Global Offensive.url</p><p>2014-09-13 11:23 - 2014-08-16 10:50 - 00000000 ____D () C:\ProgramData\Origin</p><p>2014-09-13 11:23 - 2014-08-16 10:50 - 00000000 ____D () C:\Program Files (x86)\Origin</p><p>2014-09-12 16:26 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\rescache</p><p>2014-09-11 19:30 - 2014-07-03 20:25 - 00000000 ___SD () C:\Windows\system32\CompatTel</p><p>2014-09-11 19:30 - 2014-06-30 16:25 - 00768152 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI</p><p>2014-09-10 16:39 - 2014-09-08 00:46 - 00001355 _____ () C:\Users\Public\Desktop\The Sims 4.lnk</p><p>2014-09-09 08:07 - 2014-09-09 08:07 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(2).exe</p><p>2014-09-08 10:42 - 2014-07-01 20:45 - 00203336 _____ () C:\Windows\DirectX.log</p><p>2014-09-08 10:42 - 2009-07-14 17:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games</p><p>2014-09-08 08:29 - 2014-09-08 08:29 - 00001554 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk</p><p>2014-09-08 08:29 - 2014-09-08 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III</p><p>2014-09-08 08:29 - 2014-08-16 10:52 - 00000000 ____D () C:\Program Files (x86)\Origin Games</p><p>2014-09-08 07:52 - 2014-08-16 11:14 - 00000000 ____D () C:\Users\Teffala\Documents\Electronic Arts</p><p>2014-09-08 00:46 - 2014-09-08 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4</p><p>2014-09-07 08:00 - 2014-09-07 08:00 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(1).exe</p><p>2014-09-06 20:28 - 2014-07-01 23:15 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\vlc</p><p>2014-09-06 18:14 - 2014-08-16 10:51 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Origin</p><p>2014-09-06 17:05 - 2014-09-06 17:05 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Unity</p><p>2014-09-06 17:04 - 2014-09-06 17:04 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Unity</p><p>2014-09-06 17:04 - 2014-09-06 17:03 - 01202032 _____ (Unity Technologies ApS) C:\Users\Teffala\Downloads\UnityWebPlayer.exe</p><p>2014-09-05 14:10 - 2014-09-10 15:56 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll</p><p>2014-09-05 14:05 - 2014-09-10 15:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2014-09-03 19:02 - 2014-09-03 19:02 - 00000023 _____ () C:\Windows\BlendSettings.ini</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Packages</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Bae\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo</p><p>2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator</p><p>2014-08-31 16:16 - 2014-07-10 20:36 - 00000000 ____D () C:\Users\Bae\AppData\Local\Google</p><p>2014-08-31 16:16 - 2014-06-30 16:23 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Google</p><p>2014-08-31 16:16 - 2009-07-14 15:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy</p><p>2014-08-31 16:16 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy</p><p>2014-08-30 20:27 - 2014-08-30 20:27 - 00418417 _____ () C:\Users\Teffala\Downloads\Oblivion Load Order Manager v2-41399.exe</p><p>2014-08-30 20:15 - 2014-08-30 20:15 - 00002998 _____ () C:\Windows\System32\Tasks\{224F0C75-4785-4F09-BFB0-7B4AEA40530A}</p><p>2014-08-30 20:15 - 2014-08-30 20:15 - 00000102 _____ () C:\Windows\SysWOW64\obse_loader.log</p><p>2014-08-30 20:14 - 2014-08-30 20:14 - 00003008 _____ () C:\Windows\System32\Tasks\{BA415C66-F124-4737-9535-112CCEBE344B}</p><p>2014-08-30 17:52 - 2014-08-30 17:52 - 00000000 ____D () C:\Users\Teffala\Documents\4A Games</p><p>2014-08-30 17:51 - 2014-08-11 16:21 - 00000000 ____D () C:\Users\Teffala\AppData\Local\4A Games</p><p>2014-08-30 13:22 - 2014-08-30 13:12 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\.minecraft</p><p>2014-08-29 17:06 - 2014-08-29 17:06 - 00281552 _____ () C:\Windows\Minidump\082914-3806-01.dmp</p><p>2014-08-29 08:07 - 2009-07-14 16:45 - 00437848 _____ () C:\Windows\system32\FNTCACHE.DAT</p><p>2014-08-28 20:50 - 2014-06-30 20:14 - 00000000 ____D () C:\Program Files\Microsoft Office 15</p><p>2014-08-27 19:28 - 2014-08-27 19:28 - 00002213 _____ () C:\Users\Public\Desktop\TES Construction Set (Oblivion).lnk</p><p>2014-08-27 19:09 - 2014-08-27 19:09 - 07326093 _____ (Macrovision Corporation) C:\Users\Teffala\Downloads\tes_construction_set_v1.2.exe</p><p>2014-08-27 19:09 - 2014-06-30 16:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information</p><p>2014-08-27 18:33 - 2014-08-27 18:33 - 01662426 _____ () C:\Users\Teffala\Downloads\obse_0021.zip</p><p>2014-08-27 18:24 - 2014-08-27 18:24 - 00005381 _____ () C:\Users\Teffala\Downloads\Coolsims Hair Pack esp v1-43224-1.zip</p><p>2014-08-27 18:11 - 2014-08-27 18:10 - 07019454 _____ () C:\Users\Teffala\Downloads\Short Jeans HGEC-32150-1-1.zip</p><p>2014-08-27 17:58 - 2014-08-27 17:57 - 18429643 _____ () C:\Users\Teffala\Downloads\Capes and Cloaks-4539.zip</p><p>2014-08-27 16:49 - 2014-08-27 16:48 - 00014336 ___SH () C:\Users\Teffala\Thumbs.db</p><p>2014-08-27 16:25 - 2014-08-27 16:25 - 00001275 _____ () C:\Users\Teffala\Desktop\Oblivion Mod Manager.lnk</p><p>2014-08-27 16:25 - 2014-08-27 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oblivion Mod Manager</p><p>2014-08-27 16:25 - 2014-06-30 16:17 - 00000000 ____D () C:\Users\Teffala\AppData\Local\VirtualStore</p><p>2014-08-26 20:35 - 2014-08-26 20:29 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Oblivion</p><p>2014-08-26 20:30 - 2014-08-26 20:30 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games</p><p>2014-08-26 20:29 - 2014-08-13 15:43 - 00000000 ____D () C:\Users\Teffala\Documents\my games</p><p>2014-08-25 06:53 - 2010-11-21 15:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe</p><p>2014-08-23 14:07 - 2014-08-28 07:51 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll</p><p>2014-08-23 13:45 - 2014-08-28 07:51 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll</p><p>2014-08-23 12:59 - 2014-08-28 07:51 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2014-08-21 19:42 - 2014-08-21 19:42 - 00000221 _____ () C:\Users\Teffala\Desktop\Metro 2033.url</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\Teffala\AppData\Local\Temp\BullseyeCoverage-2-x86.dll</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2014-09-16 20:50</p><p></p><p>==================== End Of Log ============================</p><p>[/SPOILER]</p></blockquote><p></p>
[QUOTE="teffalacat, post: 264504, member: 28033"] [SPOILER="Addition"] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014 Ran by Teffala at 2014-09-20 20:47:29 Running from C:\Users\Teffala\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) Intel(R) Network Connections 19.1.51.0 (Version: 19.1.51.0 - Intel) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden Logitech Gaming Software (Version: 8.30.28 - Logitech Inc.) Hidden Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games) Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla) Mozilla Firefox 32.0.1 (x86 en-US) (HKCU\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) Norton 360 (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) Oblivion - Construction Set (HKLM-x32\...\{23D683DD-93C6-48E6-B84E-78B57778F126}) (Version: 1.00.0000 - Bethesda Softworks) Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.2.0416 - Bethesda Softworks) Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip) OC Button (HKLM-x32\...\InstallShield_{E27E691E-6D86-4BC3-A5AC-E14CFD43CFAD}) (Version: 1.00.0000 - GIGABYTE) OC Button (x32 Version: 1.00.0000 - GIGABYTE) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ON_OFF Charge B13.0403.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.677.20 - Electronic Arts Inc.) The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.) Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics) TP-LINK TL-WDN3800 Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts) XSplit Gamecaster (HKLM-x32\...\{22EE0000-ECB1-486F-B928-990CECFE7B32}) (Version: 1.9.1407.2114 - SplitmediaLabs) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-337889521-3967207631-3113226611-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Teffala\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 16-09-2014 08:43:37 Windows Update 17-09-2014 04:21:11 Norton_Power_Eraser_20140917162111528 17-09-2014 04:28:58 Windows Update 18-09-2014 07:44:41 zoek.exe restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 14:34 - 2009-06-11 09:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0E262069-A86A-4CF8-AC7B-531AF4661062} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-31] (Symantec Corporation) Task: {1EF685B5-D965-4BBF-AFAC-F7FA181C7EA2} - System32\Tasks\{224F0C75-4785-4F09-BFB0-7B4AEA40530A} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\obse_loader.exe [2014-08-27] () Task: {24408EE5-F201-4A06-A529-36CA6111682D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-28] (Microsoft Corporation) Task: {253D2E70-3AFB-4AAF-93B0-50388B2FA22D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation) Task: {268BBEA3-9C9C-4D2C-A77D-5BAD4AF71561} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {31C4DF73-9478-416F-87BF-E2594A8B7158} - System32\Tasks\{C1F68D56-261C-44F0-B42B-CD0791B62005} => F:\Program Files\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe [2014-08-09] (Bethesda Softworks) Task: {361C1807-1D9F-408B-969B-2C5847B5ED73} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\WSCStub.exe [2014-08-01] (Symantec Corporation) Task: {534A6845-7CF2-4A80-A0DD-43FA841D2624} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {6494D785-35C0-4724-ACAF-E2E1EC30543D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {74588776-C78A-42BA-BD14-8F7FADF0061F} - System32\Tasks\{3B137F67-1133-48D8-8520-42DBF6BF6739} => C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_loader.exe [2014-07-08] () Task: {B32F5F75-5010-4FA0-862A-E3C526E47239} - System32\Tasks\{586CB9BC-6A2A-4158-BC91-29091ADD2A90} => F:\Program Files\Program Files (x86)\Steam\SteamApps\common\Skyrim\TESV.exe [2014-08-09] (Bethesda Softworks) Task: {C89ED942-D055-4511-BCBE-05B061AAB253} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\SymErr.exe [2014-01-31] (Symantec Corporation) Task: {D62B979A-CA4D-41DD-84B5-EAE936782B54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-17] (Adobe Systems Incorporated) Task: {E0D55D86-84DA-40A4-9CEF-BA3CF4B98696} - System32\Tasks\Microsoft Office 15 Sync Maintenance for TheBae-Teffala TheBae => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-28] (Microsoft Corporation) Task: {F8E42646-FAA4-4ADB-9EB8-1A890978B7F3} - System32\Tasks\{BA415C66-F124-4737-9535-112CCEBE344B} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe [2006-04-06] (Bethesda Softworks) Task: {FC74819C-158A-409F-9B44-8DD794F07B14} - System32\Tasks\{DC27FF14-FA7B-4296-8CFD-5939BCA23820} => C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\skse_loader.exe [2014-07-08] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-30 20:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-04-09 17:47 - 2013-04-09 17:47 - 00018512 _____ () C:\Program Files (x86)\GIGABYTE\OCBtn\GUP7Serv.exe 2014-08-28 20:49 - 2014-08-28 20:49 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-07-29 06:29 - 2014-07-29 06:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2014-07-29 06:32 - 2014-07-29 06:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2014-07-29 06:29 - 2014-07-29 06:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2014-07-29 06:31 - 2014-07-29 06:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2014-07-10 20:05 - 2013-04-09 11:05 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-02-08 13:50 - 2012-02-08 13:50 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\OCBtn\Ycc.dll 2014-06-30 16:26 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () F:\Program Files\Program Files (x86)\iCloud\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () F:\Program Files\Program Files (x86)\iCloud\libxml2.dll 2014-07-10 20:05 - 2013-01-22 14:40 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2014-07-10 20:05 - 2013-04-02 13:41 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2014-07-10 20:05 - 2013-04-02 13:41 - 00138752 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll 2014-07-10 20:05 - 2013-02-28 11:42 - 00115712 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL 2014-04-23 16:04 - 2014-04-23 16:04 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2014-08-30 17:47 - 2014-08-22 06:15 - 01171456 _____ () F:\Program Files\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-30 17:47 - 2014-08-22 06:15 - 00442368 _____ () F:\Program Files\Program Files (x86)\Steam\libavutil-54.dll 2014-08-30 17:47 - 2014-08-22 06:15 - 00332800 _____ () F:\Program Files\Program Files (x86)\Steam\libavresample-2.dll 2014-07-10 19:59 - 2014-08-21 10:38 - 00774656 _____ () F:\Program Files\Program Files (x86)\Steam\SDL2.dll 2014-07-10 19:59 - 2014-08-28 23:48 - 02224320 _____ () F:\Program Files\Program Files (x86)\Steam\video.dll 2014-08-30 17:47 - 2014-08-22 06:15 - 00403968 _____ () F:\Program Files\Program Files (x86)\Steam\libavformat-56.dll 2014-08-30 17:47 - 2014-08-22 06:15 - 00485888 _____ () F:\Program Files\Program Files (x86)\Steam\libswscale-3.dll 2014-07-10 19:59 - 2014-08-28 23:48 - 00678080 _____ () F:\Program Files\Program Files (x86)\Steam\bin\chromehtml.DLL 2014-07-10 19:59 - 2014-08-21 10:38 - 34589376 _____ () F:\Program Files\Program Files (x86)\Steam\bin\libcef.dll 2014-08-16 16:12 - 2014-08-21 10:38 - 00837824 _____ () F:\Program Files\Program Files (x86)\Steam\bin\ffmpegsumo.dll 2014-09-14 21:08 - 2014-09-14 21:08 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3011 Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3011 Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2013 Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2013 Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1014 Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1014 Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2014 11:10:16 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {1181df69-59e9-4f26-8231-e250eef03fce} System errors: ============= Error: (09/20/2014 02:41:56 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.100. The computer with the IP address 192.168.0.107 did not allow the name to be claimed by this computer. Error: (09/20/2014 01:59:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} Error: (09/20/2014 10:17:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (09/20/2014 10:15:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AppleCharger UsbCharger Error: (09/19/2014 08:47:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (09/19/2014 08:45:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AppleCharger UsbCharger Error: (09/18/2014 07:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (09/18/2014 07:57:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AppleCharger UsbCharger Error: (09/18/2014 07:51:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/18/2014 07:51:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Microsoft Office Sessions: ========================= Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3011 Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3011 Error: (09/20/2014 11:23:19 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2013 Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2013 Error: (09/20/2014 11:23:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1014 Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1014 Error: (09/20/2014 11:23:17 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/20/2014 11:10:16 AM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {1181df69-59e9-4f26-8231-e250eef03fce} ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz Percentage of memory in use: 29% Total physical RAM: 8080.63 MB Available physical RAM: 5731.92 MB Total Pagefile: 16159.45 MB Available Pagefile: 13186.15 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (Solid State Drive) (Fixed) (Total:119.14 GB) (Free:44.49 GB) NTFS Drive d: (Oblivion) (CDROM) (Total:4.22 GB) (Free:0 GB) UDF Drive f: (HDD) (Fixed) (Total:931.51 GB) (Free:675.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 535566F2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: EA085C5A) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================ [/SPOILER][SPOILER="FRST"] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by Teffala (administrator) on THEBAE on 20-09-2014 20:47:06 Running from C:\Users\Teffala\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\Program Files (x86)\GIGABYTE\OCBtn\GUP7Serv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\n360.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\n360.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) F:\Program Files\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Apple Inc.) F:\Program Files\Program Files (x86)\iCloud\iCloudServices.exe (Apple Inc.) F:\Program Files\Program Files (x86)\iCloud\ApplePhotoStreams.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe () F:\Program Files\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (Apple Inc.) F:\Program Files\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) F:\Program Files\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.) F:\Program Files\Program Files (x86)\iCloud\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Valve Corporation) F:\Program Files\Program Files (x86)\Steam\Steam.exe (Valve Corporation) F:\Program Files\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) F:\Program Files\Program Files (x86)\Steam\bin\steamwebhelper.exe (Mozilla Corporation) F:\Program Files\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-27] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-29] (Logitech Inc.) HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" HKLM-x32\...\Run: [ISUSScheduler] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.) HKLM-x32\...\Run: [iTunesHelper] => F:\Program Files\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [ISUSPM Startup] => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [iCloudServices] => F:\Program Files\Program Files (x86)\iCloud\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [ApplePhotoStreams] => F:\Program Files\Program Files (x86)\iCloud\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\Run: [CMD] => cmd.exe /c start [url]http://extendedunlimited.org[/url] && exit <===== ATTENTION HKU\S-1-5-21-337889521-3967207631-3113226611-1000\...\MountPoints2: {7e8149c8-000b-11e4-951b-806e6f6e6963} - D:\Run.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = [url]http://www.google.com/search?q={searchTerms}[/url] SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = [url]http://www.google.com/search?q={searchTerms}[/url] BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Teffala\AppData\Roaming\Mozilla\Firefox\Profiles\vfrjt9ul.default-1411116786267 FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Program Files\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Teffala\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: Adblock Plus - C:\Users\Teffala\AppData\Roaming\Mozilla\Firefox\Profiles\vfrjt9ul.default-1411116786267\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-19] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-20] Chrome: ======= CHR HomePage: Default -> hxxp://[url="http://www.google.com/"]www.google.com/[/url] CHR StartupUrls: Default -> "hxxp://[url="http://www.google.com/"]www.google.com/[/url]" CHR DefaultSearchKeyword: Default -> google.co.nz CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File CHR Plugin: (Norton Confidential) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File CHR Profile: C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01] CHR Extension: (Norton Identity Protection) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-07-02] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-30] CHR Extension: (YouTube) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-30] CHR Extension: (Google Search) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-30] CHR Extension: (Google Wallet) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-30] CHR Extension: (Gmail) - C:\Users\Teffala\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-30] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Teffala\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-01] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation) R2 GUP7Serv; C:\Program Files (x86)\GIGABYTE\OCBtn\GUP7Serv.exe [18512 2013-04-09] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2013-01-22] (Wireless) [File not signed] R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.) R2 N360; C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-08-01] (Symantec Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] () [File not signed] R1 BHDrvx64; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-15] (Intel Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-17] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-17] (Symantec Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140919.001\IDSvia64.sys [633560 2014-09-16] (Symantec Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140919.019\ENG64.SYS [129752 2014-09-17] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140919.019\EX64.SYS [2137304 2014-09-17] (Symantec Corporation) R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-23] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-17] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation) S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] () [File not signed] R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited) S3 EraserUtilDrv11311; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys [X] S3 EraserUtilDrv11410; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11410.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-20 20:47 - 2014-09-20 20:47 - 00019374 _____ () C:\Users\Teffala\Desktop\FRST.txt 2014-09-20 20:38 - 2014-09-20 20:39 - 00000000 ____D () C:\Users\Teffala\Desktop\1ST Scans 2014-09-18 20:12 - 2014-09-20 16:09 - 00000228 _____ () C:\Users\Teffala\BullseyeCoverageError.txt 2014-09-18 19:53 - 2014-09-20 19:05 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TheBae-Teffala TheBae 2014-09-18 19:53 - 2014-09-18 19:43 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-09-18 19:44 - 2014-09-18 19:57 - 00017665 _____ () C:\zoek-results.log 2014-09-18 19:43 - 2014-09-18 19:53 - 00000000 ____D () C:\zoek_backup 2014-09-17 22:01 - 2014-09-17 22:03 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Adobe 2014-09-17 21:22 - 2014-09-17 21:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-17 21:22 - 2014-09-17 21:22 - 00001119 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-09-17 21:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-17 21:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-17 21:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-17 21:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-17 21:18 - 2014-09-17 21:19 - 00000000 ____D () C:\AdwCleaner 2014-09-17 21:11 - 2014-09-17 21:11 - 00002235 _____ () C:\Users\Teffala\Downloads\fixlist.txt 2014-09-17 17:37 - 2014-09-20 20:47 - 00000000 ____D () C:\FRST 2014-09-17 17:36 - 2014-09-17 17:37 - 02105856 _____ (Farbar) C:\Users\Teffala\Desktop\FRST64.exe 2014-09-17 17:26 - 2014-09-17 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360 2014-09-17 17:19 - 2014-09-17 17:19 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP 2014-09-17 16:30 - 2014-09-17 17:21 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-09-17 16:30 - 2014-09-17 17:21 - 00002525 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-09-17 16:30 - 2014-09-17 16:30 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-09-17 16:30 - 2014-09-17 16:30 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-09-17 16:30 - 2014-09-17 16:30 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-09-17 16:26 - 2014-09-17 16:29 - 211811872 ____N (Symantec Corporation) C:\Users\Teffala\Downloads\N360-TW-21.1.0-EN-ROW.exe 2014-09-17 16:25 - 2014-09-17 16:25 - 00266576 _____ () C:\Windows\Minidump\091714-4352-01.dmp 2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieUserList 2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieSiteList 2014-09-17 16:18 - 2014-09-17 16:18 - 00000000 ____D () C:\NPE 2014-09-17 16:17 - 2014-09-17 16:21 - 00000000 ____D () C:\Users\Teffala\AppData\Local\NPE 2014-09-17 16:17 - 2014-09-17 16:17 - 00000000 ____D () C:\ProgramData\SMR430 2014-09-17 16:09 - 2014-09-17 17:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-09-17 16:09 - 2014-09-17 17:21 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64 2014-09-17 16:09 - 2014-09-17 16:30 - 00000000 ____D () C:\Program Files (x86)\Norton 360 2014-09-17 16:06 - 2014-09-17 16:06 - 00448512 _____ (OldTimer Tools) C:\Users\Teffala\Downloads\TFC.exe 2014-09-17 16:04 - 2014-09-17 16:08 - 235248307 _____ (Symantec Corporation) C:\Users\Teffala\Downloads\N360_21.1.0.18_MICROSOFT_LOEM60_MRF_2113_10387.exe 2014-09-15 16:49 - 2014-09-18 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iTunes 2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iPod 2014-09-13 14:47 - 2014-09-13 14:47 - 00000219 _____ () C:\Users\Teffala\Desktop\Counter-Strike Global Offensive.url 2014-09-11 19:31 - 2014-08-20 06:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 19:31 - 2014-08-20 05:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 19:31 - 2014-08-19 11:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 19:31 - 2014-08-19 10:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 19:31 - 2014-08-19 10:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 19:31 - 2014-08-19 10:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 19:31 - 2014-08-19 10:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 19:31 - 2014-08-19 10:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 19:31 - 2014-08-19 10:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 19:31 - 2014-08-19 10:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 19:31 - 2014-08-19 10:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 19:31 - 2014-08-19 10:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 19:31 - 2014-08-19 10:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 19:31 - 2014-08-19 10:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 19:31 - 2014-08-19 10:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 19:31 - 2014-08-19 10:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 19:31 - 2014-08-19 10:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 19:31 - 2014-08-19 10:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 19:31 - 2014-08-19 10:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 19:31 - 2014-08-19 09:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 19:31 - 2014-08-19 09:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 19:31 - 2014-08-19 09:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 19:31 - 2014-08-19 09:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 19:31 - 2014-08-19 09:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 19:31 - 2014-08-19 09:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 19:31 - 2014-08-19 09:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 19:31 - 2014-08-19 09:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 19:31 - 2014-08-19 09:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 19:31 - 2014-08-19 09:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 19:31 - 2014-08-19 09:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 19:31 - 2014-08-19 09:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 19:31 - 2014-08-19 09:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 19:31 - 2014-08-19 09:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 19:31 - 2014-08-19 09:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 19:31 - 2014-08-19 09:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 19:31 - 2014-08-19 09:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 19:31 - 2014-08-19 09:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 19:31 - 2014-08-19 09:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 19:31 - 2014-08-19 09:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 19:31 - 2014-08-19 09:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 19:31 - 2014-08-19 09:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 19:31 - 2014-08-19 09:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 19:31 - 2014-08-19 09:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 19:31 - 2014-08-19 09:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 19:31 - 2014-08-19 09:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 19:31 - 2014-08-19 09:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 19:31 - 2014-08-19 09:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 19:31 - 2014-08-19 09:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 19:31 - 2014-08-19 09:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 19:31 - 2014-08-19 09:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 19:31 - 2014-08-19 09:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 19:31 - 2014-08-19 08:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 19:31 - 2014-08-19 08:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 19:31 - 2014-08-19 08:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 19:31 - 2014-08-19 08:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 19:31 - 2014-08-19 08:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 19:30 - 2014-06-27 14:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 19:30 - 2014-06-27 13:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 16:08 - 2014-08-01 23:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 16:08 - 2014-08-01 23:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 15:56 - 2014-09-05 14:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 15:56 - 2014-09-05 14:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 15:56 - 2014-07-07 14:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 15:56 - 2014-07-07 14:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 15:56 - 2014-07-07 13:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 15:56 - 2014-07-07 13:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 15:56 - 2014-07-07 13:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-10 15:56 - 2014-06-24 15:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 15:56 - 2014-06-24 14:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-09 08:07 - 2014-09-09 08:07 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(2).exe 2014-09-08 08:29 - 2014-09-08 08:29 - 00001554 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk 2014-09-08 08:29 - 2014-09-08 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III 2014-09-08 00:46 - 2014-09-10 16:39 - 00001355 _____ () C:\Users\Public\Desktop\The Sims 4.lnk 2014-09-08 00:46 - 2014-09-08 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 2014-09-07 08:00 - 2014-09-07 08:00 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(1).exe 2014-09-06 17:05 - 2014-09-06 17:05 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Unity 2014-09-06 17:04 - 2014-09-06 17:04 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Unity 2014-09-06 17:03 - 2014-09-06 17:04 - 01202032 _____ (Unity Technologies ApS) C:\Users\Teffala\Downloads\UnityWebPlayer.exe 2014-09-03 19:02 - 2014-09-03 19:02 - 00000023 _____ () C:\Windows\BlendSettings.ini 2014-08-31 16:16 - 2014-09-17 16:25 - 00000258 __RSH () C:\ProgramData\ntuser.pol 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Packages 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Bae\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator 2014-08-30 20:27 - 2014-08-30 20:27 - 00418417 _____ () C:\Users\Teffala\Downloads\Oblivion Load Order Manager v2-41399.exe 2014-08-30 20:15 - 2014-08-30 20:15 - 00002998 _____ () C:\Windows\System32\Tasks\{224F0C75-4785-4F09-BFB0-7B4AEA40530A} 2014-08-30 20:15 - 2014-08-30 20:15 - 00000102 _____ () C:\Windows\SysWOW64\obse_loader.log 2014-08-30 20:14 - 2014-08-30 20:14 - 00003008 _____ () C:\Windows\System32\Tasks\{BA415C66-F124-4737-9535-112CCEBE344B} 2014-08-30 17:52 - 2014-08-30 17:52 - 00000000 ____D () C:\Users\Teffala\Documents\4A Games 2014-08-30 13:12 - 2014-08-30 13:22 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\.minecraft 2014-08-29 17:06 - 2014-08-29 17:06 - 00281552 _____ () C:\Windows\Minidump\082914-3806-01.dmp 2014-08-28 07:51 - 2014-08-23 14:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 07:51 - 2014-08-23 13:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 07:51 - 2014-08-23 12:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-27 19:28 - 2014-08-27 19:28 - 00002213 _____ () C:\Users\Public\Desktop\TES Construction Set (Oblivion).lnk 2014-08-27 19:09 - 2014-08-27 19:09 - 07326093 _____ (Macrovision Corporation) C:\Users\Teffala\Downloads\tes_construction_set_v1.2.exe 2014-08-27 18:36 - 2014-09-17 21:42 - 00002027 _____ () C:\Users\Teffala\Desktop\obse_loader - Shortcut.lnk 2014-08-27 18:33 - 2014-08-27 18:33 - 01662426 _____ () C:\Users\Teffala\Downloads\obse_0021.zip 2014-08-27 18:24 - 2014-08-27 18:24 - 00005381 _____ () C:\Users\Teffala\Downloads\Coolsims Hair Pack esp v1-43224-1.zip 2014-08-27 18:10 - 2014-08-27 18:11 - 07019454 _____ () C:\Users\Teffala\Downloads\Short Jeans HGEC-32150-1-1.zip 2014-08-27 17:57 - 2014-08-27 17:58 - 18429643 _____ () C:\Users\Teffala\Downloads\Capes and Cloaks-4539.zip 2014-08-27 16:48 - 2014-08-27 16:49 - 00014336 ___SH () C:\Users\Teffala\Thumbs.db 2014-08-27 16:40 - 2014-09-17 21:40 - 00000000 ____D () C:\Users\Teffala\Desktop\Data 2014-08-27 16:25 - 2014-08-27 16:25 - 00001275 _____ () C:\Users\Teffala\Desktop\Oblivion Mod Manager.lnk 2014-08-27 16:25 - 2014-08-27 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oblivion Mod Manager 2014-08-26 20:30 - 2014-08-26 20:30 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-08-26 20:29 - 2014-08-26 20:35 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Oblivion 2014-08-21 19:42 - 2014-08-21 19:42 - 00000221 _____ () C:\Users\Teffala\Desktop\Metro 2033.url ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-20 20:47 - 2014-09-20 20:47 - 00019374 _____ () C:\Users\Teffala\Desktop\FRST.txt 2014-09-20 20:47 - 2014-09-17 17:37 - 00000000 ____D () C:\FRST 2014-09-20 20:44 - 2014-07-01 19:36 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Skype 2014-09-20 20:39 - 2014-09-20 20:38 - 00000000 ____D () C:\Users\Teffala\Desktop\1ST Scans 2014-09-20 20:38 - 2014-07-06 19:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-20 20:38 - 2009-07-14 16:51 - 00074006 _____ () C:\Windows\setupact.log 2014-09-20 20:34 - 2014-06-30 16:23 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-20 19:05 - 2014-09-18 19:53 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TheBae-Teffala TheBae 2014-09-20 18:34 - 2014-06-30 16:23 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-20 17:04 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-09-20 16:09 - 2014-09-18 20:12 - 00000228 _____ () C:\Users\Teffala\BullseyeCoverageError.txt 2014-09-20 15:31 - 2014-06-30 16:17 - 01296644 _____ () C:\Windows\WindowsUpdate.log 2014-09-20 10:23 - 2014-08-13 15:54 - 00000000 ____D () C:\Users\Teffala\AppData\Local\LogMeIn Hamachi 2014-09-20 10:22 - 2009-07-14 16:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-20 10:22 - 2009-07-14 16:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-20 10:19 - 2009-07-14 17:13 - 00784286 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-20 10:15 - 2014-06-30 16:37 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2014-09-20 10:15 - 2009-07-14 17:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-18 20:12 - 2014-06-30 16:17 - 00000000 ____D () C:\Users\Teffala 2014-09-18 19:57 - 2014-09-18 19:44 - 00017665 _____ () C:\zoek-results.log 2014-09-18 19:57 - 2010-11-21 15:47 - 00858034 _____ () C:\Windows\PFRO.log 2014-09-18 19:53 - 2014-09-18 19:43 - 00000000 ____D () C:\zoek_backup 2014-09-18 19:51 - 2014-07-08 21:10 - 00000000 ____D () C:\Users\Teffala\AppData\Local\CrashDumps 2014-09-18 19:43 - 2014-09-18 19:53 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-09-18 12:25 - 2014-09-15 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-18 12:25 - 2014-06-30 16:25 - 00000000 ____D () C:\ProgramData\Norton 2014-09-18 12:25 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\registration 2014-09-17 22:03 - 2014-09-17 22:01 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Adobe 2014-09-17 22:02 - 2014-07-06 19:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-17 22:02 - 2014-07-06 19:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-17 22:02 - 2014-07-06 19:31 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-17 21:42 - 2014-08-27 18:36 - 00002027 _____ () C:\Users\Teffala\Desktop\obse_loader - Shortcut.lnk 2014-09-17 21:40 - 2014-08-27 16:40 - 00000000 ____D () C:\Users\Teffala\Desktop\Data 2014-09-17 21:27 - 2014-09-17 21:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-17 21:22 - 2014-09-17 21:22 - 00001119 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-17 21:22 - 2014-09-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-09-17 21:19 - 2014-09-17 21:18 - 00000000 ____D () C:\AdwCleaner 2014-09-17 21:11 - 2014-09-17 21:11 - 00002235 _____ () C:\Users\Teffala\Downloads\fixlist.txt 2014-09-17 17:37 - 2014-09-17 17:36 - 02105856 _____ (Farbar) C:\Users\Teffala\Desktop\FRST64.exe 2014-09-17 17:26 - 2014-09-17 17:26 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360 2014-09-17 17:21 - 2014-09-17 16:30 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-09-17 17:21 - 2014-09-17 16:30 - 00002525 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-09-17 17:21 - 2014-09-17 16:09 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-09-17 17:21 - 2014-09-17 16:09 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64 2014-09-17 17:19 - 2014-09-17 17:19 - 00000000 ____D () C:\Windows\SysWOW64\N360_BACKUP 2014-09-17 16:30 - 2014-09-17 16:30 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-09-17 16:30 - 2014-09-17 16:30 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-09-17 16:30 - 2014-09-17 16:30 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-09-17 16:30 - 2014-09-17 16:09 - 00000000 ____D () C:\Program Files (x86)\Norton 360 2014-09-17 16:29 - 2014-09-17 16:26 - 211811872 ____N (Symantec Corporation) C:\Users\Teffala\Downloads\N360-TW-21.1.0-EN-ROW.exe 2014-09-17 16:25 - 2014-09-17 16:25 - 00266576 _____ () C:\Windows\Minidump\091714-4352-01.dmp 2014-09-17 16:25 - 2014-08-31 16:16 - 00000258 __RSH () C:\ProgramData\ntuser.pol 2014-09-17 16:25 - 2014-07-27 23:15 - 223682904 _____ () C:\Windows\MEMORY.DMP 2014-09-17 16:25 - 2014-07-27 23:15 - 00000000 ____D () C:\Windows\Minidump 2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieUserList 2014-09-17 16:21 - 2014-09-17 16:21 - 00000000 __SHD () C:\Users\Teffala\AppData\Local\EmieSiteList 2014-09-17 16:21 - 2014-09-17 16:17 - 00000000 ____D () C:\Users\Teffala\AppData\Local\NPE 2014-09-17 16:18 - 2014-09-17 16:18 - 00000000 ____D () C:\NPE 2014-09-17 16:17 - 2014-09-17 16:17 - 00000000 ____D () C:\ProgramData\SMR430 2014-09-17 16:08 - 2014-09-17 16:04 - 235248307 _____ (Symantec Corporation) C:\Users\Teffala\Downloads\N360_21.1.0.18_MICROSOFT_LOEM60_MRF_2113_10387.exe 2014-09-17 16:06 - 2014-09-17 16:06 - 00448512 _____ (OldTimer Tools) C:\Users\Teffala\Downloads\TFC.exe 2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iTunes 2014-09-15 16:49 - 2014-09-15 16:49 - 00000000 ____D () C:\Program Files\iPod 2014-09-15 16:49 - 2014-07-15 10:49 - 00001721 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-09-13 14:47 - 2014-09-13 14:47 - 00000219 _____ () C:\Users\Teffala\Desktop\Counter-Strike Global Offensive.url 2014-09-13 11:23 - 2014-08-16 10:50 - 00000000 ____D () C:\ProgramData\Origin 2014-09-13 11:23 - 2014-08-16 10:50 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-12 16:26 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\rescache 2014-09-11 19:30 - 2014-07-03 20:25 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-11 19:30 - 2014-06-30 16:25 - 00768152 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-10 16:39 - 2014-09-08 00:46 - 00001355 _____ () C:\Users\Public\Desktop\The Sims 4.lnk 2014-09-09 08:07 - 2014-09-09 08:07 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(2).exe 2014-09-08 10:42 - 2014-07-01 20:45 - 00203336 _____ () C:\Windows\DirectX.log 2014-09-08 10:42 - 2009-07-14 17:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-09-08 08:29 - 2014-09-08 08:29 - 00001554 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk 2014-09-08 08:29 - 2014-09-08 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III 2014-09-08 08:29 - 2014-08-16 10:52 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-09-08 07:52 - 2014-08-16 11:14 - 00000000 ____D () C:\Users\Teffala\Documents\Electronic Arts 2014-09-08 00:46 - 2014-09-08 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 2014-09-07 08:00 - 2014-09-07 08:00 - 01057472 _____ (Adobe) C:\Users\Teffala\Downloads\install_flashplayer14x32au_mssa_aaa_aih(1).exe 2014-09-06 20:28 - 2014-07-01 23:15 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\vlc 2014-09-06 18:14 - 2014-08-16 10:51 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Origin 2014-09-06 17:05 - 2014-09-06 17:05 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Unity 2014-09-06 17:04 - 2014-09-06 17:04 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Unity 2014-09-06 17:04 - 2014-09-06 17:03 - 01202032 _____ (Unity Technologies ApS) C:\Users\Teffala\Downloads\UnityWebPlayer.exe 2014-09-05 14:10 - 2014-09-10 15:56 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 14:05 - 2014-09-10 15:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-03 19:02 - 2014-09-03 19:02 - 00000023 _____ () C:\Windows\BlendSettings.ini 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Packages 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Guest 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Bae\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-08-31 16:16 - 2014-08-31 16:16 - 00000000 ____D () C:\Users\Administrator 2014-08-31 16:16 - 2014-07-10 20:36 - 00000000 ____D () C:\Users\Bae\AppData\Local\Google 2014-08-31 16:16 - 2014-06-30 16:23 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Google 2014-08-31 16:16 - 2009-07-14 15:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-08-31 16:16 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-08-30 20:27 - 2014-08-30 20:27 - 00418417 _____ () C:\Users\Teffala\Downloads\Oblivion Load Order Manager v2-41399.exe 2014-08-30 20:15 - 2014-08-30 20:15 - 00002998 _____ () C:\Windows\System32\Tasks\{224F0C75-4785-4F09-BFB0-7B4AEA40530A} 2014-08-30 20:15 - 2014-08-30 20:15 - 00000102 _____ () C:\Windows\SysWOW64\obse_loader.log 2014-08-30 20:14 - 2014-08-30 20:14 - 00003008 _____ () C:\Windows\System32\Tasks\{BA415C66-F124-4737-9535-112CCEBE344B} 2014-08-30 17:52 - 2014-08-30 17:52 - 00000000 ____D () C:\Users\Teffala\Documents\4A Games 2014-08-30 17:51 - 2014-08-11 16:21 - 00000000 ____D () C:\Users\Teffala\AppData\Local\4A Games 2014-08-30 13:22 - 2014-08-30 13:12 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\.minecraft 2014-08-29 17:06 - 2014-08-29 17:06 - 00281552 _____ () C:\Windows\Minidump\082914-3806-01.dmp 2014-08-29 08:07 - 2009-07-14 16:45 - 00437848 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 20:50 - 2014-06-30 20:14 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-08-27 19:28 - 2014-08-27 19:28 - 00002213 _____ () C:\Users\Public\Desktop\TES Construction Set (Oblivion).lnk 2014-08-27 19:09 - 2014-08-27 19:09 - 07326093 _____ (Macrovision Corporation) C:\Users\Teffala\Downloads\tes_construction_set_v1.2.exe 2014-08-27 19:09 - 2014-06-30 16:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-27 18:33 - 2014-08-27 18:33 - 01662426 _____ () C:\Users\Teffala\Downloads\obse_0021.zip 2014-08-27 18:24 - 2014-08-27 18:24 - 00005381 _____ () C:\Users\Teffala\Downloads\Coolsims Hair Pack esp v1-43224-1.zip 2014-08-27 18:11 - 2014-08-27 18:10 - 07019454 _____ () C:\Users\Teffala\Downloads\Short Jeans HGEC-32150-1-1.zip 2014-08-27 17:58 - 2014-08-27 17:57 - 18429643 _____ () C:\Users\Teffala\Downloads\Capes and Cloaks-4539.zip 2014-08-27 16:49 - 2014-08-27 16:48 - 00014336 ___SH () C:\Users\Teffala\Thumbs.db 2014-08-27 16:25 - 2014-08-27 16:25 - 00001275 _____ () C:\Users\Teffala\Desktop\Oblivion Mod Manager.lnk 2014-08-27 16:25 - 2014-08-27 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oblivion Mod Manager 2014-08-27 16:25 - 2014-06-30 16:17 - 00000000 ____D () C:\Users\Teffala\AppData\Local\VirtualStore 2014-08-26 20:35 - 2014-08-26 20:29 - 00000000 ____D () C:\Users\Teffala\AppData\Local\Oblivion 2014-08-26 20:30 - 2014-08-26 20:30 - 00000000 ____D () C:\Users\Teffala\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-08-26 20:29 - 2014-08-13 15:43 - 00000000 ____D () C:\Users\Teffala\Documents\my games 2014-08-25 06:53 - 2010-11-21 15:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-08-23 14:07 - 2014-08-28 07:51 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 13:45 - 2014-08-28 07:51 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 12:59 - 2014-08-28 07:51 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-21 19:42 - 2014-08-21 19:42 - 00000221 _____ () C:\Users\Teffala\Desktop\Metro 2033.url Some content of TEMP: ==================== C:\Users\Teffala\AppData\Local\Temp\BullseyeCoverage-2-x86.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-16 20:50 ==================== End Of Log ============================ [/SPOILER] [/QUOTE]
Insert quotes…
Verification
Post reply
Top