Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Gameharbor webpage opens at startup
Message
<blockquote data-quote="KK_corn" data-source="post: 266724" data-attributes="member: 28264"><p><strong><u>the FRST:</u></strong></p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014</p><p>Ran by user (administrator) on USER-PC on 24-09-2014 13:06:21</p><p>Running from C:\Users\user\Desktop\FARBAR</p><p>Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe</p><p>(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe</p><p>(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe</p><p>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe</p><p>(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe</p><p>(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>() D:\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe</p><p>(CyberLink) D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe</p><p>(CyberLink) D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe</p><p>(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe</p><p>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe</p><p>(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe</p><p>(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe</p><p>() C:\Windows\SysWOW64\PnkBstrA.exe</p><p>(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe</p><p>(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe</p><p>(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe</p><p>(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe</p><p>(<a href="http://www.gmailnotifier.com" target="_blank">www.gmailnotifier.com</a>) D:\Gmail Notifier\Gmail Notifier.exe</p><p>(Hewlett-Packard Co.) D:\HP\Digital Imaging\bin\hpqtra08.exe</p><p>(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe</p><p>(CyberLink Corp.) D:\PowerDVD11\PowerDVD11\PDVD11Serv.exe</p><p>(Hewlett-Packard) D:\HP\HP Software Update\hpwuschd2.exe</p><p>(Apple Inc.) D:\Itunes\iTunesHelper.exe</p><p>(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe</p><p>(Hewlett-Packard Co.) D:\HP\Digital Imaging\bin\hpqste08.exe</p><p>(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe</p><p>(Hewlett-Packard Co.) D:\HP\Digital Imaging\bin\hpqbam08.exe</p><p>(Hewlett-Packard) D:\HP\Digital Imaging\bin\hpqgpc01.exe</p><p>(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)</p><p>HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)</p><p>HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)</p><p>HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)</p><p>HKLM\...\Run: [BDAgent] => C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1091200 2012-12-12] (Bitdefender)</p><p>HKLM\...\Run: [BCSSync] => D:\Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)</p><p>HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)</p><p>HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart</p><p>HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [RemoteControl11] => D:\PowerDVD11\PowerDVD11\PDVD11Serv.exe [230696 2011-09-14] (CyberLink Corp.)</p><p>HKLM-x32\...\Run: [HP Software Update] => D:\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)</p><p>HKLM-x32\...\Run: [] => [X]</p><p>HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)</p><p>HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)</p><p>HKLM-x32\...\Run: [iTunesHelper] => D:\Itunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()</p><p>HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)</p><p>HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-03] (Google Inc.)</p><p>HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)</p><p>HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()</p><p>HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [CMD] => cmd.exe /c start <a href="http://adverttraff.org" target="_blank">http://adverttraff.org</a> && exit <===== ATTENTION</p><p>HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Gmail Notifier.exe] => D:\Gmail Notifier\Gmail Notifier.exe [2155008 2011-04-07] (<a href="http://www.gmailnotifier.com" target="_blank">www.gmailnotifier.com</a>)</p><p>HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\MountPoints2: {cc752a3e-d585-11e0-8d32-00268316611c} - F:\Setup.exe</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk</p><p>ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)</p><p>ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)</p><p>ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)</p><p>ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = <a href="http://il.msn.com/?ocid=iehp" target="_blank">http://il.msn.com/?ocid=iehp</a></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBDEFD9B99069CC01</p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he</p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe</p><p>BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> D:\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)</p><p>BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)</p><p>BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)</p><p>BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)</p><p>BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Arc\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)</p><p>BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)</p><p>BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)</p><p>BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> D:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)</p><p>DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} <a href="http://support.asus.com/select/asusTek_sys_ctrl3.cab" target="_blank">http://support.asus.com/select/asusTek_sys_ctrl3.cab</a></p><p>DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} <a href="http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab" target="_blank">http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab</a></p><p>DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} <a href="http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab" target="_blank">http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab</a></p><p>Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)</p><p>Hosts: 46.23.70.78 pagead2.googlesyndication.com</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.1</p><p></p><p>FireFox:</p><p>========</p><p>FF Plugin: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Itunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)</p><p>FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)</p><p>FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)</p><p>FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)</p><p>FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Arc\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p>FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)</p><p>FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File</p><p>FF HKLM\...\Thunderbird\Extensions: [<a href="mailto:bdThunderbird@bitdefender.com">bdThunderbird@bitdefender.com</a>] - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext</p><p>FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext [2012-07-04]</p><p>FF HKLM-x32\...\Firefox\Extensions: [<a href="mailto:smartwebprinting@hp.com">smartwebprinting@hp.com</a>] - D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3</p><p>FF Extension: HP Smart Web Printing - D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-12]</p><p>FF HKLM-x32\...\Firefox\Extensions: [<a href="mailto:FFPDFArchitectConverter@pdfarchitect.com">FFPDFArchitectConverter@pdfarchitect.com</a>] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt</p><p>FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-20]</p><p>FF HKLM-x32\...\Thunderbird\Extensions: [<a href="mailto:bdThunderbird@bitdefender.com">bdThunderbird@bitdefender.com</a>] - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext</p><p>FF HKCU\...\Firefox\Extensions: [<a href="mailto:smartwebprinting@hp.com">smartwebprinting@hp.com</a>] - D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3</p><p></p><p>Chrome: </p><p>=======</p><p>CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]</p><p>CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]</p><p>CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-13]</p><p>CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-13]</p><p>CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]</p><p>CHR Extension: (CourseGem) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfnpkdhcmgcajclojcfhciacciogdcd [2014-04-10]</p><p>CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-13]</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 ArcService; D:\Arc\Arc\ArcService.exe [88400 2014-07-02] (Perfect World Entertainment Inc)</p><p>R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]</p><p>R2 CLHNServiceForPowerDVD; D:\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()</p><p>R2 CyberLink PowerDVD 11.0 Monitor Service; D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-09-02] (CyberLink)</p><p>R2 CyberLink PowerDVD 11.0 Service; D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-09-02] (CyberLink)</p><p>R3 hpqcxs08; D:\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)</p><p>R2 hpqddsvc; D:\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)</p><p>R2 HPSLPSVC; D:\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1043584 2010-01-30] (Hewlett-Packard Co.)</p><p>S3 Microsoft SharePoint Workspace Audit Service; D:\Office\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation)</p><p>R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]</p><p>R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)</p><p>R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)</p><p>R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)</p><p>R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)</p><p>R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]</p><p>R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-28] ()</p><p>R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)</p><p>S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [466736 2011-10-14] (BitDefender)</p><p>R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [67904 2012-09-01] (Bitdefender)</p><p>R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1957912 2012-12-12] (Bitdefender)</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2012-12-12] (BitDefender)</p><p>R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-12-12] (BitDefender)</p><p>R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2012-12-12] (BitDefender)</p><p>R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93160 2012-09-01] (BitDefender LLC)</p><p>R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [442088 2011-08-16] (BitDefender)</p><p>R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)</p><p>S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [79952 2011-11-17] (BitDefender SRL)</p><p>R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender)</p><p>R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-02] (DT Soft Ltd)</p><p>S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()</p><p>S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()</p><p>R2 ntk_PowerDVD; D:\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [75248 2011-08-24] (Cyberlink Corp.)</p><p>R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)</p><p>R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)</p><p>R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [329800 2011-10-27] (BitDefender S.R.L.)</p><p>S3 WinRing0_1_2_0; C:\Users\user\Desktop\RealTemp_360\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)</p><p>R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; D:\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-09-02] (CyberLink Corp.)</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-09-23 21:40 - 2014-09-23 22:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-09-23 21:40 - 2014-09-10 01:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll</p><p>2014-09-23 21:40 - 2014-09-10 00:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-09-23 21:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2014-09-23 21:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys</p><p>2014-09-23 21:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys</p><p>2014-09-23 21:36 - 2014-09-23 21:36 - 00002692 _____ () C:\Users\user\Desktop\AdwCleaner[S0].txt</p><p>2014-09-23 21:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll</p><p>2014-09-23 21:31 - 2014-09-23 21:33 - 00000000 ____D () C:\AdwCleaner</p><p>2014-09-23 21:30 - 2014-09-23 21:31 - 01373475 _____ () C:\Users\user\Desktop\AdwCleaner.exe</p><p>2014-09-23 12:48 - 2014-09-24 13:06 - 00000000 ____D () C:\Users\user\Desktop\FARBAR</p><p>2014-09-23 12:33 - 2014-09-24 13:06 - 00000000 ____D () C:\FRST</p><p>2014-09-22 20:03 - 2014-09-22 20:19 - 00001011 _____ () C:\Users\user\Desktop\Hitman Absolution.lnk</p><p>2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX</p><p>2014-09-21 00:20 - 2014-09-21 00:20 - 00073611 _____ () C:\Users\user\Downloads\[katproxy.com]hitman.absolution.skidrow.torrent</p><p>2014-09-16 21:48 - 2014-09-16 21:48 - 00054765 _____ () C:\Users\user\Downloads\eu4_v1-7-0-0_STEAM_unknown_S44_T10.CT</p><p>2014-09-16 21:46 - 2014-09-16 21:46 - 00054897 _____ () C:\Users\user\Downloads\eu4_v1-7-3-0_STEAM_unknown_S44_T10.CT</p><p>2014-09-15 00:09 - 2014-09-15 00:09 - 00017166 _____ () C:\Users\user\Downloads\[kickass.to]aliens.vs.predator.2010.rus.eng.repack.by.rg.mechanics.torrent</p><p>2014-09-14 23:31 - 2014-09-14 23:31 - 00091209 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.codex.torrent</p><p>2014-09-14 23:30 - 2014-09-14 23:30 - 00018462 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.2014.dlc.pc.repack.by.r.g.steamgames.torrent</p><p>2014-09-13 23:15 - 2014-09-13 23:15 - 00000652 _____ () C:\Users\user\Desktop\Europa Universalis IV Res Publica.lnk</p><p>2014-09-13 23:15 - 2014-09-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Res Publica</p><p>2014-09-13 22:56 - 2014-09-13 22:56 - 00115383 _____ () C:\Users\user\Downloads\[kickass.to]europa.universalis.iv.res.publica.codex.torrent</p><p>2014-09-11 05:29 - 2014-08-19 21:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2014-09-11 05:29 - 2014-08-19 20:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2014-09-11 05:29 - 2014-08-19 02:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2014-09-11 05:29 - 2014-08-19 01:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll</p><p>2014-09-11 05:29 - 2014-08-19 01:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe</p><p>2014-09-11 05:29 - 2014-08-19 01:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe</p><p>2014-09-11 05:29 - 2014-08-19 00:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2014-09-11 05:29 - 2014-08-19 00:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe</p><p>2014-09-11 05:29 - 2014-08-19 00:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2014-09-11 05:29 - 2014-08-19 00:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2014-09-11 05:29 - 2014-08-19 00:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2014-09-11 05:29 - 2014-08-19 00:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2014-09-11 05:29 - 2014-08-19 00:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2014-09-11 05:29 - 2014-08-19 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll</p><p>2014-09-11 05:29 - 2014-08-18 23:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2014-09-11 05:29 - 2014-08-18 23:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2014-09-11 05:29 - 2014-08-18 23:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2014-09-11 05:29 - 2014-08-18 23:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2014-09-11 05:29 - 2014-08-18 23:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2014-09-11 05:21 - 2014-06-27 05:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll</p><p>2014-09-11 05:21 - 2014-06-27 04:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll</p><p>2014-09-11 05:02 - 2014-09-05 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll</p><p>2014-09-11 05:02 - 2014-09-05 05:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2014-09-11 05:02 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll</p><p>2014-09-11 05:02 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll</p><p>2014-09-11 05:02 - 2014-07-07 05:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll</p><p>2014-09-11 05:02 - 2014-07-07 05:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll</p><p>2014-09-11 05:02 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</p><p>2014-09-11 05:02 - 2014-07-07 04:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll</p><p>2014-09-11 05:02 - 2014-07-07 04:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll</p><p>2014-09-11 05:02 - 2014-06-24 06:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll</p><p>2014-09-11 05:02 - 2014-06-24 05:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll</p><p>2014-09-11 03:53 - 2014-09-11 03:53 - 00017480 _____ () C:\Users\user\Downloads\social liberals.zip</p><p>2014-09-09 15:59 - 2014-09-09 15:59 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (2).xls</p><p>2014-09-08 21:58 - 2014-09-08 21:58 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (1).xls</p><p>2014-09-08 19:18 - 2014-09-08 19:18 - 00056832 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש.xls</p><p>2014-09-06 00:52 - 2014-09-06 00:52 - 00000598 _____ () C:\Users\Public\Desktop\Victoria.lnk</p><p>2014-09-06 00:51 - 2014-09-06 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Entertainment</p><p>2014-09-04 13:42 - 2014-09-04 13:42 - 00031107 _____ () C:\Users\user\Downloads\[katproxy.com]pc.game.victoria.an.empire.under.the.sun.strategy.game.team.mjy.rar.torrent</p><p>2014-09-04 13:31 - 2014-09-04 13:31 - 00001760 _____ () C:\Users\user\Downloads\[kickassunblock.eu]kate.upton.leaked.and.hacked.nude.pics.torrent</p><p>2014-08-30 23:32 - 2014-07-25 17:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll</p><p>2014-08-30 23:32 - 2014-07-25 17:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll</p><p>2014-08-30 23:32 - 2014-07-02 20:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll</p><p>2014-08-30 23:29 - 2014-07-02 23:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll</p><p>2014-08-30 23:29 - 2014-03-31 19:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys</p><p>2014-08-30 23:29 - 2014-03-31 19:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll</p><p>2014-08-30 22:33 - 2014-08-30 22:33 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies</p><p>2014-08-30 22:31 - 2014-08-30 22:31 - 00000000 ____D () C:\ProgramData\Package Cache</p><p>2014-08-30 22:30 - 2014-08-30 22:30 - 00000675 _____ () C:\Users\Public\Desktop\Metro Last Light Redux.lnk</p><p>2014-08-30 19:46 - 2014-08-30 19:46 - 00095271 _____ () C:\Users\user\Downloads\[kickass.to]metro.last.light.redux.flt.torrent</p><p>2014-08-28 15:33 - 2014-08-28 15:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\Steam</p><p>2014-08-28 15:18 - 2014-08-28 15:18 - 00000575 _____ () C:\Users\user\Desktop\Metro 2033 Redux.lnk</p><p>2014-08-28 15:18 - 2014-08-28 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux</p><p>2014-08-28 11:54 - 2014-08-23 05:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll</p><p>2014-08-28 11:54 - 2014-08-23 04:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll</p><p>2014-08-28 11:54 - 2014-08-23 03:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2014-08-28 04:41 - 2014-08-28 04:41 - 00083270 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex (1).torrent</p><p>2014-08-28 04:40 - 2014-08-28 04:40 - 00021305 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex.torrent</p><p>2014-08-27 20:42 - 2014-08-27 20:42 - 00001405 _____ () C:\Users\user\Downloads\no_bar_alert_1.0.rar</p><p>2014-08-25 18:52 - 2014-09-09 19:13 - 00000000 ____D () C:\ProgramData\YTD Video Downloader</p><p>2014-08-25 18:51 - 2014-08-25 18:51 - 00001295 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk</p><p>2014-08-25 18:51 - 2014-08-25 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-09-24 13:06 - 2014-09-23 12:48 - 00000000 ____D () C:\Users\user\Desktop\FARBAR</p><p>2014-09-24 13:06 - 2014-09-23 12:33 - 00000000 ____D () C:\FRST</p><p>2014-09-24 13:03 - 2011-09-03 02:28 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000UA.job</p><p>2014-09-24 11:43 - 2011-10-18 18:27 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype</p><p>2014-09-24 11:30 - 2009-07-14 07:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2014-09-24 11:30 - 2009-07-14 07:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2014-09-24 11:29 - 2011-07-25 17:21 - 01114108 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-09-24 11:28 - 2013-02-25 20:55 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{948FC758-2838-4390-AAB5-DE1E6E83AC6F}</p><p>2014-09-24 11:23 - 2011-09-02 22:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\Gmail Notifier</p><p>2014-09-24 11:23 - 2011-07-25 17:54 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini</p><p>2014-09-24 11:22 - 2012-05-07 01:37 - 00000376 _____ () C:\Users\user\AppData\Roamingprivacy.xml</p><p>2014-09-24 11:22 - 2011-09-02 18:59 - 00000000 ____D () C:\ProgramData\NVIDIA</p><p>2014-09-24 11:22 - 2010-11-21 06:47 - 00472630 _____ () C:\Windows\PFRO.log</p><p>2014-09-24 11:22 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2014-09-24 11:22 - 2009-07-14 07:51 - 00171077 _____ () C:\Windows\setupact.log</p><p>2014-09-23 22:07 - 2014-09-23 21:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-09-23 22:02 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\Resources</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-09-23 21:36 - 2014-09-23 21:36 - 00002692 _____ () C:\Users\user\Desktop\AdwCleaner[S0].txt</p><p>2014-09-23 21:33 - 2014-09-23 21:31 - 00000000 ____D () C:\AdwCleaner</p><p>2014-09-23 21:31 - 2014-09-23 21:30 - 01373475 _____ () C:\Users\user\Desktop\AdwCleaner.exe</p><p>2014-09-23 18:11 - 2011-09-03 02:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000Core.job</p><p>2014-09-22 20:19 - 2014-09-22 20:03 - 00001011 _____ () C:\Users\user\Desktop\Hitman Absolution.lnk</p><p>2014-09-22 20:13 - 2011-09-04 02:47 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps</p><p>2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX</p><p>2014-09-22 12:20 - 2011-09-02 23:40 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent</p><p>2014-09-21 00:20 - 2014-09-21 00:20 - 00073611 _____ () C:\Users\user\Downloads\[katproxy.com]hitman.absolution.skidrow.torrent</p><p>2014-09-17 00:53 - 2011-11-04 02:35 - 00000000 ____D () C:\Users\user\AppData\Local\SKIDROW</p><p>2014-09-16 21:48 - 2014-09-16 21:48 - 00054765 _____ () C:\Users\user\Downloads\eu4_v1-7-0-0_STEAM_unknown_S44_T10.CT</p><p>2014-09-16 21:46 - 2014-09-16 21:46 - 00054897 _____ () C:\Users\user\Downloads\eu4_v1-7-3-0_STEAM_unknown_S44_T10.CT</p><p>2014-09-15 21:51 - 2014-07-11 05:44 - 00000000 ____D () C:\Users\user\Desktop\אתיקה</p><p>2014-09-15 00:23 - 2011-09-19 04:14 - 00000000 ____D () C:\Users\user\Documents\My Games</p><p>2014-09-15 00:09 - 2014-09-15 00:09 - 00017166 _____ () C:\Users\user\Downloads\[kickass.to]aliens.vs.predator.2010.rus.eng.repack.by.rg.mechanics.torrent</p><p>2014-09-14 23:31 - 2014-09-14 23:31 - 00091209 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.codex.torrent</p><p>2014-09-14 23:30 - 2014-09-14 23:30 - 00018462 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.2014.dlc.pc.repack.by.r.g.steamgames.torrent</p><p>2014-09-13 23:15 - 2014-09-13 23:15 - 00000652 _____ () C:\Users\user\Desktop\Europa Universalis IV Res Publica.lnk</p><p>2014-09-13 23:15 - 2014-09-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Res Publica</p><p>2014-09-13 22:56 - 2014-09-13 22:56 - 00115383 _____ () C:\Users\user\Downloads\[kickass.to]europa.universalis.iv.res.publica.codex.torrent</p><p>2014-09-12 19:04 - 2011-09-03 02:28 - 00002360 _____ () C:\Users\user\Desktop\Google Chrome.lnk</p><p>2014-09-11 14:58 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache</p><p>2014-09-11 05:29 - 2012-10-26 21:52 - 00000000 ____D () C:\ProgramData\Microsoft Help</p><p>2014-09-11 05:27 - 2013-07-27 19:25 - 00000000 ____D () C:\Windows\system32\MRT</p><p>2014-09-11 05:22 - 2011-09-02 19:59 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2014-09-11 05:21 - 2014-05-06 20:38 - 00000000 ___SD () C:\Windows\system32\CompatTel</p><p>2014-09-11 03:53 - 2014-09-11 03:53 - 00017480 _____ () C:\Users\user\Downloads\social liberals.zip</p><p>2014-09-10 01:11 - 2014-09-23 21:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll</p><p>2014-09-10 00:47 - 2014-09-23 21:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll</p><p>2014-09-09 19:13 - 2014-08-25 18:52 - 00000000 ____D () C:\ProgramData\YTD Video Downloader</p><p>2014-09-09 15:59 - 2014-09-09 15:59 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (2).xls</p><p>2014-09-08 21:58 - 2014-09-08 21:58 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (1).xls</p><p>2014-09-08 19:18 - 2014-09-08 19:18 - 00056832 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש.xls</p><p>2014-09-07 22:03 - 2014-08-21 14:39 - 00000000 ____D () C:\Users\user\Desktop\מאקרו</p><p>2014-09-06 00:52 - 2014-09-06 00:52 - 00000598 _____ () C:\Users\Public\Desktop\Victoria.lnk</p><p>2014-09-06 00:51 - 2014-09-06 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Entertainment</p><p>2014-09-06 00:51 - 2011-07-25 17:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information</p><p>2014-09-05 05:10 - 2014-09-11 05:02 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll</p><p>2014-09-05 05:05 - 2014-09-11 05:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2014-09-04 14:21 - 2012-07-07 19:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games</p><p>2014-09-04 13:42 - 2014-09-04 13:42 - 00031107 _____ () C:\Users\user\Downloads\[katproxy.com]pc.game.victoria.an.empire.under.the.sun.strategy.game.team.mjy.rar.torrent</p><p>2014-09-04 13:31 - 2014-09-04 13:31 - 00001760 _____ () C:\Users\user\Downloads\[kickassunblock.eu]kate.upton.leaked.and.hacked.nude.pics.torrent</p><p>2014-09-03 10:52 - 2009-07-14 08:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT</p><p>2014-08-30 23:34 - 2013-12-28 02:08 - 00000000 ____D () C:\Users\user\Desktop\עבודה במדהמ</p><p>2014-08-30 23:33 - 2014-02-09 02:12 - 00000000 ____D () C:\Users\user\AppData\Local\NVIDIA Corporation</p><p>2014-08-30 23:33 - 2013-06-11 03:08 - 00001353 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk</p><p>2014-08-30 23:32 - 2012-07-11 04:45 - 00000000 ____D () C:\Temp</p><p>2014-08-30 23:32 - 2012-07-06 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation</p><p>2014-08-30 23:32 - 2011-09-02 18:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation</p><p>2014-08-30 23:32 - 2011-09-02 18:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation</p><p>2014-08-30 23:31 - 2011-09-02 18:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation</p><p>2014-08-30 22:33 - 2014-08-30 22:33 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies</p><p>2014-08-30 22:33 - 2011-07-25 18:47 - 00647820 _____ () C:\Windows\DirectX.log</p><p>2014-08-30 22:31 - 2014-08-30 22:31 - 00000000 ____D () C:\ProgramData\Package Cache</p><p>2014-08-30 22:30 - 2014-08-30 22:30 - 00000675 _____ () C:\Users\Public\Desktop\Metro Last Light Redux.lnk</p><p>2014-08-30 19:46 - 2014-08-30 19:46 - 00095271 _____ () C:\Users\user\Downloads\[kickass.to]metro.last.light.redux.flt.torrent</p><p>2014-08-29 14:04 - 2009-07-14 07:45 - 00423808 _____ () C:\Windows\system32\FNTCACHE.DAT</p><p>2014-08-28 15:40 - 2013-06-11 01:45 - 00000000 ____D () C:\Users\user\Documents\4A Games</p><p>2014-08-28 15:35 - 2013-06-11 01:37 - 00000000 ____D () C:\Users\user\AppData\Local\4A Games</p><p>2014-08-28 15:33 - 2014-08-28 15:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\Steam</p><p>2014-08-28 15:18 - 2014-08-28 15:18 - 00000575 _____ () C:\Users\user\Desktop\Metro 2033 Redux.lnk</p><p>2014-08-28 15:18 - 2014-08-28 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux</p><p>2014-08-28 04:41 - 2014-08-28 04:41 - 00083270 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex (1).torrent</p><p>2014-08-28 04:40 - 2014-08-28 04:40 - 00021305 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex.torrent</p><p>2014-08-27 20:42 - 2014-08-27 20:42 - 00001405 _____ () C:\Users\user\Downloads\no_bar_alert_1.0.rar</p><p>2014-08-25 18:51 - 2014-08-25 18:51 - 00001295 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk</p><p>2014-08-25 18:51 - 2014-08-25 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader</p><p>2014-08-25 14:19 - 2014-08-21 22:00 - 00000045 _____ () C:\Users\user\Desktop\קוד ביטוח לאומי.txt</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\user\AppData\Local\Temp\Quarantine.exe</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2014-09-16 14:30</p><p></p><p>==================== End Of Log ============================</p><p></p><p><strong><u>the Addition</u></strong>:</p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014</p><p>Ran by user at 2014-09-24 13:07:38</p><p>Running from C:\Users\user\Desktop\FARBAR</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: Bitdefender Antivirus (Enabled - Out of date) {98CD50CE-5097-4098-9669-6C401FB3969C}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: Bitdefender Antispyware (Enabled - Out of date) {23ACB12A-76AD-4F16-ACD9-57326434DC21}</p><p>FW: Bitdefender Firewall (Enabled) {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>«Tropico 5 - Steam Special Edition» (HKLM-x32\...\«Tropico 5 - Steam Special Edition»_is1) (Version: - Kalypso Media Digital)</p><p>µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)</p><p>64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden</p><p>A Heart of Darkness (HKLM-x32\...\Victoria II - A Heart of Darkness_is1) (Version: 3.0.1 - Paradox Interactive)</p><p>Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.268 - Adobe Systems Incorporated)</p><p>Adobe Reader X (10.1.6) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)</p><p>Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)</p><p>Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )</p><p>B209a-m (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden</p><p>Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)</p><p>Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)</p><p>BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )</p><p>Bitdefender Internet Security 2012 (HKLM\...\Bitdefender) (Version: 15.0.38 - Bitdefender)</p><p>Bitdefender Internet Security 2012 (Version: 15.0.38 - Bitdefender) Hidden</p><p>Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>Borderlands 2 (HKLM-x32\...\Borderlands 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)</p><p>BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - )</p><p>Call of Juarez Gunslinger (c) Ubisoft version 1 (HKLM-x32\...\Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1) (Version: 1 - )</p><p>Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)</p><p>Crusader Kings II (HKLM-x32\...\Crusader Kings II_is1) (Version: - )</p><p>Crusader Kings II version 1.101 (HKLM-x32\...\{A30269D0-4F0B-44BB-A169-C665CA856EEC}}_is1) (Version: 1.101 - Paradox Interactive)</p><p>CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.2114.53 - CyberLink Corp.)</p><p>CyberLink PowerDVD 11 (x32 Version: 11.0.2114.53 - CyberLink Corp.) Hidden</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)</p><p>Darkest Hour (HKLM-x32\...\{09D5819F-0F1A-4480-A112-B5CCA58D9773}_is1) (Version: - Darkest Hour Team)</p><p>Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version: - Microsoft)</p><p>Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden</p><p>DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)</p><p>Dishonored The Brigmore Witches (HKLM-x32\...\RGlzaG9ub3JlZA==_is1) (Version: 1 - )</p><p>DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)</p><p>Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.03 - Electronic Arts, Inc.)</p><p>Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)</p><p>Endless Space - Disharmony (HKLM-x32\...\Endless Space - Disharmony_is1) (Version: - )</p><p>Europa Universalis IV Res Publica (HKLM-x32\...\Europa Universalis IV Res Publica_is1) (Version: - )</p><p>Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)</p><p>Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)</p><p>ffdshow v1.1.3984 [2011-09-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3984.0 - )</p><p>Football Manager 2012 (HKLM-x32\...\Football Manager 2012_is1) (Version: - )</p><p>Gmail Notifier (HKLM-x32\...\Gmail Notifier) (Version: - )</p><p>Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)</p><p>GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden</p><p>Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden</p><p>Hitman Absolution (HKLM-x32\...\Hitman Absolution_is1) (Version: - )</p><p>HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)</p><p>HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{B2DAB009-8236-48A0-AD7F-E940F5AB1578}) (Version: 14.0 - HP)</p><p>HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)</p><p>HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)</p><p>HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)</p><p>HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden</p><p>HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Impulse (HKLM-x32\...\Impulse) (Version: - Stardock)</p><p>Impulse (x32 Version: 1.0 - Stardock Corporation) Hidden</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)</p><p>Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)</p><p>Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel) Hidden</p><p>iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)</p><p>Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)</p><p>Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden</p><p>JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)</p><p>JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)</p><p>Kingdoms of Amalur Reckoning (HKLM-x32\...\Kingdoms of Amalur Reckoning_is1) (Version: - )</p><p>Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )</p><p>Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)</p><p>March of the Eagles (HKLM-x32\...\March of the Eagles_is1) (Version: - )</p><p>marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)</p><p>Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.02 - Electronic Arts, Inc.)</p><p>Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)</p><p>MediaInfo (HKLM-x32\...\MediaInfo_is1) (Version: - MediaInfo.SourceForge.net)</p><p>Metro 2033 Redux (HKLM-x32\...\Metro 2033 Redux_is1) (Version: - )</p><p>Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version: - Deep Silver)</p><p>Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)</p><p>Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)</p><p>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden</p><p>Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden</p><p>Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden</p><p>Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)</p><p>Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)</p><p>Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)</p><p>Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden</p><p>Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)</p><p>Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden</p><p>Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)</p><p>Microsoft Mathematics Add-in (64-bit) (HKLM\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)</p><p>Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)</p><p>Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)</p><p>Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden</p><p>Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden</p><p>Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden</p><p>Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden</p><p>Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden</p><p>Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)</p><p>Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden</p><p>Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)</p><p>Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden</p><p>Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)</p><p>Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)</p><p>Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)</p><p>MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden</p><p>MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden</p><p>MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden</p><p>MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)</p><p>NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)</p><p>Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden</p><p>NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden</p><p>NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)</p><p>NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)</p><p>NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden</p><p>NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)</p><p>NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)</p><p>NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)</p><p>NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden</p><p>NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden</p><p>NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden</p><p>NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)</p><p>NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden</p><p>NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden</p><p>NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden</p><p>NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden</p><p>NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden</p><p>OCCT Perestroika 3.1.0 (HKLM-x32\...\OCCT_is1) (Version: - Tetedeiench)</p><p>PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)</p><p>PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)</p><p>Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>PlayFLV (HKLM-x32\...\PlayFLV) (Version: - )</p><p>Popcorn Time (HKLM-x32\...\{38B39D8E-1AEF-4F01-82BE-36F3307244F5}) (Version: 2.0.0 - Time4Popcorn)</p><p>PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden</p><p>PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)</p><p>QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)</p><p>QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden</p><p>Rage (HKLM-x32\...\Rage_is1) (Version: - )</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)</p><p>Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)</p><p>Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)</p><p>Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden</p><p>Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games)</p><p>Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden</p><p>Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)</p><p>Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden</p><p>SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden</p><p>Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)</p><p>SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden</p><p>SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden</p><p>SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)</p><p>Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)</p><p>StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)</p><p>Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)</p><p>System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)</p><p>TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)</p><p>The Darkness II (HKLM-x32\...\The Darkness II_is1) (Version: - )</p><p>The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com)</p><p>Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )</p><p>Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)</p><p>Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)</p><p>Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden</p><p>Total War - Rome II (HKLM-x32\...\Total War - Rome II_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)</p><p>TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK)</p><p>TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden</p><p>Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)</p><p>Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)</p><p>Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)</p><p>Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version: - Microsoft)</p><p>Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)</p><p>Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)</p><p>Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version: - Microsoft)</p><p>Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)</p><p>Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)</p><p>Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)</p><p>Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version: - Microsoft)</p><p>Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)</p><p>Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version: - Microsoft)</p><p>Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)</p><p>Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)</p><p>Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)</p><p>Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)</p><p>Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)</p><p>Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)</p><p>Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden</p><p>VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden</p><p>Victoria (HKLM-x32\...\{AE7CB755-7C0B-4D11-8E5D-D6B6C1090A7B}) (Version: - )</p><p>Victoria Revolutions 1.0 (HKLM-x32\...\Victoria Revolutions Patch 060822_is1) (Version: - Paradox Interactive)</p><p>Victoria Revolutions 1.0 (HKLM-x32\...\Victoria Revolutions_is1) (Version: - Paradox Interactive)</p><p>WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden</p><p>Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)</p><p>Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden</p><p>Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)</p><p>WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)</p><p>Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )</p><p>Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)</p><p>YTD Video Downloader 4.8.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.3 - GreenTree Applications SRL)</p><p>גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p></p><p>==================== Custom CLSID (selected items): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File</p><p></p><p>==================== Restore Points =========================</p><p></p><p>14-09-2014 21:20:50 Installed DirectX</p><p>22-09-2014 01:35:20 Scheduled Checkpoint</p><p>23-09-2014 19:24:57 Windows Update</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-14 05:34 - 2013-05-27 17:03 - 00001219 ____N C:\Windows\system32\Drivers\etc\hosts</p><p>46.23.70.78 pagead2.googlesyndication.com</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p></p><p>Task: {5060FA6C-35E5-4083-860C-BFB7886511BE} - System32\Tasks\{BAB414DF-3772-4758-9921-8948F85F6A01} => Iexplore.exe <a href="http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.124.259&amp;LastError=-9" target="_blank">http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.124.259&amp;LastError=-9</a></p><p>Task: {D3163A70-48AD-4C61-BC72-594602CD47B7} - System32\Tasks\{99E44A71-1CA5-4915-89DA-61702A02A7F1} => Iexplore.exe <a href="http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.124.259&amp;LastError=-9" target="_blank">http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.124.259&amp;LastError=-9</a></p><p>Task: {D3760B11-5C81-4321-AACB-A46CE49499E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-03] (Google Inc.)</p><p>Task: {E41E98DC-DFE0-4D9A-AE72-B068B55BB403} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-03] (Google Inc.)</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2011-10-15 00:09 - 2011-10-15 00:09 - 00036256 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\strdecoder.dll</p><p>2011-10-15 00:08 - 2011-10-15 00:08 - 00262832 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\txmlutil.dll</p><p>2012-01-23 20:17 - 2012-01-23 20:17 - 00184016 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\framework.dll</p><p>2012-01-23 20:45 - 2012-01-23 20:45 - 00042960 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\procinfo.dll</p><p>2012-01-23 20:16 - 2012-01-23 20:16 - 00076384 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\ExcludeMgr.dll</p><p>2012-01-23 20:18 - 2012-01-23 20:18 - 00144912 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\connector.dll</p><p>2012-03-28 00:07 - 2012-03-28 00:07 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\UI\accessl.ui</p><p>2012-07-04 18:39 - 2012-12-12 15:59 - 00264128 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\avc3al.dll</p><p>2011-11-14 20:17 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdfwcore.dll</p><p>2012-01-23 20:18 - 2012-01-23 20:18 - 00076408 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdmltusrsrv.dll</p><p>2012-03-28 00:07 - 2012-03-28 00:07 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\UI\IMSecurityAL.ui</p><p>2012-12-12 16:00 - 2012-12-12 16:00 - 00098816 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdmetrics.dll</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 00832000 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpbr.mdl</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 00650752 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpdsp.mdl</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 02816000 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpf.mdl</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 02621952 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpph.mdl</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 01228800 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttprbl.mdl</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 00480256 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimbr.mdl</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 00565760 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimdsp.mdl</p><p>2012-03-22 12:30 - 2012-03-22 12:30 - 02555904 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimf.mdl</p><p>2011-10-18 02:06 - 2014-07-02 21:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll</p><p>2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF</p><p>2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () D:\Office\Office14\1033\GrooveIntlResource.dll</p><p>2011-07-25 18:35 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll</p><p>2012-07-06 22:33 - 2011-08-24 04:13 - 00083240 _____ () D:\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe</p><p>2012-12-04 23:38 - 2014-03-28 21:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe</p><p>2014-01-10 08:26 - 2014-01-10 08:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe</p><p>2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll</p><p>2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>2012-07-06 22:34 - 2011-08-26 07:57 - 00260096 _____ () D:\PowerDVD11\PowerDVD11\Common\MediaServer\sqlite3.dll</p><p>2014-01-10 08:28 - 2014-01-10 08:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll</p><p>2014-09-12 19:04 - 2014-09-04 06:01 - 01098056 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\libglesv2.dll</p><p>2014-09-12 19:04 - 2014-09-04 06:01 - 00174408 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\libegl.dll</p><p>2014-09-12 19:04 - 2014-09-04 06:01 - 08577864 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll</p><p>2014-09-12 19:04 - 2014-09-04 06:01 - 00331592 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll</p><p>2014-09-12 19:04 - 2014-09-04 06:01 - 01660232 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p>AlternateDataStreams: C:\Users\user\Desktop\AdwCleaner.exe:BDU</p><p>AlternateDataStreams: C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe:BDU</p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p>Name: BitDefender AVC HV</p><p>Description: BitDefender AVC HV</p><p>Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}</p><p>Manufacturer: (Standard system devices)</p><p>Service: avchv</p><p>Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)</p><p>Resolution: Update the driver</p><p></p><p>Name: ASUS Bluetooth</p><p>Description: ASUS Bluetooth</p><p>Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}</p><p>Manufacturer: Atheros Communications</p><p>Service: BTHUSB</p><p>Problem: : This device is disabled. (Code 22)</p><p>Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (09/24/2014 11:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: )</p><p>Description: NvStreamSvcNvVAD initialization failed [6]</p><p></p><p>Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: )</p><p>Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]</p><p></p><p>Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: )</p><p>Description: NvStreamSvcNvVAD endpoint registration failed [0]</p><p></p><p>Error: (09/23/2014 10:03:55 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/23/2014 09:36:09 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/23/2014 09:27:24 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/23/2014 00:27:49 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/22/2014 08:13:41 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: Hitman Absolution.exe, version: 1.0.433.1, time stamp: 0x50a66a1c</p><p>Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0018e278</p><p>Faulting process id: 0x16b0</p><p>Faulting application start time: 0xHitman Absolution.exe0</p><p>Faulting application path: Hitman Absolution.exe1</p><p>Faulting module path: Hitman Absolution.exe2</p><p>Report Id: Hitman Absolution.exe3</p><p></p><p>Error: (09/22/2014 08:12:50 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: Hitman Absolution .exe, version: 1.0.433.1, time stamp: 0x50a66a1c</p><p>Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0018e278</p><p>Faulting process id: 0x1acc</p><p>Faulting application start time: 0xHitman Absolution .exe0</p><p>Faulting application path: Hitman Absolution .exe1</p><p>Faulting module path: Hitman Absolution .exe2</p><p>Report Id: Hitman Absolution .exe3</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (09/24/2014 11:22:17 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\athExt.dll</p><p>Error Code: 126</p><p></p><p>Error: (09/23/2014 10:02:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\athExt.dll</p><p>Error Code: 126</p><p></p><p>Error: (09/23/2014 09:34:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\athExt.dll</p><p>Error Code: 126</p><p></p><p>Error: (09/23/2014 09:25:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\athExt.dll</p><p>Error Code: 126</p><p></p><p>Error: (09/23/2014 09:24:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )</p><p>Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: </p><p>%%1056</p><p></p><p>Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )</p><p>Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.</p><p></p><p>Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )</p><p>Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.</p><p></p><p>Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )</p><p>Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).</p><p></p><p>Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )</p><p>Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.</p><p></p><p>Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )</p><p>Description: The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (09/24/2014 11:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: )</p><p>Description: NvStreamSvcNvVAD initialization failed [6]</p><p></p><p>Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: )</p><p>Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]</p><p></p><p>Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: )</p><p>Description: NvStreamSvcNvVAD endpoint registration failed [0]</p><p></p><p>Error: (09/23/2014 10:03:55 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/23/2014 09:36:09 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/23/2014 09:27:24 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/23/2014 00:27:49 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (09/22/2014 08:13:41 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Hitman Absolution.exe1.0.433.150a66a1cunknown0.0.0.000000000c00000050018e27816b001cfd6888c652ba3D:\Hitman Absolution\Hitman Absolution.exeunknowncc40bc4c-427b-11e4-9aeb-f46d042b8a14</p><p></p><p>Error: (09/22/2014 08:12:50 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Hitman Absolution .exe1.0.433.150a66a1cunknown0.0.0.000000000c00000050018e2781acc01cfd6886cf97f5cD:\Hitman Absolution\Hitman Absolution .exeunknownae2d2afe-427b-11e4-9aeb-f46d042b8a14</p><p></p><p></p><p>CodeIntegrity Errors:</p><p>===================================</p><p> Date: 2014-09-24 13:04:46.924</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-24 12:20:39.032</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-24 11:53:57.764</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-24 11:44:53.376</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-24 11:22:16.433</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-23 22:24:51.253</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-23 22:14:25.023</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-23 22:02:17.450</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-23 22:00:53.552</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-09-23 21:34:23.784</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system.</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz</p><p>Percentage of memory in use: 31%</p><p>Total physical RAM: 8168.95 MB</p><p>Available physical RAM: 5589.81 MB</p><p>Total Pagefile: 16336.08 MB</p><p>Available Pagefile: 13205.05 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.85 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (SYSTEM) (Fixed) (Total:97.56 GB) (Free:16.29 GB) NTFS</p><p>Drive d: (DATA) (Fixed) (Total:833.85 GB) (Free:88.67 GB) NTFS</p><p>Drive f: (Hitman Absolutio) (CDROM) (Total:14.17 GB) (Free:0 GB) CDFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 53F15EE2)</p><p>Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="KK_corn, post: 266724, member: 28264"] [B][U]the FRST:[/U][/B] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014 Ran by user (administrator) on USER-PC on 24-09-2014 13:06:21 Running from C:\Users\user\Desktop\FARBAR Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () D:\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe (CyberLink) D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink) D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ([url="http://www.gmailnotifier.com"]www.gmailnotifier.com[/url]) D:\Gmail Notifier\Gmail Notifier.exe (Hewlett-Packard Co.) D:\HP\Digital Imaging\bin\hpqtra08.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (CyberLink Corp.) D:\PowerDVD11\PowerDVD11\PDVD11Serv.exe (Hewlett-Packard) D:\HP\HP Software Update\hpwuschd2.exe (Apple Inc.) D:\Itunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Hewlett-Packard Co.) D:\HP\Digital Imaging\bin\hpqste08.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Co.) D:\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) D:\HP\Digital Imaging\bin\hpqgpc01.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations) HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation) HKLM\...\Run: [BDAgent] => C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1091200 2012-12-12] (Bitdefender) HKLM\...\Run: [BCSSync] => D:\Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] () HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl11] => D:\PowerDVD11\PowerDVD11\PDVD11Serv.exe [230696 2011-09-14] (CyberLink Corp.) HKLM-x32\...\Run: [HP Software Update] => D:\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => D:\Itunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd) HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-03] (Google Inc.) HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [CMD] => cmd.exe /c start [url]http://adverttraff.org[/url] && exit <===== ATTENTION HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\Run: [Gmail Notifier.exe] => D:\Gmail Notifier\Gmail Notifier.exe [2155008 2011-04-07] ([url="http://www.gmailnotifier.com"]www.gmailnotifier.com[/url]) HKU\S-1-5-21-648445912-2895036148-1078845023-1000\...\MountPoints2: {cc752a3e-d585-11e0-8d32-00268316611c} - F:\Setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [url]http://il.msn.com/?ocid=iehp[/url] HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBDEFD9B99069CC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = he HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> D:\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Arc\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> D:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} [url]http://support.asus.com/select/asusTek_sys_ctrl3.cab[/url] DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} [url]http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url] DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} [url]http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab[/url] Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: 46.23.70.78 pagead2.googlesyndication.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Itunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Arc\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF HKLM\...\Thunderbird\Extensions: [[email]bdThunderbird@bitdefender.com[/email]] - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext [2012-07-04] FF HKLM-x32\...\Firefox\Extensions: [[email]smartwebprinting@hp.com[/email]] - D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-12] FF HKLM-x32\...\Firefox\Extensions: [[email]FFPDFArchitectConverter@pdfarchitect.com[/email]] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-20] FF HKLM-x32\...\Thunderbird\Extensions: [[email]bdThunderbird@bitdefender.com[/email]] - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext FF HKCU\...\Firefox\Extensions: [[email]smartwebprinting@hp.com[/email]] - D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07] CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-13] CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-13] CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (CourseGem) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfnpkdhcmgcajclojcfhciacciogdcd [2014-04-10] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-13] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ArcService; D:\Arc\Arc\ArcService.exe [88400 2014-07-02] (Perfect World Entertainment Inc) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed] R2 CLHNServiceForPowerDVD; D:\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] () R2 CyberLink PowerDVD 11.0 Monitor Service; D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-09-02] (CyberLink) R2 CyberLink PowerDVD 11.0 Service; D:\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-09-02] (CyberLink) R3 hpqcxs08; D:\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.) R2 hpqddsvc; D:\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.) R2 HPSLPSVC; D:\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1043584 2010-01-30] (Hewlett-Packard Co.) S3 Microsoft SharePoint Workspace Audit Service; D:\Office\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-28] () R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.) S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [466736 2011-10-14] (BitDefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [67904 2012-09-01] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1957912 2012-12-12] (Bitdefender) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2012-12-12] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-12-12] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2012-12-12] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93160 2012-09-01] (BitDefender LLC) R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [442088 2011-08-16] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [79952 2011-11-17] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-09-02] (DT Soft Ltd) S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] () S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] () R2 ntk_PowerDVD; D:\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [75248 2011-08-24] (Cyberlink Corp.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [329800 2011-10-27] (BitDefender S.R.L.) S3 WinRing0_1_2_0; C:\Users\user\Desktop\RealTemp_360\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org) R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; D:\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-09-02] (CyberLink Corp.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-23 21:40 - 2014-09-23 22:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-23 21:40 - 2014-09-10 01:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-23 21:40 - 2014-09-10 00:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-23 21:39 - 2014-09-23 21:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-23 21:39 - 2014-09-23 21:39 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-09-23 21:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-23 21:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-23 21:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-23 21:36 - 2014-09-23 21:36 - 00002692 _____ () C:\Users\user\Desktop\AdwCleaner[S0].txt 2014-09-23 21:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-23 21:31 - 2014-09-23 21:33 - 00000000 ____D () C:\AdwCleaner 2014-09-23 21:30 - 2014-09-23 21:31 - 01373475 _____ () C:\Users\user\Desktop\AdwCleaner.exe 2014-09-23 12:48 - 2014-09-24 13:06 - 00000000 ____D () C:\Users\user\Desktop\FARBAR 2014-09-23 12:33 - 2014-09-24 13:06 - 00000000 ____D () C:\FRST 2014-09-22 20:03 - 2014-09-22 20:19 - 00001011 _____ () C:\Users\user\Desktop\Hitman Absolution.lnk 2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX 2014-09-21 00:20 - 2014-09-21 00:20 - 00073611 _____ () C:\Users\user\Downloads\[katproxy.com]hitman.absolution.skidrow.torrent 2014-09-16 21:48 - 2014-09-16 21:48 - 00054765 _____ () C:\Users\user\Downloads\eu4_v1-7-0-0_STEAM_unknown_S44_T10.CT 2014-09-16 21:46 - 2014-09-16 21:46 - 00054897 _____ () C:\Users\user\Downloads\eu4_v1-7-3-0_STEAM_unknown_S44_T10.CT 2014-09-15 00:09 - 2014-09-15 00:09 - 00017166 _____ () C:\Users\user\Downloads\[kickass.to]aliens.vs.predator.2010.rus.eng.repack.by.rg.mechanics.torrent 2014-09-14 23:31 - 2014-09-14 23:31 - 00091209 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.codex.torrent 2014-09-14 23:30 - 2014-09-14 23:30 - 00018462 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.2014.dlc.pc.repack.by.r.g.steamgames.torrent 2014-09-13 23:15 - 2014-09-13 23:15 - 00000652 _____ () C:\Users\user\Desktop\Europa Universalis IV Res Publica.lnk 2014-09-13 23:15 - 2014-09-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Res Publica 2014-09-13 22:56 - 2014-09-13 22:56 - 00115383 _____ () C:\Users\user\Downloads\[kickass.to]europa.universalis.iv.res.publica.codex.torrent 2014-09-11 05:29 - 2014-08-19 21:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 05:29 - 2014-08-19 20:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 05:29 - 2014-08-19 02:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 05:29 - 2014-08-19 01:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 05:29 - 2014-08-19 01:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 05:29 - 2014-08-19 01:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 05:29 - 2014-08-19 01:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 05:29 - 2014-08-19 01:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 05:29 - 2014-08-19 01:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 05:29 - 2014-08-19 01:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 05:29 - 2014-08-19 01:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 05:29 - 2014-08-19 01:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 05:29 - 2014-08-19 01:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 05:29 - 2014-08-19 01:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 05:29 - 2014-08-19 01:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 05:29 - 2014-08-19 01:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 05:29 - 2014-08-19 01:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 05:29 - 2014-08-19 01:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 05:29 - 2014-08-19 01:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 05:29 - 2014-08-19 00:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 05:29 - 2014-08-19 00:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 05:29 - 2014-08-19 00:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 05:29 - 2014-08-19 00:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 05:29 - 2014-08-19 00:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 05:29 - 2014-08-19 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 05:29 - 2014-08-19 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 05:29 - 2014-08-19 00:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 05:29 - 2014-08-19 00:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 05:29 - 2014-08-19 00:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 05:29 - 2014-08-19 00:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 05:29 - 2014-08-19 00:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 05:29 - 2014-08-19 00:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 05:29 - 2014-08-19 00:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 05:29 - 2014-08-19 00:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 05:29 - 2014-08-19 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 05:29 - 2014-08-19 00:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 05:29 - 2014-08-19 00:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 05:29 - 2014-08-19 00:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 05:29 - 2014-08-19 00:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 05:29 - 2014-08-19 00:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 05:29 - 2014-08-19 00:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 05:29 - 2014-08-19 00:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 05:29 - 2014-08-19 00:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 05:29 - 2014-08-19 00:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 05:29 - 2014-08-19 00:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 05:29 - 2014-08-19 00:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 05:29 - 2014-08-19 00:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 05:29 - 2014-08-19 00:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 05:29 - 2014-08-19 00:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 05:29 - 2014-08-19 00:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 05:29 - 2014-08-19 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 05:29 - 2014-08-18 23:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 05:29 - 2014-08-18 23:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 05:29 - 2014-08-18 23:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 05:29 - 2014-08-18 23:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 05:29 - 2014-08-18 23:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 05:21 - 2014-06-27 05:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 05:21 - 2014-06-27 04:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-11 05:02 - 2014-09-05 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-11 05:02 - 2014-09-05 05:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-11 05:02 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-11 05:02 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-11 05:02 - 2014-07-07 05:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-11 05:02 - 2014-07-07 05:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-11 05:02 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-11 05:02 - 2014-07-07 04:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-11 05:02 - 2014-07-07 04:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-11 05:02 - 2014-06-24 06:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-11 05:02 - 2014-06-24 05:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-11 03:53 - 2014-09-11 03:53 - 00017480 _____ () C:\Users\user\Downloads\social liberals.zip 2014-09-09 15:59 - 2014-09-09 15:59 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (2).xls 2014-09-08 21:58 - 2014-09-08 21:58 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (1).xls 2014-09-08 19:18 - 2014-09-08 19:18 - 00056832 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש.xls 2014-09-06 00:52 - 2014-09-06 00:52 - 00000598 _____ () C:\Users\Public\Desktop\Victoria.lnk 2014-09-06 00:51 - 2014-09-06 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Entertainment 2014-09-04 13:42 - 2014-09-04 13:42 - 00031107 _____ () C:\Users\user\Downloads\[katproxy.com]pc.game.victoria.an.empire.under.the.sun.strategy.game.team.mjy.rar.torrent 2014-09-04 13:31 - 2014-09-04 13:31 - 00001760 _____ () C:\Users\user\Downloads\[kickassunblock.eu]kate.upton.leaked.and.hacked.nude.pics.torrent 2014-08-30 23:32 - 2014-07-25 17:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-08-30 23:32 - 2014-07-25 17:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-08-30 23:32 - 2014-07-02 20:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-08-30 23:29 - 2014-07-02 23:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-08-30 23:29 - 2014-07-02 23:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-08-30 23:29 - 2014-07-02 23:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-08-30 23:29 - 2014-03-31 19:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-08-30 23:29 - 2014-03-31 19:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-08-30 22:33 - 2014-08-30 22:33 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-08-30 22:31 - 2014-08-30 22:31 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-30 22:30 - 2014-08-30 22:30 - 00000675 _____ () C:\Users\Public\Desktop\Metro Last Light Redux.lnk 2014-08-30 19:46 - 2014-08-30 19:46 - 00095271 _____ () C:\Users\user\Downloads\[kickass.to]metro.last.light.redux.flt.torrent 2014-08-28 15:33 - 2014-08-28 15:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\Steam 2014-08-28 15:18 - 2014-08-28 15:18 - 00000575 _____ () C:\Users\user\Desktop\Metro 2033 Redux.lnk 2014-08-28 15:18 - 2014-08-28 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux 2014-08-28 11:54 - 2014-08-23 05:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 11:54 - 2014-08-23 04:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 11:54 - 2014-08-23 03:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-28 04:41 - 2014-08-28 04:41 - 00083270 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex (1).torrent 2014-08-28 04:40 - 2014-08-28 04:40 - 00021305 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex.torrent 2014-08-27 20:42 - 2014-08-27 20:42 - 00001405 _____ () C:\Users\user\Downloads\no_bar_alert_1.0.rar 2014-08-25 18:52 - 2014-09-09 19:13 - 00000000 ____D () C:\ProgramData\YTD Video Downloader 2014-08-25 18:51 - 2014-08-25 18:51 - 00001295 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk 2014-08-25 18:51 - 2014-08-25 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-24 13:06 - 2014-09-23 12:48 - 00000000 ____D () C:\Users\user\Desktop\FARBAR 2014-09-24 13:06 - 2014-09-23 12:33 - 00000000 ____D () C:\FRST 2014-09-24 13:03 - 2011-09-03 02:28 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000UA.job 2014-09-24 11:43 - 2011-10-18 18:27 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype 2014-09-24 11:30 - 2009-07-14 07:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-24 11:30 - 2009-07-14 07:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-24 11:29 - 2011-07-25 17:21 - 01114108 _____ () C:\Windows\WindowsUpdate.log 2014-09-24 11:28 - 2013-02-25 20:55 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{948FC758-2838-4390-AAB5-DE1E6E83AC6F} 2014-09-24 11:23 - 2011-09-02 22:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\Gmail Notifier 2014-09-24 11:23 - 2011-07-25 17:54 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini 2014-09-24 11:22 - 2012-05-07 01:37 - 00000376 _____ () C:\Users\user\AppData\Roamingprivacy.xml 2014-09-24 11:22 - 2011-09-02 18:59 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-09-24 11:22 - 2010-11-21 06:47 - 00472630 _____ () C:\Windows\PFRO.log 2014-09-24 11:22 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-24 11:22 - 2009-07-14 07:51 - 00171077 _____ () C:\Windows\setupact.log 2014-09-23 22:07 - 2014-09-23 21:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-23 22:02 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\Resources 2014-09-23 21:39 - 2014-09-23 21:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-23 21:39 - 2014-09-23 21:39 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-23 21:39 - 2014-09-23 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-09-23 21:36 - 2014-09-23 21:36 - 00002692 _____ () C:\Users\user\Desktop\AdwCleaner[S0].txt 2014-09-23 21:33 - 2014-09-23 21:31 - 00000000 ____D () C:\AdwCleaner 2014-09-23 21:31 - 2014-09-23 21:30 - 01373475 _____ () C:\Users\user\Desktop\AdwCleaner.exe 2014-09-23 18:11 - 2011-09-03 02:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000Core.job 2014-09-22 20:19 - 2014-09-22 20:03 - 00001011 _____ () C:\Users\user\Desktop\Hitman Absolution.lnk 2014-09-22 20:13 - 2011-09-04 02:47 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps 2014-09-22 19:59 - 2014-09-22 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX 2014-09-22 12:20 - 2011-09-02 23:40 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent 2014-09-21 00:20 - 2014-09-21 00:20 - 00073611 _____ () C:\Users\user\Downloads\[katproxy.com]hitman.absolution.skidrow.torrent 2014-09-17 00:53 - 2011-11-04 02:35 - 00000000 ____D () C:\Users\user\AppData\Local\SKIDROW 2014-09-16 21:48 - 2014-09-16 21:48 - 00054765 _____ () C:\Users\user\Downloads\eu4_v1-7-0-0_STEAM_unknown_S44_T10.CT 2014-09-16 21:46 - 2014-09-16 21:46 - 00054897 _____ () C:\Users\user\Downloads\eu4_v1-7-3-0_STEAM_unknown_S44_T10.CT 2014-09-15 21:51 - 2014-07-11 05:44 - 00000000 ____D () C:\Users\user\Desktop\אתיקה 2014-09-15 00:23 - 2011-09-19 04:14 - 00000000 ____D () C:\Users\user\Documents\My Games 2014-09-15 00:09 - 2014-09-15 00:09 - 00017166 _____ () C:\Users\user\Downloads\[kickass.to]aliens.vs.predator.2010.rus.eng.repack.by.rg.mechanics.torrent 2014-09-14 23:31 - 2014-09-14 23:31 - 00091209 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.codex.torrent 2014-09-14 23:30 - 2014-09-14 23:30 - 00018462 _____ () C:\Users\user\Downloads\[kickass.to]fable.anniversary.2014.dlc.pc.repack.by.r.g.steamgames.torrent 2014-09-13 23:15 - 2014-09-13 23:15 - 00000652 _____ () C:\Users\user\Desktop\Europa Universalis IV Res Publica.lnk 2014-09-13 23:15 - 2014-09-13 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Res Publica 2014-09-13 22:56 - 2014-09-13 22:56 - 00115383 _____ () C:\Users\user\Downloads\[kickass.to]europa.universalis.iv.res.publica.codex.torrent 2014-09-12 19:04 - 2011-09-03 02:28 - 00002360 _____ () C:\Users\user\Desktop\Google Chrome.lnk 2014-09-11 14:58 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache 2014-09-11 05:29 - 2012-10-26 21:52 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-09-11 05:27 - 2013-07-27 19:25 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 05:22 - 2011-09-02 19:59 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 05:21 - 2014-05-06 20:38 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-11 03:53 - 2014-09-11 03:53 - 00017480 _____ () C:\Users\user\Downloads\social liberals.zip 2014-09-10 01:11 - 2014-09-23 21:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-10 00:47 - 2014-09-23 21:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-09 19:13 - 2014-08-25 18:52 - 00000000 ____D () C:\ProgramData\YTD Video Downloader 2014-09-09 15:59 - 2014-09-09 15:59 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (2).xls 2014-09-08 21:58 - 2014-09-08 21:58 - 00056320 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש (1).xls 2014-09-08 19:18 - 2014-09-08 19:18 - 00056832 _____ () C:\Users\user\Downloads\קורסי בחירה מחוץ לתכנית_משיק ונפש.xls 2014-09-07 22:03 - 2014-08-21 14:39 - 00000000 ____D () C:\Users\user\Desktop\מאקרו 2014-09-06 00:52 - 2014-09-06 00:52 - 00000598 _____ () C:\Users\Public\Desktop\Victoria.lnk 2014-09-06 00:51 - 2014-09-06 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Entertainment 2014-09-06 00:51 - 2011-07-25 17:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-05 05:10 - 2014-09-11 05:02 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 05:05 - 2014-09-11 05:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-04 14:21 - 2012-07-07 19:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-09-04 13:42 - 2014-09-04 13:42 - 00031107 _____ () C:\Users\user\Downloads\[katproxy.com]pc.game.victoria.an.empire.under.the.sun.strategy.game.team.mjy.rar.torrent 2014-09-04 13:31 - 2014-09-04 13:31 - 00001760 _____ () C:\Users\user\Downloads\[kickassunblock.eu]kate.upton.leaked.and.hacked.nude.pics.torrent 2014-09-03 10:52 - 2009-07-14 08:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-30 23:34 - 2013-12-28 02:08 - 00000000 ____D () C:\Users\user\Desktop\עבודה במדהמ 2014-08-30 23:33 - 2014-02-09 02:12 - 00000000 ____D () C:\Users\user\AppData\Local\NVIDIA Corporation 2014-08-30 23:33 - 2013-06-11 03:08 - 00001353 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-08-30 23:32 - 2012-07-11 04:45 - 00000000 ____D () C:\Temp 2014-08-30 23:32 - 2012-07-06 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-08-30 23:32 - 2011-09-02 18:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-08-30 23:32 - 2011-09-02 18:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-08-30 23:31 - 2011-09-02 18:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-08-30 22:33 - 2014-08-30 22:33 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-08-30 22:33 - 2011-07-25 18:47 - 00647820 _____ () C:\Windows\DirectX.log 2014-08-30 22:31 - 2014-08-30 22:31 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-30 22:30 - 2014-08-30 22:30 - 00000675 _____ () C:\Users\Public\Desktop\Metro Last Light Redux.lnk 2014-08-30 19:46 - 2014-08-30 19:46 - 00095271 _____ () C:\Users\user\Downloads\[kickass.to]metro.last.light.redux.flt.torrent 2014-08-29 14:04 - 2009-07-14 07:45 - 00423808 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 15:40 - 2013-06-11 01:45 - 00000000 ____D () C:\Users\user\Documents\4A Games 2014-08-28 15:35 - 2013-06-11 01:37 - 00000000 ____D () C:\Users\user\AppData\Local\4A Games 2014-08-28 15:33 - 2014-08-28 15:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\Steam 2014-08-28 15:18 - 2014-08-28 15:18 - 00000575 _____ () C:\Users\user\Desktop\Metro 2033 Redux.lnk 2014-08-28 15:18 - 2014-08-28 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux 2014-08-28 04:41 - 2014-08-28 04:41 - 00083270 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex (1).torrent 2014-08-28 04:40 - 2014-08-28 04:40 - 00021305 _____ () C:\Users\user\Downloads\[kickass.to]metro.2033.redux.codex.torrent 2014-08-27 20:42 - 2014-08-27 20:42 - 00001405 _____ () C:\Users\user\Downloads\no_bar_alert_1.0.rar 2014-08-25 18:51 - 2014-08-25 18:51 - 00001295 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk 2014-08-25 18:51 - 2014-08-25 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader 2014-08-25 14:19 - 2014-08-21 22:00 - 00000045 _____ () C:\Users\user\Desktop\קוד ביטוח לאומי.txt Some content of TEMP: ==================== C:\Users\user\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-16 14:30 ==================== End Of Log ============================ [B][U]the Addition[/U][/B]: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014 Ran by user at 2014-09-24 13:07:38 Running from C:\Users\user\Desktop\FARBAR Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus (Enabled - Out of date) {98CD50CE-5097-4098-9669-6C401FB3969C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Out of date) {23ACB12A-76AD-4F16-ACD9-57326434DC21} FW: Bitdefender Firewall (Enabled) {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Tropico 5 - Steam Special Edition» (HKLM-x32\...\«Tropico 5 - Steam Special Edition»_is1) (Version: - Kalypso Media Digital) µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden A Heart of Darkness (HKLM-x32\...\Victoria II - A Heart of Darkness_is1) (Version: 3.0.1 - Paradox Interactive) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.268 - Adobe Systems Incorporated) Adobe Reader X (10.1.6) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - ) B209a-m (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts) BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - ) Bitdefender Internet Security 2012 (HKLM\...\Bitdefender) (Version: 15.0.38 - Bitdefender) Bitdefender Internet Security 2012 (Version: 15.0.38 - Bitdefender) Hidden Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Borderlands 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - ) Call of Juarez Gunslinger (c) Ubisoft version 1 (HKLM-x32\...\Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1) (Version: 1 - ) Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) Crusader Kings II (HKLM-x32\...\Crusader Kings II_is1) (Version: - ) Crusader Kings II version 1.101 (HKLM-x32\...\{A30269D0-4F0B-44BB-A169-C665CA856EEC}}_is1) (Version: 1.101 - Paradox Interactive) CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.2114.53 - CyberLink Corp.) CyberLink PowerDVD 11 (x32 Version: 11.0.2114.53 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd) Darkest Hour (HKLM-x32\...\{09D5819F-0F1A-4480-A112-B5CCA58D9773}_is1) (Version: - Darkest Hour Team) Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version: - Microsoft) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dishonored The Brigmore Witches (HKLM-x32\...\RGlzaG9ub3JlZA==_is1) (Version: 1 - ) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC) Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.03 - Electronic Arts, Inc.) Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.) Endless Space - Disharmony (HKLM-x32\...\Endless Space - Disharmony_is1) (Version: - ) Europa Universalis IV Res Publica (HKLM-x32\...\Europa Universalis IV Res Publica_is1) (Version: - ) Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft) Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft) ffdshow v1.1.3984 [2011-09-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3984.0 - ) Football Manager 2012 (HKLM-x32\...\Football Manager 2012_is1) (Version: - ) Gmail Notifier (HKLM-x32\...\Gmail Notifier) (Version: - ) Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.) GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Hitman Absolution (HKLM-x32\...\Hitman Absolution_is1) (Version: - ) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{B2DAB009-8236-48A0-AD7F-E940F5AB1578}) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Impulse (HKLM-x32\...\Impulse) (Version: - Stardock) Impulse (x32 Version: 1.0 - Stardock Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel) Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel) Hidden iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.) Kingdoms of Amalur Reckoning (HKLM-x32\...\Kingdoms of Amalur Reckoning_is1) (Version: - ) Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - ) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) March of the Eagles (HKLM-x32\...\March of the Eagles_is1) (Version: - ) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell) Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.02 - Electronic Arts, Inc.) Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games) MediaInfo (HKLM-x32\...\MediaInfo_is1) (Version: - MediaInfo.SourceForge.net) Metro 2033 Redux (HKLM-x32\...\Metro 2033 Redux_is1) (Version: - ) Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version: - Deep Silver) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft) Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation) Microsoft Mathematics Add-in (64-bit) (HKLM\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft) Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports) Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden OCCT Perestroika 3.1.0 (HKLM-x32\...\OCCT_is1) (Version: - Tetedeiench) PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge) Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PlayFLV (HKLM-x32\...\PlayFLV) (Version: - ) Popcorn Time (HKLM-x32\...\{38B39D8E-1AEF-4F01-82BE-36F3307244F5}) (Version: 2.0.0 - Time4Popcorn) PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Rage (HKLM-x32\...\Rage_is1) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH) The Darkness II (HKLM-x32\...\The Darkness II_is1) (Version: - ) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com) Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - ) Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft) Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden Total War - Rome II (HKLM-x32\...\Total War - Rome II_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) TP-LINK Wireless Client Utility (HKLM-x32\...\{1E03C8BE-0848-430F-BECA-7D7709401626}) (Version: 7.0 - TP-LINK) TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft) Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision) Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Victoria (HKLM-x32\...\{AE7CB755-7C0B-4D11-8E5D-D6B6C1090A7B}) (Version: - ) Victoria Revolutions 1.0 (HKLM-x32\...\Victoria Revolutions Patch 060822_is1) (Version: - Paradox Interactive) Victoria Revolutions 1.0 (HKLM-x32\...\Victoria Revolutions_is1) (Version: - Paradox Interactive) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) YTD Video Downloader 4.8.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.3 - GreenTree Applications SRL) גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-648445912-2895036148-1078845023-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 14-09-2014 21:20:50 Installed DirectX 22-09-2014 01:35:20 Scheduled Checkpoint 23-09-2014 19:24:57 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2013-05-27 17:03 - 00001219 ____N C:\Windows\system32\Drivers\etc\hosts 46.23.70.78 pagead2.googlesyndication.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {5060FA6C-35E5-4083-860C-BFB7886511BE} - System32\Tasks\{BAB414DF-3772-4758-9921-8948F85F6A01} => Iexplore.exe [url]http://www.skype.com/go/downloading?source=lightinstaller&ver=5.5.0.124.259&LastError=-9[/url] Task: {D3163A70-48AD-4C61-BC72-594602CD47B7} - System32\Tasks\{99E44A71-1CA5-4915-89DA-61702A02A7F1} => Iexplore.exe [url]http://www.skype.com/go/downloading?source=lightinstaller&ver=5.5.0.124.259&LastError=-9[/url] Task: {D3760B11-5C81-4321-AACB-A46CE49499E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-03] (Google Inc.) Task: {E41E98DC-DFE0-4D9A-AE72-B068B55BB403} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-03] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-648445912-2895036148-1078845023-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-10-15 00:09 - 2011-10-15 00:09 - 00036256 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\strdecoder.dll 2011-10-15 00:08 - 2011-10-15 00:08 - 00262832 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\txmlutil.dll 2012-01-23 20:17 - 2012-01-23 20:17 - 00184016 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\framework.dll 2012-01-23 20:45 - 2012-01-23 20:45 - 00042960 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\procinfo.dll 2012-01-23 20:16 - 2012-01-23 20:16 - 00076384 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\ExcludeMgr.dll 2012-01-23 20:18 - 2012-01-23 20:18 - 00144912 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\connector.dll 2012-03-28 00:07 - 2012-03-28 00:07 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\UI\accessl.ui 2012-07-04 18:39 - 2012-12-12 15:59 - 00264128 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\avc3al.dll 2011-11-14 20:17 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdfwcore.dll 2012-01-23 20:18 - 2012-01-23 20:18 - 00076408 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdmltusrsrv.dll 2012-03-28 00:07 - 2012-03-28 00:07 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\UI\IMSecurityAL.ui 2012-12-12 16:00 - 2012-12-12 16:00 - 00098816 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdmetrics.dll 2012-03-22 12:30 - 2012-03-22 12:30 - 00832000 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpbr.mdl 2012-03-22 12:30 - 2012-03-22 12:30 - 00650752 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpdsp.mdl 2012-03-22 12:30 - 2012-03-22 12:30 - 02816000 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpf.mdl 2012-03-22 12:30 - 2012-03-22 12:30 - 02621952 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpph.mdl 2012-03-22 12:30 - 2012-03-22 12:30 - 01228800 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttprbl.mdl 2012-03-22 12:30 - 2012-03-22 12:30 - 00480256 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimbr.mdl 2012-03-22 12:30 - 2012-03-22 12:30 - 00565760 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimdsp.mdl 2012-03-22 12:30 - 2012-03-22 12:30 - 02555904 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimf.mdl 2011-10-18 02:06 - 2014-07-02 21:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () D:\Office\Office14\1033\GrooveIntlResource.dll 2011-07-25 18:35 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2012-07-06 22:33 - 2011-08-24 04:13 - 00083240 _____ () D:\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe 2012-12-04 23:38 - 2014-03-28 21:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-01-10 08:26 - 2014-01-10 08:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-07-06 22:34 - 2011-08-26 07:57 - 00260096 _____ () D:\PowerDVD11\PowerDVD11\Common\MediaServer\sqlite3.dll 2014-01-10 08:28 - 2014-01-10 08:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2014-09-12 19:04 - 2014-09-04 06:01 - 01098056 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\libglesv2.dll 2014-09-12 19:04 - 2014-09-04 06:01 - 00174408 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\libegl.dll 2014-09-12 19:04 - 2014-09-04 06:01 - 08577864 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll 2014-09-12 19:04 - 2014-09-04 06:01 - 00331592 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll 2014-09-12 19:04 - 2014-09-04 06:01 - 01660232 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\user\Desktop\AdwCleaner.exe:BDU AlternateDataStreams: C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: BitDefender AVC HV Description: BitDefender AVC HV Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: avchv Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: ASUS Bluetooth Description: ASUS Bluetooth Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/24/2014 11:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (09/23/2014 10:03:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2014 09:36:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2014 09:27:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2014 00:27:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2014 08:13:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Hitman Absolution.exe, version: 1.0.433.1, time stamp: 0x50a66a1c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0018e278 Faulting process id: 0x16b0 Faulting application start time: 0xHitman Absolution.exe0 Faulting application path: Hitman Absolution.exe1 Faulting module path: Hitman Absolution.exe2 Report Id: Hitman Absolution.exe3 Error: (09/22/2014 08:12:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Hitman Absolution .exe, version: 1.0.433.1, time stamp: 0x50a66a1c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0018e278 Faulting process id: 0x1acc Faulting application start time: 0xHitman Absolution .exe0 Faulting application path: Hitman Absolution .exe1 Faulting module path: Hitman Absolution .exe2 Report Id: Hitman Absolution .exe3 System errors: ============= Error: (09/24/2014 11:22:17 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126 Error: (09/23/2014 10:02:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126 Error: (09/23/2014 09:34:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126 Error: (09/23/2014 09:25:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126 Error: (09/23/2014 09:24:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s). Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (09/23/2014 09:23:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). Microsoft Office Sessions: ========================= Error: (09/24/2014 11:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (09/24/2014 11:22:29 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (09/23/2014 10:03:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2014 09:36:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2014 09:27:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2014 00:27:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/22/2014 08:13:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hitman Absolution.exe1.0.433.150a66a1cunknown0.0.0.000000000c00000050018e27816b001cfd6888c652ba3D:\Hitman Absolution\Hitman Absolution.exeunknowncc40bc4c-427b-11e4-9aeb-f46d042b8a14 Error: (09/22/2014 08:12:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hitman Absolution .exe1.0.433.150a66a1cunknown0.0.0.000000000c00000050018e2781acc01cfd6886cf97f5cD:\Hitman Absolution\Hitman Absolution .exeunknownae2d2afe-427b-11e4-9aeb-f46d042b8a14 CodeIntegrity Errors: =================================== Date: 2014-09-24 13:04:46.924 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-24 12:20:39.032 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-24 11:53:57.764 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-24 11:44:53.376 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-24 11:22:16.433 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-23 22:24:51.253 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-23 22:14:25.023 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-23 22:02:17.450 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-23 22:00:53.552 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-23 21:34:23.784 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00243_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 31% Total physical RAM: 8168.95 MB Available physical RAM: 5589.81 MB Total Pagefile: 16336.08 MB Available Pagefile: 13205.05 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:97.56 GB) (Free:16.29 GB) NTFS Drive d: (DATA) (Fixed) (Total:833.85 GB) (Free:88.67 GB) NTFS Drive f: (Hitman Absolutio) (CDROM) (Total:14.17 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 53F15EE2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top