1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can't access the Advanced boot option.

Discussion in 'Virus & Other Malware Removal' started by normsrayn, Jan 31, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. normsrayn

    normsrayn Thread Starter

    Joined:
    Jan 29, 2014
    Messages:
    8
    Hi, I posted a thread a few days ago in the Windows 7 section and as instructed I decided to make my thread here instead.

    HijackThis:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:02:24, on 2014-01-31
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.19489)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Users\NormS\AppData\Local\FluxSoftware\Flux\flux.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe
    C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razertra.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
    C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
    C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerofa.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    D:\Downloads\dogecoin-qt-v14-Win\dogecoin-qt.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    D:\Jeux\Steam\Steam.exe
    D:\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
    O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
    O1 - Hosts: 255.255.255.255 easyanticheat.com # misleading site
    O1 - Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
    O1 - Hosts: 255.255.255.255 easyanticheat.info # misleading site
    O1 - Hosts: 255.255.255.255 www.easyanticheat.info # misleading site
    O1 - Hosts: 255.255.255.255 easyanticheat.org # misleading site
    O1 - Hosts: 255.255.255.255 www.easyanticheat.org # misleading site
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [agentantidote.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe" /LancementSession
    O4 - HKLM\..\Run: [agentantidote64.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe" /LancementSession
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [DeathAdder] "C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe"
    O4 - HKLM\..\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [DeathAdderBlackEdition] "C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [F.lux] "C:\Users\NormS\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Steam] "D:\Jeux\Steam\steam.exe" -silent
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: GameStop Now.lnk = C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
    O4 - Global Startup: UltraMon.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: @%SystemRoot%\ehome\ehres.dll,-15501 (Mcx2Svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS64.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 26232 bytes[/CODE]DDS:
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 8.0.6001.19489 BrowserJavaVersion: 10.51.2
    Run by NormS at 21:03:13 on 2014-01-31
    Microsoft® Windows Vista™ Édition Intégrale 6.0.6002.2.1252.2.1036.18.4094.936 [GMT -5:00]
    .
    AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
    C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Windows\system32\svchost.exe -k iissvcs
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
    C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Users\NormS\AppData\Local\FluxSoftware\Flux\flux.exe
    C:\Program Files\UltraMon\UltraMon.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe
    C:\Program Files (x86)\Druide\Antidote 7\Programmes64\AgentAntidote64.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe
    C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razertra.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
    C:\Program Files\UltraMon\UltraMonTaskbar.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
    C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerofa.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\iPod\bin\iPodService.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    D:\Downloads\dogecoin-qt-v14-Win\dogecoin-qt.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    D:\Jeux\Steam\Steam.exe
    D:\Downloads\dogecoin-qt-v14-Win\cudaminer-2013-12-18\x64\cudaminer.exe
    D:\Downloads\HijackThis.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uURLSearchHooks: DeviceVM Url Search Hook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    uRun: [PlayNC Launcher] <no file>
    mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [agentantidote.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe" /LancementSession
    mRun: [agentantidote64.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe" /LancementSession
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [DeathAdder] "C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe"
    mRun: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [DeathAdderBlackEdition] "C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe"
    StartupFolder: C:\Users\NormS\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UltraMon.lnk - C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 24.201.245.77 24.200.0.1 24.53.0.2
    TCP: Interfaces\{352972F3-2D02-4D79-8061-A52335D3A8DC} : DHCPNameServer = 24.201.245.77 24.200.0.1 24.53.0.2
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    x64-Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
    x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    x64-Run: [VX1000] C:\Windows\vVX1000.exe
    x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
    x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
    x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    x64-mPolicies-Explorer: NoActiveDesktop = dword:1
    x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    x64-mPolicies-System: EnableLUA = dword:0
    x64-mPolicies-System: PromptOnSecureDesktop = dword:0
    x64-mPolicies-System: EnableUIADesktopToggle = dword:0
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    Hosts: 255.255.255.255 easyanticheat.se # misleading site
    Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
    Hosts: 255.255.255.255 easyanticheat.com # misleading site
    Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
    Hosts: 255.255.255.255 easyanticheat.info # misleading site
    .
    Note: multiple HOSTS entries found. Please refer to Attach.txt
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com
    FF - prefs.js: network.proxy.type - 2
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
    FF - ExtSQL: 2013-12-03 23:48; [email protected]; C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\extensions\[email protected]
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 ehdrv;ehdrv;C:\Windows\System32\drivers\ehdrv.sys [2009-5-14 134024]
    R1 epfwtdir;epfwtdir;C:\Windows\System32\drivers\epfwtdir.sys [2009-5-14 120104]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-29 238080]
    R2 AODDriver4.3.0;AODDriver4.3.0;C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2014-1-8 59624]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-5-14 731840]
    R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2009-8-6 68136]
    R2 FontCache;Service de cache de police Windows;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-8-6 27648]
    R2 npf;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2010-1-26 47632]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-7 1593632]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
    R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-6-28 5087584]
    R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
    R3 DABlackFltr;DeathAdder Black Edition Mouse;C:\Windows\System32\drivers\DABlack.sys [2014-1-17 23040]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-7-14 22408]
    S2 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2014-1-8 137584]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
    S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-4-22 46136]
    S3 CYUSB;Cypress Generic USB Driver;C:\Windows\System32\drivers\CYUSB.sys [2010-7-15 47104]
    S3 DAdderFltr;DeathAdder Mouse;C:\Windows\System32\drivers\dadder.sys [2010-7-15 12672]
    S3 danewFltr;NewDeathAdder Mouse;C:\Windows\System32\drivers\danew.sys [2010-7-15 12800]
    S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2009-8-7 12744]
    S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2008-3-13 27136]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2011-7-24 19544]
    S3 PerfHost;Hôte de DLL de compteur de performance;C:\Windows\SysWOW64\perfhost.exe [2009-8-6 19968]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-7-20 1022632]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-8-6 89920]
    .
    =============== File Associations ===============
    .
    FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
    FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    .
    ==================== Find3M ====================
    .
    2014-01-31 05:16:11 23080 ----a-w- C:\Windows\gdrv.sys
    2014-01-16 12:42:18 86054176 ----a-w- C:\Windows\System32\mrt.exe
    2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
    2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
    2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
    2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll
    2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll
    2013-12-19 18:53:44 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
    2013-12-19 02:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-12-19 02:04:13 264616 ----a-w- C:\Windows\SysWow64\javaws.exe
    2013-12-19 02:04:09 175016 ----a-w- C:\Windows\SysWow64\javaw.exe
    2013-12-19 02:03:46 174504 ----a-w- C:\Windows\SysWow64\java.exe
    2013-12-18 11:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2013-12-11 04:47:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-12-11 04:47:20 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-12-11 04:47:12 9272200 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2013-11-28 13:38:22 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
    2013-11-28 13:38:18 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
    2013-11-22 08:36:08 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
    .
    ============= FINISH: 21:04:38,27 ===============[/CODE]Attach:

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Édition Intégrale
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2009-08-06 11:06:44
    System Uptime: 2014-01-31 00:15:32 (21 hours ago)
    .
    Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790X-UD4P
    Processor: AMD Phenom(tm) II X4 955 Processor | Socket M2 | 3200/200mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 100 GiB total, 24,318 GiB free.
    D: is FIXED (NTFS) - 832 GiB total, 43,511 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    G: is FIXED (NTFS) - 233 GiB total, 90,404 GiB free.
    H: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {6264e7e6-b95c-4033-908f-86e7ab9e2554}
    Description:
    Device ID: ROOT\RAZERCLASS\0000
    Manufacturer: Razer
    Name:
    PNP Device ID: ROOT\RAZERCLASS\0000
    Service:
    .
    Class GUID: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
    Description: Dispositifs Logitech GamePanel (QVGA)
    Device ID: ROOT\SIDESHOW\0000
    Manufacturer: Logitech Inc
    Name: Dispositifs Logitech GamePanel (QVGA)
    PNP Device ID: ROOT\SIDESHOW\0000
    Service: WUDFRd
    .
    Class GUID: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
    Description: Dispositifs Logitech GamePanel (Mono)
    Device ID: ROOT\SIDESHOW\0001
    Manufacturer: Logitech Inc
    Name: Dispositifs Logitech GamePanel (Mono)
    PNP Device ID: ROOT\SIDESHOW\0001
    Service: WUDFRd
    .
    ==== System Restore Points ===================
    .
    RP1657: 2014-01-28 16:43:43 - Windows Update
    RP1658: 2014-01-28 20:01:56 - Installed AMD OverDrive.
    RP1659: 2014-01-31 06:58:01 - Point de contrôle planifié
    .
    ==== Hosts File Hijack ======================
    .
    Hosts: 255.255.255.255 easyanticheat.se # misleading site
    Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
    Hosts: 255.255.255.255 easyanticheat.com # misleading site
    Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
    Hosts: 255.255.255.255 easyanticheat.info # misleading site
    Hosts: 255.255.255.255 www.easyanticheat.info # misleading site
    Hosts: 255.255.255.255 easyanticheat.org # misleading site
    Hosts: 255.255.255.255 www.easyanticheat.org # misleading site
    .
    ==== Installed Programs ======================
    .
    @BIOS Ver.2.05
    3ivx MPEG-4 5.0.3 (remove only)
    Acrobat.com
    Adobe AIR
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe ExtendScript Toolkit 2
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Linguistics CS3
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Reader 9
    Adobe Setup
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    Advertising Center
    altPUG
    AMD OverDrive
    Antidote HD
    Any Video Converter 5.0.5
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Assistant de connexion Windows Live
    µTorrent
    Batman: Arkham Asylum GOTY Edition
    Battle.net
    BattlEye for OA Uninstall
    BattlEye Uninstall
    BioShock Infinite
    Bonjour
    Borderlands
    Borderlands 2
    Browser Configuration Utility
    CDBurnerXP
    Configuration DivX
    Counter-Strike: Global Offensive
    CPUID HWMonitor 1.24
    Crysis WARHEAD(R)
    Day of Defeat: Source
    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
    Diablo
    Diablo II
    Diablo III
    DivX Converter
    DivX Plus DirectShow Filters
    DivX Version Checker
    DMIView B8.0717.01
    DolbyFiles
    EasySaver B9.0205.1
    ESET NOD32 Antivirus
    Express Burn
    f.lux
    Fallout: New Vegas
    FLAC 1.2.1b (remove only)
    FlipShare
    foobar2000 v1.1.7
    Fraps (remove only)
    Garry's Mod
    Gigabyte Raid Configurer
    GoldWave v5.67
    GOMTV Streamer
    Guild Wars 2
    Half-Life 2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    ImagXpress
    Installation Windows Live
    iTunes
    Java 7 Update 51
    Java Auto Updater
    Java(TM) 6 Update 39
    Last.fm Scrobbler 2.1.36
    League of Legends
    Left 4 Dead 2
    Logiciel d'archivage WinRAR
    Logitech GamePanel Software 3.03.133
    Menu Templates - Starter Kit
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Corporation
    Microsoft Games for Windows - LIVE
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Office Access MUI (French) 2010
    Microsoft Office Excel MUI (French) 2010
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (French) 2010
    Microsoft Office InfoPath MUI (French) 2010
    Microsoft Office Office 32-bit Components 2010
    Microsoft Office OneNote MUI (French) 2010
    Microsoft Office Outlook MUI (French) 2010
    Microsoft Office PowerPoint MUI (French) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Professionnel Plus 2010
    Microsoft Office Proof (Arabic) 2010
    Microsoft Office Proof (Dutch) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (German) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (French) 2010
    Microsoft Office Publisher MUI (French) 2010
    Microsoft Office Shared 32-bit MUI (French) 2010
    Microsoft Office Shared MUI (French) 2010
    Microsoft Office Word MUI (French) 2010
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft WSE 3.0 Runtime
    Microsoft Xbox 360 Accessories 1.2
    Microsoft XNA Framework Redistributable 4.0
    Mises à jour NVIDIA 11.10.11
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    Movie Templates - Starter Kit
    Mozilla Firefox 26.0 (x86 en-US)
    Mozilla Maintenance Service
    Mp3tag v2.53
    MPEG2 Codec(libmpeg2/mad)
    MSVCRT
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NCsoft Launcher
    Nero ControlCenter
    Nero CoverDesigner
    Nero Disc Copy Gadget
    Nero DiscSpeed
    Nero DriveSpeed
    Nero Installer
    Nero Live
    Nero PhotoSnap
    Nero Recode
    Nero ShowTime
    Nero StartSmart
    Nero Vision
    Nero WaveEditor
    NeroBurningROM
    NeroExpress
    NeroLiveGadget
    neroxml
    Nuclear Coffee - VideoGet
    NVIDIA CUDA Documentation 5.5
    NVIDIA GeForce Experience 1.8.2
    NVIDIA Install Application
    NVIDIA LED Visualizer 1.0
    NVIDIA Network Service
    NVIDIA Nsight Visual Studio Edition 3.1.0.13141
    NVIDIA PhysX
    NVIDIA Pilote audio HD : 1.3.30.1
    NVIDIA Pilote du contrôleur 3D Vision 320.57
    NVIDIA Pilote graphique 332.21
    NVIDIA Update Core
    Octoshape add-in for Adobe Flash Player
    Outil de téléchargement Windows Live
    Pando Media Booster
    Panneau de configuration NVIDIA 332.21
    Path of Exile
    PDF Settings
    PeerBlock 1.0.0 (r181)
    Portal 2
    QuickTime
    Razer DeathAdder Black Edition Mouse
    Razer DeathAdder(TM) Mouse
    Realtek 8169 8168 8101E 8102E Ethernet Driver
    Realtek High Definition Audio Driver
    Samsung_MonSetup
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
    Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
    Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
    Sid Meier's Civilization V
    Six Updater
    Skype Click to Call
    Skype™ 6.11
    SoundTrax
    SpeedFan (remove only)
    Spelling Dictionaries Support For Adobe Reader 9
    Spybot - Search & Destroy
    StarCraft II
    Steam
    System Requirements Lab CYRI
    TeamViewer 8
    Terraria
    The Binding of Isaac
    The Walking Dead
    Tomb Raider
    Torchlight II
    UltraMon
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
    Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
    Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
    VC80CRTRedist - 8.0.50727.6195
    Vegas Pro 9.0
    Ventrilo Client for Windows x64
    VLC media player 1.0.1
    WAV To MP3 Converter version 1.0 r1
    WBFS Manager 3.0
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Messenger
    Windows Media Player Firefox Plugin
    WinPcap 4.1.1
    XSplit Broadcaster
    Yahoo! Detect
    .
    ==== End Of File ===========================
    [/CODE]Ark:
    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-01-31 21:30:25
    Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-4 WDC_WD1001FALS-00J7B1 rev.05.00K05 931,51GB
    Running: wmqx170i.exe; Driver: C:\Users\NormS\AppData\Local\Temp\ufryqfog.sys


    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
    .text C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload + 1 fffffa600778df61 11 bytes {MOV RAX, 0xfffffa80063822a0; JMP RAX}

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe[1580] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000077541a9e 4 bytes [C2, 04, 00, 00]
    ? C:\Windows\system32\iertutil.dll [2592] entry point in ".rdata" section 0000000075f1acbd
    ? C:\Windows\system32\iertutil.dll [2972] entry point in ".rdata" section 0000000075f1acbd
    ? C:\Windows\system32\iertutil.dll [3936] entry point in ".rdata" section 0000000075f1acbd

    ---- Devices - GMER 2.1 ----

    Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-6 fffffa8003f7b2c0
    Device \Driver\atapi \Device\Ide\IdePort0 fffffa8003f7b2c0
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-4 fffffa8003f7b2c0

    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification

    Device \Driver\atapi \Device\Ide\IdePort1 fffffa8003f7b2c0

    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification

    Device \Driver\atapi \Device\Ide\IdePort2 fffffa8003f7b2c0

    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
    INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification

    Device \Driver\atapi \Device\Ide\IdePort3 fffffa8003f7b2c0
    Device \Driver\JRAID \Device\Scsi\JRAID1Port4Path0Target0Lun0 fffffa8003f7d2c0
    Device \Driver\JRAID \Device\Scsi\JRAID1 fffffa8003f7d2c0
    Device \FileSystem\Ntfs \Ntfs fffffa8003f7f2c0
    Device \Driver\usbehci \Device\USBPDO-5 fffffa80064b32c0
    Device \Driver\usbohci \Device\USBFDO-3 fffffa80064b12c0
    Device \Driver\usbohci \Device\USBPDO-1 fffffa80064b12c0
    Device \Driver\netbt \Device\NetBT_Tcpip_{352972F3-2D02-4D79-8061-A52335D3A8DC} fffffa80068942c0
    Device \Driver\iScsiPrt \Device\RaidPort0 fffffa80065032c0
    Device \Driver\cdrom \Device\CdRom0 fffffa800624f2c0
    Device \Driver\usbohci \Device\USBPDO-6 fffffa80064b12c0
    Device \Driver\usbohci \Device\USBFDO-4 fffffa80064b12c0
    Device \Driver\usbehci \Device\USBPDO-2 fffffa80064b32c0
    Device \Driver\usbohci \Device\USBFDO-0 fffffa80064b12c0
    Device \Driver\usbehci \Device\USBFDO-5 fffffa80064b32c0
    Device \Driver\usbohci \Device\USBPDO-3 fffffa80064b12c0
    Device \Driver\usbohci \Device\USBFDO-1 fffffa80064b12c0
    Device \Driver\volmgr \Device\HarddiskVolume1 fffffa8003f772c0
    Device \Driver\volmgr \Device\FtControl fffffa8003f772c0
    Device \Driver\volmgr \Device\VolMgrControl fffffa8003f772c0
    Device \Driver\volmgr \Device\HarddiskVolume2 fffffa8003f772c0
    Device \Driver\volmgr \Device\HarddiskVolume3 fffffa8003f772c0
    Device \Driver\netbt \Device\NetBt_Wins_Export fffffa80068942c0
    Device \Driver\usbohci \Device\USBFDO-6 fffffa80064b12c0
    Device \Driver\usbohci \Device\USBPDO-4 fffffa80064b12c0
    Device \Driver\usbehci \Device\USBFDO-2 fffffa80064b32c0
    Device \Driver\atapi \Device\ScsiPort0 fffffa8003f7b2c0
    Device \Driver\usbohci \Device\USBPDO-0 fffffa80064b12c0
    Device \Driver\atapi \Device\ScsiPort1 fffffa8003f7b2c0
    Device \Driver\atapi \Device\ScsiPort2 fffffa8003f7b2c0
    Device \Driver\Smb \Device\NetbiosSmb fffffa8006aa92c0
    Device \Driver\atapi \Device\ScsiPort3 fffffa8003f7b2c0
    Device \Driver\JRAID \Device\ScsiPort4 fffffa8003f7d2c0
    Device \Driver\iScsiPrt \Device\ScsiPort5 fffffa80065032c0

    ---- Trace I/O - GMER 2.1 ----

    Trace ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys >>UNKNOWN [0xfffffa8003f7b2c0]<< spcj.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys fffffa8003f7b2c0
    Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005ed6610] fffffa8005ed6610
    Trace 3 CLASSPNP.SYS[fffffa6000d36c33] -> nt!IofCallDriver -> [0xfffffa8004c23600] fffffa8004c23600
    Trace 5 acpi.sys[fffffa600097dfde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-4[0xfffffa8004c1d940] fffffa8004c1d940
    Trace \Driver\atapi[0xfffffa8004c09060] -> IRP_MJ_CREATE -> 0xfffffa8003f7b2c0 fffffa8003f7b2c0
    ---- Processes - GMER 2.1 ----

    Library C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{41AF5D85-0FDA-4F93-A144-001148F6C56F}\mpengine.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [364] (Microsoft Malware Protection Engine/Microsoft Corporation)(2014-01-31 07:14:43) 000007feec4f0000
    Process C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (*** suspicious ***) @ C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2456] (Skype C2C Service/Skype Technologies S.A.)(2012-10-02 16:13:44) 0000000000120000
    Process C:\Users\NormS\AppData\Local\FluxSoftware\Flux\flux.exe (*** suspicious ***) @ C:\Users\NormS\AppData\Local\FluxSoftware\Flux\flux.exe [1556] (f.lux/Flux Software LLC)(2013-10-15 23:06:12) 0000000000400000
    Library C:\Users\NormS\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll (*** suspicious ***) @ C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [4436] (Application Ontology library/NVIDIA Corporation)(2014-01-30 15:53:54) 0000000065e10000

    ---- Registry - GMER 2.1 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 285507792
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0xCA 0xFB 0x8B 0x4D ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0xD4 0xC3 0x97 0x02 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\[email protected] 0xBA 0x30 0x24 0x7E ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\[email protected] 0xD4 0xC3 0x97 0x02 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\[email protected] C:\Program Files (x86)\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0x81 0xF3 0xFB 0x4E ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\[email protected] 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0xBB 0x05 0xB6 0xAF ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x0A 0xF8 0x2F 0x10 ...

    ---- EOF - GMER 2.1 ----
    [/CODE]

    Thank you for your time.
     
  2. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Hi and welcome.
    Follow these steps:

    Step 1

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    Step 2

    Download : ADWCleaner to your desktop.

    NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

    Close all programs and click on the AdwCleaner icon.

    [​IMG]

    Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

    The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

    Step 3

    [​IMG] Please download Malwarebytes' Anti-Malware from Here.

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

    Step 4

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

    Make sure you include the content of the reports: (Do not use the Code or Quote formats)

    JRT.txt
    AdwCleaner[S0].txt
    Malwarebytes Report
    FRST.txt
    Adittional.txt
     
  3. normsrayn

    normsrayn Thread Starter

    Joined:
    Jan 29, 2014
    Messages:
    8
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.0 (01.07.2014:1)
    OS: Windows (TM) Vista Ultimate x64
    Ran by NormS on 2014-02-01 at 20:08:29,67
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
    Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



    ~~~ Files



    ~~~ Folders

    Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
    Successfully deleted: [Folder] "C:\Users\NormS\AppData\Roaming\getrighttogo"
    Successfully deleted: [Folder] "C:\Users\NormS\appdata\locallow\boost_interprocess"
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



    ~~~ FireFox

    Successfully deleted the following from C:\Users\NormS\AppData\Roaming\mozilla\firefox\profiles\usyu8i0h.default\prefs.js

    user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESmodules.betteReddit.subreddits.Adonisto", "[{\"display_name\":\"AdviceAnimals\",
    user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESmodules.newCommentCount.counts", "{\"k4zqi\":null,\"k4xwu\":null,\"k0yaj\":null,
    user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.rsci_data_array", "\"[{\\\"bnet_code\\\":404,\\\"bnet_id\\\":655626,\\\"bnet_name\\
    user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.rsci_data_hash", "\"{\\\"malfore\\\":0,\\\"raegx\\\":1717,\\\"daschande\\\":1718,\\
    Emptied folder: C:\Users\NormS\AppData\Roaming\mozilla\firefox\profiles\usyu8i0h.default\minidumps [357 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 2014-02-01 at 20:14:07,78
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    # AdwCleaner v3.018 - Rapport créé le 01/02/2014 à 20:16:56
    # Mis à jour le 28/01/2014 par Xplode
    # Système d'exploitation : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
    # Nom d'utilisateur : NormS - PC-NORMAND
    # Exécuté depuis : D:\Downloads\AdwCleaner.exe
    # Option : Scanner

    ***** [ Services ] *****


    ***** [ Fichiers / Dossiers ] *****

    Dossier Présent C:\ProgramData\boost_interprocess
    Dossier Présent C:\Users\NormS\AppData\Local\PackageAware

    ***** [ Raccourcis ] *****


    ***** [ Registre ] *****

    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Présente : HKLM\Software\PIP
    Clé Présente : HKLM\Software\VDownloader\OpenCandy
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

    ***** [ Navigateurs ] *****

    -\\ Internet Explorer v8.0.6001.19489


    -\\ Mozilla Firefox v26.0 (en-US)

    [ Fichier : C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\prefs.js ]

    Ligne Trouvée : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,fr-moderne%40dictionaries.addons.mozilla.org:4.3,rstarcraft_firefox_extension%40rstarcraft.info:0.16.0,%7B34878998-c8be-40bc-b[...]
    Ligne Trouvée : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESmodules.betteReddit.subreddits.Adonisto", "[{\"display_name\":\"AdviceAnimals\",\"url\":\"/r/AdviceAnimal[...]
    Ligne Trouvée : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESoptions.keyboardNav", "{\"focusBorder\":{\"type\":\"text\",\"value\":\"1px dashed #888888\",\"description[...]
    Ligne Trouvée : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.rsci_data_hash", "\"{\\\"malfore\\\":0,\\\"raegx\\\":1717,\\\"daschande\\\":1718,\\\"brutalhonesty08\\\":3,\[...]

    -\\ Google Chrome v

    [ Fichier : C:\Users\NormS\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [2923 octets] - [01/02/2014 20:16:56]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2983 octets] ##########


    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2014.02.01.08

    Windows Vista Service Pack 2 x64 NTFS
    Internet Explorer 8.0.6001.19489
    NormS :: PC-NORMAND [administrator]

    Protection: Enabled

    2014-02-01 20:31:02
    mbam-log-2014-02-01 (20-31-02).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 245424
    Time elapsed: 5 minute(s), 29 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [19544 2009-09-28] ()
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2009-11-28] ()
    S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
    S3 AtiHDAudioService; system32\drivers\AtihdLH6.sys [x]
    S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
    S3 cpuz130; \??\C:\Users\NormS\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
    S3 dump_wmimmc; \??\D:\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys [x]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-02-01 20:39 - 2014-02-01 20:39 - 00000000 ____D () C:\FRST
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-01 20:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-02-01 20:16 - 2014-02-01 20:17 - 00000000 ____D () C:\AdwCleaner
    2014-02-01 20:14 - 2014-02-01 20:14 - 00003255 _____ () C:\Users\NormS\Desktop\JRT.txt
    2014-02-01 20:08 - 2014-02-01 20:08 - 00000000 ____D () C:\Windows\ERUNT
    2014-01-28 20:10 - 2014-01-28 20:15 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
    2014-01-28 20:02 - 2014-01-28 20:02 - 00000000 ____D () C:\Program Files (x86)\AMD
    2014-01-23 20:26 - 2014-01-23 20:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
    2014-01-23 20:25 - 2014-01-23 20:25 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\ProgramData\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Program Files (x86)\NCH Software
    2014-01-22 13:50 - 2014-01-22 13:50 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA Corporation
    2014-01-22 13:39 - 2014-01-22 13:39 - 00346310 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3CB1.txt
    2014-01-22 13:39 - 2014-01-22 13:39 - 00012194 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3CB1.txt
    2014-01-22 13:38 - 2014-01-22 13:39 - 00355482 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3C9A.txt
    2014-01-22 13:38 - 2014-01-22 13:39 - 00012114 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3C9A.txt
    2014-01-22 13:38 - 2014-01-22 13:38 - 00000000 ____D () C:\Program Files\NVIDIA GPU Computing Toolkit
    2014-01-21 17:46 - 2014-01-21 17:46 - 00000000 ____D () C:\Program Files\CPUID
    2014-01-21 07:58 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-01-21 07:58 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-01-21 07:58 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-01-21 07:58 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-01-21 07:57 - 2014-01-21 07:58 - 00005310 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
    2014-01-20 22:29 - 2014-02-01 20:16 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\DogeCoin
    2014-01-17 19:20 - 2010-11-29 18:22 - 00023040 _____ (Razer (Asia-Pacific) Pte Ltd) C:\Windows\system32\Drivers\DABlack.sys
    2014-01-17 19:20 - 2010-11-25 17:32 - 00093184 _____ (Razer USA Ltd.) C:\Windows\SysWOW64\DeathAdderBlackEdition64.cpl
    2014-01-12 01:04 - 2014-01-12 01:04 - 00000737 _____ () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2014-01-08 15:49 - 2014-01-23 20:35 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\NVIDIA
    2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
    2014-01-07 16:07 - 2014-01-07 16:07 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-01-07 15:01 - 2014-01-07 15:01 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA
    2014-01-07 14:54 - 2013-12-19 15:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2014-01-07 14:54 - 2013-12-19 15:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
    2014-01-07 14:54 - 2013-11-28 08:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2014-01-07 14:54 - 2013-11-28 08:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2014-01-07 14:53 - 2014-01-22 13:47 - 00000000 ____D () C:\NVIDIA
    2014-01-07 14:16 - 2014-01-22 13:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-01-07 14:16 - 2014-01-07 15:00 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-01-07 14:14 - 2013-11-22 03:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2014-01-07 14:13 - 2013-12-19 13:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2014-01-07 14:12 - 2014-01-22 13:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-01-07 14:11 - 2013-12-19 15:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
    2014-01-07 14:11 - 2013-06-21 07:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
    2014-01-07 14:11 - 2013-06-21 07:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
    2014-01-07 14:09 - 2014-01-22 13:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

    ==================== One Month Modified Files and Folders =======

    2014-02-01 20:39 - 2014-02-01 20:39 - 00000000 ____D () C:\FRST
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-01 20:17 - 2014-02-01 20:16 - 00000000 ____D () C:\AdwCleaner
    2014-02-01 20:16 - 2014-01-20 22:29 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\DogeCoin
    2014-02-01 20:14 - 2014-02-01 20:14 - 00003255 _____ () C:\Users\NormS\Desktop\JRT.txt
    2014-02-01 20:08 - 2014-02-01 20:08 - 00000000 ____D () C:\Windows\ERUNT
    2014-02-01 19:58 - 2006-11-02 10:21 - 00003776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-02-01 19:58 - 2006-11-02 10:21 - 00003776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-02-01 19:46 - 2013-12-02 04:19 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-02-01 02:43 - 2006-11-02 10:26 - 01925334 _____ () C:\Windows\WindowsUpdate.log
    2014-02-01 02:03 - 2012-11-30 03:43 - 00000000 ____D () C:\ProgramData\boost_interprocess
    2014-02-01 02:00 - 2009-08-06 10:13 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\uTorrent
    2014-02-01 01:59 - 2013-09-06 22:11 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
    2014-02-01 01:59 - 2013-09-06 22:11 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
    2014-02-01 01:59 - 2009-08-06 10:20 - 00000124 _____ () C:\service.log
    2014-02-01 01:58 - 2009-08-06 10:15 - 00023080 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
    2014-02-01 01:58 - 2006-11-02 10:40 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-02-01 01:58 - 2006-11-02 10:39 - 00076500 _____ () C:\Windows\PFRO.log
    2014-02-01 01:57 - 2006-11-02 10:40 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-01-31 00:10 - 2006-11-02 14:27 - 00790034 _____ () C:\Windows\system32\perfh00C.dat
    2014-01-31 00:10 - 2006-11-02 14:27 - 00170194 _____ () C:\Windows\system32\perfc00C.dat
    2014-01-31 00:10 - 2006-11-02 07:46 - 01788506 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-01-28 22:15 - 2011-07-22 01:11 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\foobar2000
    2014-01-28 22:14 - 2010-10-19 04:01 - 00000000 ____D () C:\Users\NormS\AppData\Local\Last.fm
    2014-01-28 20:15 - 2014-01-28 20:10 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
    2014-01-28 20:02 - 2014-01-28 20:02 - 00000000 ____D () C:\Program Files (x86)\AMD
    2014-01-28 20:01 - 2012-07-20 13:20 - 00000000 ____D () C:\Users\NormS\AppData\Local\Downloaded Installations
    2014-01-28 16:40 - 2006-11-02 10:26 - 00043188 _____ () C:\Windows\setupact.log
    2014-01-24 14:21 - 2009-08-17 23:41 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\vlc
    2014-01-23 20:35 - 2014-01-08 15:49 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\NVIDIA
    2014-01-23 20:26 - 2014-01-23 20:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
    2014-01-23 20:26 - 2009-08-06 10:11 - 00000000 ___HD () C:\Users\NormS
    2014-01-23 20:25 - 2014-01-23 20:25 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
    2014-01-23 20:25 - 2009-08-07 20:06 - 00351847 _____ () C:\Windows\DirectX.log
    2014-01-22 20:07 - 2012-11-30 03:43 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Bitcoin
    2014-01-22 19:34 - 2009-08-06 11:14 - 00231424 ____H () C:\Users\NormS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\ProgramData\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Program Files (x86)\NCH Software
    2014-01-22 13:50 - 2014-01-22 13:50 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA Corporation
    2014-01-22 13:47 - 2014-01-07 14:53 - 00000000 ____D () C:\NVIDIA
    2014-01-22 13:39 - 2014-01-22 13:39 - 00346310 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3CB1.txt
    2014-01-22 13:39 - 2014-01-22 13:39 - 00012194 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3CB1.txt
    2014-01-22 13:39 - 2014-01-22 13:38 - 00355482 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3C9A.txt
    2014-01-22 13:39 - 2014-01-22 13:38 - 00012114 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3C9A.txt
    2014-01-22 13:39 - 2014-01-07 14:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-01-22 13:39 - 2014-01-07 14:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-01-22 13:39 - 2014-01-07 14:09 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-01-22 13:38 - 2014-01-22 13:38 - 00000000 ____D () C:\Program Files\NVIDIA GPU Computing Toolkit
    2014-01-21 17:46 - 2014-01-21 17:46 - 00000000 ____D () C:\Program Files\CPUID
    2014-01-21 08:00 - 2013-12-02 04:18 - 00000000 ____D () C:\ProgramData\Oracle
    2014-01-21 07:58 - 2014-01-21 07:57 - 00005310 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
    2014-01-21 07:58 - 2012-02-27 12:48 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-01-18 00:57 - 2013-04-09 02:19 - 00000000 ____D () C:\Program Files (x86)\RaidCall
    2014-01-18 00:56 - 2010-07-20 13:20 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\GRETECH
    2014-01-18 00:56 - 2010-07-20 13:18 - 00000000 ____D () C:\Program Files (x86)\GRETECH
    2014-01-17 19:29 - 2010-07-15 22:49 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Razer
    2014-01-17 19:23 - 2010-07-15 22:46 - 00047942 _____ () C:\Windows\DPINST.LOG
    2014-01-17 19:20 - 2012-04-06 03:36 - 00000000 ____D () C:\Program Files (x86)\Razer
    2014-01-17 19:20 - 2009-08-06 10:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-01-16 07:44 - 2013-07-22 02:01 - 00000000 ____D () C:\Windows\system32\MRT
    2014-01-16 07:42 - 2006-11-02 07:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-01-14 03:36 - 2009-08-13 13:15 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Skype
    2014-01-12 01:06 - 2014-01-01 03:22 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
    2014-01-12 01:04 - 2014-01-12 01:04 - 00000737 _____ () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2014-01-12 01:04 - 2009-08-06 10:14 - 00000000 ____D () C:\Program Files (x86)\uTorrent
    2014-01-09 22:02 - 2010-07-01 01:35 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\dvdcss
    2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
    2014-01-07 16:07 - 2014-01-07 16:07 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-01-07 15:34 - 2013-12-02 03:40 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-01-07 15:01 - 2014-01-07 15:01 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA
    2014-01-07 15:00 - 2014-01-07 14:16 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-01-07 14:13 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\Help
    2014-01-07 14:09 - 2010-06-15 18:50 - 00001356 ____H () C:\Users\NormS\AppData\Local\d3d9caps.dat
    2014-01-07 14:09 - 2009-08-06 10:11 - 00000732 ____H () C:\Users\NormS\AppData\Local\d3d9caps64.dat

    Some content of TEMP:
    ====================
    C:\Users\NormS\AppData\Local\Temp\devcon.exe
    C:\Users\NormS\AppData\Local\Temp\drm_dyndata_7400009.dll
    C:\Users\NormS\AppData\Local\Temp\DWPUpgradeInstaller.exe
    C:\Users\NormS\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\Last.fm-2.1.30.exe
    C:\Users\NormS\AppData\Local\Temp\Last.fm-2.1.32.exe
    C:\Users\NormS\AppData\Local\Temp\ose00001.exe
    C:\Users\NormS\AppData\Local\Temp\sfamcc00001.dll
    C:\Users\NormS\AppData\Local\Temp\sfextra.dll
    C:\Users\NormS\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\NormS\AppData\Local\Temp\SRLDetectionLibrary8932054953087061683.dll
    C:\Users\NormS\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\NormS\AppData\Local\Temp\Uni000.exe
    C:\Users\NormS\AppData\Local\Temp\utt306F.tmp.exe
    C:\Users\NormS\AppData\Local\Temp\utt3E31.tmp.exe
    C:\Users\NormS\AppData\Local\Temp\utt7C2D.tmp.exe
    C:\Users\NormS\AppData\Local\Temp\_is5BD9.exe
    C:\Users\NormS\AppData\Local\Temp\_is64AB.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-02-01 14:06

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
    Ran by NormS at 2014-02-01 20:39:55
    Running from D:\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: ESET NOD32 Antivirus 4.0 (Disabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
    AS: ESET NOD32 Antivirus 4.0 (Disabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    @BIOS Ver.2.05 (x32 Version: 2.05 - GIGABYTE)
    µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
    µTorrent (x32 Version: 3.3.0.29625 - BitTorrent Inc.)
    3ivx MPEG-4 5.0.3 (remove only) (x32 Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
    Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Acrobat.com (x32 Version: 1.1.377 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
    Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
    Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
    Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
    Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS3 (x32 Version: 10.0 - Adobe Systems Incorporated)
    Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
    Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
    Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
    Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
    altPUG (x32 Version: 1.2 - altPUG LLC)
    AMD OverDrive (x32 Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
    Antidote HD (x32 Version: 7.6.7016 - Druide informatique inc.)
    Any Video Converter 5.0.5 (x32 Version: - Any-Video-Converter.com)
    Apple Application Support (x32 Version: 2.1.5 - Apple Inc.)
    Apple Mobile Device Support (Version: 2.1.2.7 - Apple Inc.)
    Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
    Assistant de connexion Windows Live (x32 Version: 5.000.818.5 - Microsoft Corporation)
    Batman: Arkham Asylum GOTY Edition (x32 Version: - Rocksteady Studios)
    Battle.net (x32 Version: - Blizzard Entertainment)
    BattlEye for OA Uninstall (x32 Version: - )
    BattlEye Uninstall (x32 Version: - )
    BioShock Infinite (x32 Version: - Irrational Games)
    Bonjour (Version: 1.0.105 - Apple Inc.)
    Borderlands (x32 Version: - Gearbox Software)
    Borderlands 2 (x32 Version: - Gearbox Software)
    Browser Configuration Utility (x32 Version: 1.0.4.9 - DeviceVM Inc.)
    CDBurnerXP (x32 Version: 4.2.5.1490 - CDBurnerXP)
    Configuration DivX (x32 Version: 2.6.1.24 - DivX, LLC)
    Counter-Strike: Global Offensive (x32 Version: - Valve)
    CPUID HWMonitor 1.24 (Version: - )
    Crysis WARHEAD(R) (Version: - Electronic Arts)
    Crysis WARHEAD(R) (Version: 1.0 - Crytek)
    Crysis WARHEAD(R) (x32 Version: - Electronic Arts)
    Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek)
    Day of Defeat: Source (x32 Version: - Valve)
    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version: - Microsoft)
    Diablo (x32 Version: - )
    Diablo II (x32 Version: - )
    Diablo III (x32 Version: - Blizzard Entertainment)
    DivX Converter (x32 Version: 7.1.0 - DivX, Inc.)
    DivX Plus DirectShow Filters (x32 Version: - DivX, Inc.)
    DivX Version Checker (x32 Version: 7.1.0.2 - DivX, Inc.)
    DMIView B8.0717.01 (x32 Version: 1.4 - Gigabyte)
    DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
    EasySaver B9.0205.1 (x32 Version: 1.00.0000 - Gigabyte)
    ESET NOD32 Antivirus (Version: 4.0.437.0 - ESET, spol s r. o.)
    Express Burn (x32 Version: 4.68 - NCH Software)
    f.lux (HKCU Version: - )
    Fallout: New Vegas (x32 Version: - Obsidian Entertainment)
    FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b - Xiph.org)
    FlipShare (x32 Version: 4.1.1.35527 - Flip Video)
    foobar2000 v1.1.7 (x32 Version: 1.1.7 - Peter Pawlowski)
    Fraps (remove only) (x32 Version: - )
    Garry's Mod (x32 Version: - Facepunch Studios)
    Gigabyte Raid Configurer (x32 Version: 1.00.0000 - Gigabyte Technology Corp.)
    GoldWave v5.67 (x32 Version: - )
    GOMTV Streamer (x32 Version: 1.0.0.25 - Gretech Corporation)
    Guild Wars 2 (x32 Version: - NCsoft Corporation, Ltd.)
    Half-Life 2 (x32 Version: - Valve)
    ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
    Installation Windows Live (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
    Installation Windows Live (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    iTunes (Version: 8.0.2.20 - Apple Inc.)
    Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Java(TM) 6 Update 39 (x32 Version: 6.0.390 - Oracle)
    Last.fm Scrobbler 2.1.36 (x32 Version: - Last.fm)
    League of Legends (x32 Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Left 4 Dead 2 (x32 Version: - Valve)
    Logiciel d'archivage WinRAR (Version: - )
    Logitech GamePanel Software 3.03.133 (Version: 3.03.133 - Logitech Inc.)
    Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
    Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
    Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
    Microsoft Corporation (x32 Version: 9.0.30729.1 - Microsoft Corporation) Hidden
    Microsoft Games for Windows - LIVE (x32 Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (x32 Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Office Access MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Groove MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professionnel Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Proof (Arabic) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 32-bit MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (x32 Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
    Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
    Mises à jour NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra (Version: - Microsoft Corporation)
    Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden
    Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
    Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
    Mp3tag v2.53 (x32 Version: v2.53 - Florian Heidenreich)
    MPEG2 Codec(libmpeg2/mad) (x32 Version: - )
    MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB927978) (x32 Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
    NCsoft Launcher (x32 Version: 1.5.4.2 - NCsoft)
    Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
    Nero CoverDesigner (x32 Version: 4.4.8.100 - Nero AG) Hidden
    Nero Disc Copy Gadget (x32 Version: 2.4.17.0 - Nero AG) Hidden
    Nero DiscSpeed (x32 Version: 5.4.10.100 - Nero AG) Hidden
    Nero DriveSpeed (x32 Version: 4.4.10.100 - Nero AG) Hidden
    Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
    Nero Live (x32 Version: 1.4.40.0 - Nero AG) Hidden
    Nero PhotoSnap (x32 Version: 1.53.2.0 - Nero AG) Hidden
    Nero Recode (x32 Version: 4.4.22.0 - Nero AG) Hidden
    Nero ShowTime (x32 Version: 5.4.13.100 - Nero AG) Hidden
    Nero StartSmart (x32 Version: 9.4.11.100 - Nero AG) Hidden
    Nero Vision (x32 Version: 6.4.9.100 - Nero AG) Hidden
    Nero WaveEditor (x32 Version: 5.4.23.0 - Nero AG) Hidden
    NeroBurningROM (x32 Version: 9.4.13.100 - Nero AG) Hidden
    NeroExpress (x32 Version: 9.4.13.100 - Nero AG) Hidden
    NeroLiveGadget (x32 Version: 1.2.7.100 - Nero AG) Hidden
    neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
    Nuclear Coffee - VideoGet (Version: 2012 - Nuclear Coffee)
    NVIDIA CUDA Documentation 5.5 (Version: 5.5 - NVIDIA Corporation)
    NVIDIA GeForce Experience 1.8.2 (Version: 1.8.2 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Nsight Visual Studio Edition 3.1.0.13141 (Version: 3.1.0.13141 - NVIDIA Corporation)
    NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation)
    NVIDIA Pilote audio HD : 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Pilote du contrôleur 3D Vision 320.57 (Version: 320.57 - NVIDIA Corporation)
    NVIDIA Pilote graphique 332.21 (Version: 332.21 - NVIDIA Corporation)
    NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
    Octoshape add-in for Adobe Flash Player (HKCU Version: - )
    Outil de téléchargement Windows Live (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
    Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
    Panneau de configuration NVIDIA 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
    Path of Exile (x32 Version: - Grinding Gear Games)
    PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    PeerBlock 1.0.0 (r181) (Version: 1.0.0.181 - PeerBlock, LLC)
    Portal 2 (x32 Version: - Valve)
    QuickTime (x32 Version: 7.71.80.42 - Apple Inc.)
    Razer DeathAdder Black Edition Mouse (x32 Version: 1.02 - Razer USA Ltd.)
    Razer DeathAdder(TM) Mouse (x32 Version: 3.05 - Razer USA Ltd.)
    Realtek 8169 8168 8101E 8102E Ethernet Driver (x32 Version: 1.00.0000 - Realtek)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.5780 - Realtek Semiconductor Corp.)
    Samsung_MonSetup (x32 Version: 1.00.0000 - Samsung)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
    Sid Meier's Civilization V (x32 Version: - 2K Games, Inc.)
    Six Updater (x32 Version: 2.09.7016 - Six Projects)
    Skype Click to Call (x32 Version: 6.3.11079 - Skype Technologies S.A.)
    Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
    SoundTrax (x32 Version: 4.4.23.0 - Nero AG) Hidden
    SpeedFan (remove only) (x32 Version: - )
    Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
    Spybot - Search & Destroy (x32 Version: 1.6.2 - Safer Networking Limited)
    StarCraft II (x32 Version: - Blizzard Entertainment)
    Steam (x32 Version: 1.0.0.0 - Valve Corporation)
    System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC)
    TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
    Terraria (x32 Version: - Re-Logic)
    The Binding of Isaac (x32 Version: - Edmund McMillen and Florian Himsl)
    The Walking Dead (x32 Version: - )
    Tomb Raider (x32 Version: - Crystal Dynamics)
    Torchlight II (x32 Version: - Runic Games)
    UltraMon (Version: 3.1.0 - Realtime Soft Ltd)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version: - Microsoft)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    Vegas Pro 9.0 (x32 Version: 9.0.563 - Sony)
    Ventrilo Client for Windows x64 (Version: 3.0.5.0 - Flagship Industries, Inc.)
    VLC media player 1.0.1 (x32 Version: 1.0.1 - VideoLAN Team)
    WAV To MP3 Converter version 1.0 r1 (x32 Version: 1.0 r1 - )
    WBFS Manager 3.0 (x32 Version: 3.0 - AlexDP)
    Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
    WinPcap 4.1.1 (x32 Version: 4.1.0.1753 - CACE Technologies)
    XSplit Broadcaster (x32 Version: 1.3.1307.1904 - SplitMediaLabs)
    Yahoo! Detect (x32 Version: - )

    ==================== Restore Points =========================

    28-01-2014 21:43:43 Windows Update
    29-01-2014 01:01:56 Installed AMD OverDrive.
    31-01-2014 11:58:01 Point de contrôle planifié
    01-02-2014 13:56:07 Point de contrôle planifié

    ==================== Hosts content: ==========================

    2006-11-02 07:34 - 2013-11-15 06:17 - 00001234 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    255.255.255.255 easyanticheat.se # misleading site
    255.255.255.255 www.easyanticheat.se # misleading site
    255.255.255.255 easyanticheat.com # misleading site
    255.255.255.255 www.easyanticheat.com # misleading site
    255.255.255.255 easyanticheat.info # misleading site
    255.255.255.255 www.easyanticheat.info # misleading site
    255.255.255.255 easyanticheat.org # misleading site
    255.255.255.255 www.easyanticheat.org # misleading site


    ==================== Scheduled Tasks (whitelisted) =============

    Task: {57033494-7FEB-43C0-9771-C699AA91279C} - System32\Tasks\{F33B8D71-69E3-432D-8247-9BE2E25AAED0} => Firefox.exe http://ui.skype.com/ui/0/5.5.0.119/...2,google-chrome:offered-installed;madedefault
    Task: {6CA0C333-2524-4732-8353-2C31756304EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
    Task: {763C549F-8609-4085-AACA-C14E813E7FA3} - System32\Tasks\{69FFD1FA-CFA1-4BB4-9B49-1BA21B513BC9} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
    Task: {8F338A18-3CDA-419E-87AD-41E6318B9BA1} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2013-09-06] ()
    Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {9A441CE9-6C4F-4991-954B-EDCB9256D04F} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
    Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
    Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
    Task: {D39A1A8E-53E3-4BDB-AFB1-F11010632A11} - System32\Tasks\{450C1FF6-D342-4110-8512-1CAA53939BEE} => Firefox.exe http://ui.skype.com/ui/0/5.1.0.112/...wser2,google-chrome:notoffered;alreadyoffered
    Task: {D783D219-2B0A-4694-A688-A24DABC98326} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {E32336D0-42D9-40D3-8C0A-BF7B59ED6FEA} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2009-08-06 10:20 - 2008-12-05 16:03 - 00098304 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
    2009-03-30 14:31 - 2009-03-30 14:31 - 01581056 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
    2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-11-18 16:23 - 2011-11-18 16:23 - 00032336 _____ () C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qgif4.dll
    2011-11-18 16:23 - 2011-11-18 16:23 - 00202320 _____ () C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qjpeg4.dll
    2013-02-12 21:38 - 2013-02-12 21:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2013-12-20 12:36 - 2013-12-20 12:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF

    ==================== Safe Mode (whitelisted) ===================


    ==================== Faulty Device Manager Devices =============

    Name:
    Description:
    Class Guid: {6264e7e6-b95c-4033-908f-86e7ab9e2554}
    Manufacturer: Razer
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Dispositifs Logitech GamePanel (QVGA)
    Description: Dispositifs Logitech GamePanel (QVGA)
    Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
    Manufacturer: Logitech Inc
    Service: WUDFRd
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Dispositifs Logitech GamePanel (Mono)
    Description: Dispositifs Logitech GamePanel (Mono)
    Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
    Manufacturer: Logitech Inc
    Service: WUDFRd
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============

    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2009-09-11 21:28:06.967
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-11 21:28:06.928
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:44:35.282
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:44:35.259
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:38:27.530
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:38:27.507
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:39:26.973
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:39:26.958
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:15:33.290
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:15:33.275
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.


    ==================== Memory info ===========================

    Percentage of memory in use: 52%
    Total physical RAM: 4093.57 MB
    Available physical RAM: 1933.39 MB
    Total Pagefile: 8411.66 MB
    Available Pagefile: 6104.54 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:100 GB) (Free:22.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: () (Fixed) (Total:831.51 GB) (Free:43.48 GB) NTFS
    Drive g: () (Fixed) (Total:232.88 GB) (Free:90.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: D373C8AD)
    Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=832 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 1824942D)
    Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  4. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    The FRST.txt was incompleted.

    In addittion, I am concern with the presence of the following:

    C:\Windows\System32\Tasks\AutoKMS
    C:\Windows\Tasks\AutoKMS.job


    My research find that these are part of a keygen to crack Office. Please confirm.

    ----------------------------------------------​

    Download the enclosed file. Save it in the same location FRST64 is. Run FRST64 once again, except that this time around click on the Fix button and wait. The tool will make a log (Fixlog.txt). Please post it to your reply.

    ----------------------------------------------​

    When AdwCleaner was ran, the Clean button was not used. Run AdwCleaner. Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

    The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[Sx].txt, where x represent the number of runs.

    -----------------------------------------------​

    Please re-scan with FRST64, put a checkmark on Addition and post the new FRST.txt and Additional.txt reports.

    -----------------------------------------------​

    Once done, type the following in the edit box on FRST64, after "Search:".

    ntoskrnl.exe

    It then should look like:

    Search: ntoskrnl.exe

    Click Search button and post the log (Search.txt) it will be produced in your next reply.
     

    Attached Files:

  5. normsrayn

    normsrayn Thread Starter

    Joined:
    Jan 29, 2014
    Messages:
    8
    I think that should be it:

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2014 04
    Ran by NormS at 2014-02-02 00:57:03 Run:1
    Running from D:\Downloads
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    Start
    Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {D783D219-2B0A-4694-A688-A24DABC98326} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    2006-11-02 07:34 - 2013-11-15 06:17 - 00001234 ____A C:\Windows\system32\Drivers\etc\hosts
    C:\Users\NormS\AppData\Local\Temp\devcon.exe
    C:\Users\NormS\AppData\Local\Temp\drm_dyndata_7400009.dll
    C:\Users\NormS\AppData\Local\Temp\DWPUpgradeInstaller.exe
    C:\Users\NormS\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
    C:\Users\NormS\AppData\Local\Temp\Last.fm-2.1.30.exe
    C:\Users\NormS\AppData\Local\Temp\Last.fm-2.1.32.exe
    C:\Users\NormS\AppData\Local\Temp\ose00001.exe
    C:\Users\NormS\AppData\Local\Temp\sfamcc00001.dll
    C:\Users\NormS\AppData\Local\Temp\sfextra.dll
    C:\Users\NormS\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\NormS\AppData\Local\Temp\SRLDetectionLibrary8932054953087061683.dl l
    C:\Users\NormS\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\NormS\AppData\Local\Temp\Uni000.exe
    C:\Users\NormS\AppData\Local\Temp\utt306F.tmp.exe
    C:\Users\NormS\AppData\Local\Temp\utt3E31.tmp.exe
    C:\Users\NormS\AppData\Local\Temp\utt7C2D.tmp.exe
    C:\Users\NormS\AppData\Local\Temp\_is5BD9.exe
    C:\Users\NormS\AppData\Local\Temp\_is64AB.exe
    End
    *****************

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9475DD97-BB54-4FD8-A31A-032B4833F6AA} => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9475DD97-BB54-4FD8-A31A-032B4833F6AA} => Key deleted successfully.
    C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC\TMM => Moved successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\TMM => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA105019-BFFB-4713-B627-81B47F4419F0} => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA105019-BFFB-4713-B627-81B47F4419F0} => Key deleted successfully.
    C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages => Moved successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D783D219-2B0A-4694-A688-A24DABC98326} => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D783D219-2B0A-4694-A688-A24DABC98326} => Key deleted successfully.
    C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI => Moved successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI => Key deleted successfully.
    C:\Windows\system32\Drivers\etc\hosts => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\devcon.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\drm_dyndata_7400009.dll => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\DWPUpgradeInstaller.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\Last.fm-2.1.30.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\Last.fm-2.1.32.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\ose00001.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\sfextra.dll => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
    "C:\Users\NormS\AppData\Local\Temp\SRLDetectionLibrary8932054953087061683.dl l" => File/Directory not found.
    C:\Users\NormS\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\Uni000.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\utt306F.tmp.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\utt3E31.tmp.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\utt7C2D.tmp.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\_is5BD9.exe => Moved successfully.
    C:\Users\NormS\AppData\Local\Temp\_is64AB.exe => Moved successfully.

    ==== End of Fixlog ====


    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
    Ran by NormS (administrator) on PC-NORMAND on 02-02-2014 00:58:25
    Running from D:\Downloads
    Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: French Standard
    Internet Explorer Version 8
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    () C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
    () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    (Microsoft Corporation) C:\Windows\ehome\ehtray.exe
    (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
    (Flux Software LLC) C:\Users\NormS\AppData\Local\FluxSoftware\Flux\flux.exe
    (Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Druide informatique inc.) C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Druide informatique inc.) C:\Program Files (x86)\Druide\Antidote 7\Programmes64\AgentAntidote64.exe
    (Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
    () C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    () C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe
    () C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razertra.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
    () C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerofa.exe
    (Apple Inc.) C:\Program Files (x86)\iPod\bin\iPodService.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
    (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    (Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Valve Corporation) D:\Jeux\Steam\Steam.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-18] (Microsoft Corporation)
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6963744 2009-01-20] (Realtek Semiconductor)
    HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2692008 2009-08-06] (ESET)
    HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe
    HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415752 2009-08-13] (Logitech Inc.)
    HKLM\...\Run: [Launch LCDMon] - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2093064 2009-08-13] (Logitech Inc.)
    HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4195848 2009-08-13] (Logitech Inc.)
    HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
    HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
    HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [290088 2009-01-06] (Apple Inc.)
    HKLM-x32\...\Run: [agentantidote.exe] - C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe [943168 2012-02-22] (Druide informatique inc.)
    HKLM-x32\...\Run: [agentantidote64.exe] - C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe [77888 2012-02-22] (Druide informatique inc.)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
    HKLM-x32\...\Run: [DeathAdder] - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [248832 2012-01-14] ()
    HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-29] (DivX, LLC)
    HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [DeathAdderBlackEdition] - C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razerhid.exe [246272 2011-03-21] ()
    HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-18] (Microsoft Corporation)
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\Run: [PlayNC Launcher] - [x]
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\Run: [F.lux] - C:\Users\NormS\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\Run: [Steam] - D:\Jeux\Steam\steam.exe [1815976 2014-01-27] (Valve Corporation)
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [802136 2013-05-14] (BitTorrent Inc.)
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\MountPoints2: {25308a13-4915-11e1-b013-00241d7730cb} - I:\LaunchU3.exe -a
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\MountPoints2: {41d42abe-83b5-11de-a97a-00241d7730cb} - F:\SETUP.EXE
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\MountPoints2: {41d42bc9-83b5-11de-a97a-00241d7730cb} - H:\OblivionLauncher.exe
    HKU\S-1-5-21-3537467119-1562055130-3285508727-1000\...\MountPoints2: {4e668225-829a-11de-9b55-806e6f6e6963} - E:\Setup.exe
    Startup: C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk
    ShortcutTarget: GameStop Now.lnk -> C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe (No File)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/defaultf.aspx?ocid=iehp
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x706F31BC00FECE01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca
    URLSearchHook: HKCU - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKCU - DefaultScope {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=fr&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKCU - {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=fr&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
    BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

    Hosts: Hosts file not detected in the default directory
    Tcpip\Parameters: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2

    FireFox:
    ========
    FF ProfilePath: C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default
    FF Homepage: hxxp://www.youtube.com
    FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1))%20%7B%20return%20'PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
    FF NetworkProxy: "type", 2
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
    FF Extension: Dictionnaire français «Moderne» - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\[email protected] [2011-11-29]
    FF Extension: r/Diablo Skill &amp; Item Tooltip Extension - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\[email protected] [2012-04-24]
    FF Extension: Youtube Video Center - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\{34878998-c8be-40bc-bc13-9243a2844976} [2013-09-21]
    FF Extension: DivX Web Player - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\[email protected] [2011-05-13]
    FF Extension: Enhanced Steam - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\[email protected] [2013-12-03]
    FF Extension: ProxMate - Proxy on steroids! - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\[email protected] [2013-07-31]
    FF Extension: Reddit Enhancement Suite - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\[email protected] [2012-04-30]
    FF Extension: /r/starcraft user script - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\[email protected] [2011-04-05]
    FF Extension: Adblock Plus - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-16]
    FF Extension: Team Liquid Streams - C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\Extensions\{db09811d-efff-4339-a548-8550c7238a30}.xpi [2011-10-05]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-12-20]
    FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-01]
    FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-08-06]

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]

    ==================== Services (Whitelisted) =================

    S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
    R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132424 2008-11-07] (Apple Inc.)
    S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [23296 2009-05-14] (ESET)
    R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [731840 2009-05-14] (ESET)
    R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-02-05] ()
    R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [451904 2009-03-30] ()
    R3 iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [536872 2009-01-06] (Apple Inc.)
    S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2009-08-09] ()
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
    R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2009-07-13] ()
    S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3407412 2009-08-30] (INCA Internet Co., Ltd.)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
    R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [427008 2010-04-21] (Microsoft Corporation)
    S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [x]

    ==================== Drivers (Whitelisted) ====================

    R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
    R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-08-09] ()
    S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
    R3 DABlackFltr; C:\Windows\System32\drivers\DABlack.sys [23040 2010-11-29] (Razer (Asia-Pacific) Pte Ltd)
    S3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12672 2007-08-02] (Razer (Asia-Pacific) Pte Ltd)
    R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [142776 2009-05-14] (ESET)
    R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134024 2009-05-14] (ESET)
    S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
    R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [120104 2009-05-14] (ESET)
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-08-09] ()
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
    S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
    S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [19544 2009-09-28] ()
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2009-11-28] ()
    S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
    S3 AtiHDAudioService; system32\drivers\AtihdLH6.sys [x]
    S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
    S3 cpuz130; \??\C:\Users\NormS\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
    S3 dump_wmimmc; \??\D:\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys [x]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-02-01 20:39 - 2014-02-02 00:58 - 00000000 ____D () C:\FRST
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-01 20:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-02-01 20:16 - 2014-02-01 20:17 - 00000000 ____D () C:\AdwCleaner
    2014-02-01 20:14 - 2014-02-01 20:14 - 00003255 _____ () C:\Users\NormS\Desktop\JRT.txt
    2014-02-01 20:08 - 2014-02-01 20:08 - 00000000 ____D () C:\Windows\ERUNT
    2014-01-28 20:10 - 2014-01-28 20:15 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
    2014-01-28 20:02 - 2014-01-28 20:02 - 00000000 ____D () C:\Program Files (x86)\AMD
    2014-01-23 20:26 - 2014-01-23 20:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
    2014-01-23 20:25 - 2014-01-23 20:25 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\ProgramData\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Program Files (x86)\NCH Software
    2014-01-22 13:50 - 2014-01-22 13:50 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA Corporation
    2014-01-22 13:39 - 2014-01-22 13:39 - 00346310 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3CB1.txt
    2014-01-22 13:39 - 2014-01-22 13:39 - 00012194 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3CB1.txt
    2014-01-22 13:38 - 2014-01-22 13:39 - 00355482 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3C9A.txt
    2014-01-22 13:38 - 2014-01-22 13:39 - 00012114 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3C9A.txt
    2014-01-22 13:38 - 2014-01-22 13:38 - 00000000 ____D () C:\Program Files\NVIDIA GPU Computing Toolkit
    2014-01-21 17:46 - 2014-01-21 17:46 - 00000000 ____D () C:\Program Files\CPUID
    2014-01-21 07:58 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-01-21 07:58 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-01-21 07:58 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-01-21 07:58 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-01-21 07:57 - 2014-01-21 07:58 - 00005310 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
    2014-01-20 22:29 - 2014-02-02 00:56 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\DogeCoin
    2014-01-17 19:20 - 2010-11-29 18:22 - 00023040 _____ (Razer (Asia-Pacific) Pte Ltd) C:\Windows\system32\Drivers\DABlack.sys
    2014-01-17 19:20 - 2010-11-25 17:32 - 00093184 _____ (Razer USA Ltd.) C:\Windows\SysWOW64\DeathAdderBlackEdition64.cpl
    2014-01-12 01:04 - 2014-01-12 01:04 - 00000737 _____ () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2014-01-08 15:49 - 2014-01-23 20:35 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\NVIDIA
    2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
    2014-01-07 16:07 - 2014-01-07 16:07 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-01-07 15:01 - 2014-01-07 15:01 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA
    2014-01-07 14:54 - 2013-12-19 15:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2014-01-07 14:54 - 2013-12-19 15:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
    2014-01-07 14:54 - 2013-12-19 15:33 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
    2014-01-07 14:54 - 2013-11-28 08:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2014-01-07 14:54 - 2013-11-28 08:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2014-01-07 14:53 - 2014-01-22 13:47 - 00000000 ____D () C:\NVIDIA
    2014-01-07 14:16 - 2014-01-22 13:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-01-07 14:16 - 2014-01-07 15:00 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-01-07 14:14 - 2013-11-22 03:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2014-01-07 14:13 - 2013-12-19 13:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2014-01-07 14:13 - 2013-12-19 13:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2014-01-07 14:12 - 2014-01-22 13:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-01-07 14:11 - 2013-12-19 15:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2014-01-07 14:11 - 2013-12-19 15:33 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
    2014-01-07 14:11 - 2013-06-21 07:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
    2014-01-07 14:11 - 2013-06-21 07:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
    2014-01-07 14:09 - 2014-01-22 13:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

    ==================== One Month Modified Files and Folders =======

    2014-02-02 00:58 - 2014-02-01 20:39 - 00000000 ____D () C:\FRST
    2014-02-02 00:56 - 2014-01-20 22:29 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\DogeCoin
    2014-02-02 00:46 - 2013-12-02 04:19 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-02-01 23:58 - 2006-11-02 10:21 - 00003776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-02-01 23:58 - 2006-11-02 10:21 - 00003776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-02-01 20:30 - 2014-02-01 20:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-01 20:17 - 2014-02-01 20:16 - 00000000 ____D () C:\AdwCleaner
    2014-02-01 20:14 - 2014-02-01 20:14 - 00003255 _____ () C:\Users\NormS\Desktop\JRT.txt
    2014-02-01 20:08 - 2014-02-01 20:08 - 00000000 ____D () C:\Windows\ERUNT
    2014-02-01 02:43 - 2006-11-02 10:26 - 01925334 _____ () C:\Windows\WindowsUpdate.log
    2014-02-01 02:03 - 2012-11-30 03:43 - 00000000 ____D () C:\ProgramData\boost_interprocess
    2014-02-01 02:00 - 2009-08-06 10:13 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\uTorrent
    2014-02-01 01:59 - 2013-09-06 22:11 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
    2014-02-01 01:59 - 2013-09-06 22:11 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
    2014-02-01 01:59 - 2009-08-06 10:20 - 00000124 _____ () C:\service.log
    2014-02-01 01:58 - 2009-08-06 10:15 - 00023080 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
    2014-02-01 01:58 - 2006-11-02 10:40 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-02-01 01:58 - 2006-11-02 10:39 - 00076500 _____ () C:\Windows\PFRO.log
    2014-02-01 01:57 - 2006-11-02 10:40 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-01-31 00:10 - 2006-11-02 14:27 - 00790034 _____ () C:\Windows\system32\perfh00C.dat
    2014-01-31 00:10 - 2006-11-02 14:27 - 00170194 _____ () C:\Windows\system32\perfc00C.dat
    2014-01-31 00:10 - 2006-11-02 07:46 - 01788506 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-01-28 22:15 - 2011-07-22 01:11 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\foobar2000
    2014-01-28 22:14 - 2010-10-19 04:01 - 00000000 ____D () C:\Users\NormS\AppData\Local\Last.fm
    2014-01-28 20:15 - 2014-01-28 20:10 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
    2014-01-28 20:10 - 2014-01-28 20:10 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
    2014-01-28 20:02 - 2014-01-28 20:02 - 00000000 ____D () C:\Program Files (x86)\AMD
    2014-01-28 20:01 - 2012-07-20 13:20 - 00000000 ____D () C:\Users\NormS\AppData\Local\Downloaded Installations
    2014-01-28 16:40 - 2006-11-02 10:26 - 00043188 _____ () C:\Windows\setupact.log
    2014-01-24 14:21 - 2009-08-17 23:41 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\vlc
    2014-01-23 20:35 - 2014-01-08 15:49 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\NVIDIA
    2014-01-23 20:26 - 2014-01-23 20:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
    2014-01-23 20:26 - 2009-08-06 10:11 - 00000000 ___HD () C:\Users\NormS
    2014-01-23 20:25 - 2014-01-23 20:25 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
    2014-01-23 20:25 - 2009-08-07 20:06 - 00351847 _____ () C:\Windows\DirectX.log
    2014-01-22 20:07 - 2012-11-30 03:43 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Bitcoin
    2014-01-22 19:34 - 2009-08-06 11:14 - 00231424 ____H () C:\Users\NormS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\ProgramData\NCH Software
    2014-01-22 14:55 - 2014-01-22 14:55 - 00000000 ____D () C:\Program Files (x86)\NCH Software
    2014-01-22 13:50 - 2014-01-22 13:50 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA Corporation
    2014-01-22 13:47 - 2014-01-07 14:53 - 00000000 ____D () C:\NVIDIA
    2014-01-22 13:39 - 2014-01-22 13:39 - 00346310 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3CB1.txt
    2014-01-22 13:39 - 2014-01-22 13:39 - 00012194 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3CB1.txt
    2014-01-22 13:39 - 2014-01-22 13:38 - 00355482 ____H () C:\Users\NormS\AppData\Local\dd_vcredistMSI3C9A.txt
    2014-01-22 13:39 - 2014-01-22 13:38 - 00012114 ____H () C:\Users\NormS\AppData\Local\dd_vcredistUI3C9A.txt
    2014-01-22 13:39 - 2014-01-07 14:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-01-22 13:39 - 2014-01-07 14:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-01-22 13:39 - 2014-01-07 14:09 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-01-22 13:38 - 2014-01-22 13:38 - 00000000 ____D () C:\Program Files\NVIDIA GPU Computing Toolkit
    2014-01-21 17:46 - 2014-01-21 17:46 - 00000000 ____D () C:\Program Files\CPUID
    2014-01-21 08:00 - 2013-12-02 04:18 - 00000000 ____D () C:\ProgramData\Oracle
    2014-01-21 07:58 - 2014-01-21 07:57 - 00005310 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
    2014-01-21 07:58 - 2012-02-27 12:48 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-01-18 00:57 - 2013-04-09 02:19 - 00000000 ____D () C:\Program Files (x86)\RaidCall
    2014-01-18 00:56 - 2010-07-20 13:20 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\GRETECH
    2014-01-18 00:56 - 2010-07-20 13:18 - 00000000 ____D () C:\Program Files (x86)\GRETECH
    2014-01-17 19:29 - 2010-07-15 22:49 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Razer
    2014-01-17 19:23 - 2010-07-15 22:46 - 00047942 _____ () C:\Windows\DPINST.LOG
    2014-01-17 19:20 - 2012-04-06 03:36 - 00000000 ____D () C:\Program Files (x86)\Razer
    2014-01-17 19:20 - 2009-08-06 10:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-01-16 07:44 - 2013-07-22 02:01 - 00000000 ____D () C:\Windows\system32\MRT
    2014-01-16 07:42 - 2006-11-02 07:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-01-14 03:36 - 2009-08-13 13:15 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\Skype
    2014-01-12 01:06 - 2014-01-01 03:22 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
    2014-01-12 01:04 - 2014-01-12 01:04 - 00000737 _____ () C:\Users\NormS\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2014-01-12 01:04 - 2009-08-06 10:14 - 00000000 ____D () C:\Program Files (x86)\uTorrent
    2014-01-09 22:02 - 2010-07-01 01:35 - 00000000 ____D () C:\Users\NormS\AppData\Roaming\dvdcss
    2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
    2014-01-07 16:07 - 2014-01-07 16:07 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-01-07 15:34 - 2013-12-02 03:40 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2014-01-07 15:01 - 2014-01-07 15:01 - 00000000 ____D () C:\Users\NormS\AppData\Local\NVIDIA
    2014-01-07 15:00 - 2014-01-07 14:16 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-01-07 14:13 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\Help
    2014-01-07 14:09 - 2010-06-15 18:50 - 00001356 ____H () C:\Users\NormS\AppData\Local\d3d9caps.dat
    2014-01-07 14:09 - 2009-08-06 10:11 - 00000732 ____H () C:\Users\NormS\AppData\Local\d3d9caps64.dat

    Some content of TEMP:
    ====================
    C:\Users\NormS\AppData\Local\Temp\SRLDetectionLibrary8932054953087061683.dll


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-02-01 14:06

    ==================== End Of Log ============================


    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
    Ran by NormS at 2014-02-02 00:59:03
    Running from D:\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: ESET NOD32 Antivirus 4.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
    AS: ESET NOD32 Antivirus 4.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    @BIOS Ver.2.05 (x32 Version: 2.05 - GIGABYTE)
    µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
    µTorrent (x32 Version: 3.3.0.29625 - BitTorrent Inc.)
    3ivx MPEG-4 5.0.3 (remove only) (x32 Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
    Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Acrobat.com (x32 Version: 1.1.377 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
    Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
    Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
    Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
    Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS3 (x32 Version: 10.0 - Adobe Systems Incorporated)
    Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
    Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
    Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
    Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
    altPUG (x32 Version: 1.2 - altPUG LLC)
    AMD OverDrive (x32 Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
    Antidote HD (x32 Version: 7.6.7016 - Druide informatique inc.)
    Any Video Converter 5.0.5 (x32 Version: - Any-Video-Converter.com)
    Apple Application Support (x32 Version: 2.1.5 - Apple Inc.)
    Apple Mobile Device Support (Version: 2.1.2.7 - Apple Inc.)
    Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
    Assistant de connexion Windows Live (x32 Version: 5.000.818.5 - Microsoft Corporation)
    Batman: Arkham Asylum GOTY Edition (x32 Version: - Rocksteady Studios)
    Battle.net (x32 Version: - Blizzard Entertainment)
    BattlEye for OA Uninstall (x32 Version: - )
    BattlEye Uninstall (x32 Version: - )
    BioShock Infinite (x32 Version: - Irrational Games)
    Bonjour (Version: 1.0.105 - Apple Inc.)
    Borderlands (x32 Version: - Gearbox Software)
    Borderlands 2 (x32 Version: - Gearbox Software)
    Browser Configuration Utility (x32 Version: 1.0.4.9 - DeviceVM Inc.)
    CDBurnerXP (x32 Version: 4.2.5.1490 - CDBurnerXP)
    Configuration DivX (x32 Version: 2.6.1.24 - DivX, LLC)
    Counter-Strike: Global Offensive (x32 Version: - Valve)
    CPUID HWMonitor 1.24 (Version: - )
    Crysis WARHEAD(R) (Version: - Electronic Arts)
    Crysis WARHEAD(R) (Version: 1.0 - Crytek)
    Crysis WARHEAD(R) (x32 Version: - Electronic Arts)
    Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek)
    Day of Defeat: Source (x32 Version: - Valve)
    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version: - Microsoft)
    Diablo (x32 Version: - )
    Diablo II (x32 Version: - )
    Diablo III (x32 Version: - Blizzard Entertainment)
    DivX Converter (x32 Version: 7.1.0 - DivX, Inc.)
    DivX Plus DirectShow Filters (x32 Version: - DivX, Inc.)
    DivX Version Checker (x32 Version: 7.1.0.2 - DivX, Inc.)
    DMIView B8.0717.01 (x32 Version: 1.4 - Gigabyte)
    DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
    EasySaver B9.0205.1 (x32 Version: 1.00.0000 - Gigabyte)
    ESET NOD32 Antivirus (Version: 4.0.437.0 - ESET, spol s r. o.)
    Express Burn (x32 Version: 4.68 - NCH Software)
    f.lux (HKCU Version: - )
    Fallout: New Vegas (x32 Version: - Obsidian Entertainment)
    FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b - Xiph.org)
    FlipShare (x32 Version: 4.1.1.35527 - Flip Video)
    foobar2000 v1.1.7 (x32 Version: 1.1.7 - Peter Pawlowski)
    Fraps (remove only) (x32 Version: - )
    Garry's Mod (x32 Version: - Facepunch Studios)
    Gigabyte Raid Configurer (x32 Version: 1.00.0000 - Gigabyte Technology Corp.)
    GoldWave v5.67 (x32 Version: - )
    GOMTV Streamer (x32 Version: 1.0.0.25 - Gretech Corporation)
    Guild Wars 2 (x32 Version: - NCsoft Corporation, Ltd.)
    Half-Life 2 (x32 Version: - Valve)
    ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
    Installation Windows Live (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
    Installation Windows Live (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    iTunes (Version: 8.0.2.20 - Apple Inc.)
    Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Java(TM) 6 Update 39 (x32 Version: 6.0.390 - Oracle)
    Last.fm Scrobbler 2.1.36 (x32 Version: - Last.fm)
    League of Legends (x32 Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Left 4 Dead 2 (x32 Version: - Valve)
    Logiciel d'archivage WinRAR (Version: - )
    Logitech GamePanel Software 3.03.133 (Version: 3.03.133 - Logitech Inc.)
    Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
    Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
    Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
    Microsoft Corporation (x32 Version: 9.0.30729.1 - Microsoft Corporation) Hidden
    Microsoft Games for Windows - LIVE (x32 Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (x32 Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Office Access MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Groove MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professionnel Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Proof (Arabic) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 32-bit MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (x32 Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
    Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
    Mises à jour NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra (Version: - Microsoft Corporation)
    Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden
    Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
    Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
    Mp3tag v2.53 (x32 Version: v2.53 - Florian Heidenreich)
    MPEG2 Codec(libmpeg2/mad) (x32 Version: - )
    MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB927978) (x32 Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
    NCsoft Launcher (x32 Version: 1.5.4.2 - NCsoft)
    Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
    Nero CoverDesigner (x32 Version: 4.4.8.100 - Nero AG) Hidden
    Nero Disc Copy Gadget (x32 Version: 2.4.17.0 - Nero AG) Hidden
    Nero DiscSpeed (x32 Version: 5.4.10.100 - Nero AG) Hidden
    Nero DriveSpeed (x32 Version: 4.4.10.100 - Nero AG) Hidden
    Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
    Nero Live (x32 Version: 1.4.40.0 - Nero AG) Hidden
    Nero PhotoSnap (x32 Version: 1.53.2.0 - Nero AG) Hidden
    Nero Recode (x32 Version: 4.4.22.0 - Nero AG) Hidden
    Nero ShowTime (x32 Version: 5.4.13.100 - Nero AG) Hidden
    Nero StartSmart (x32 Version: 9.4.11.100 - Nero AG) Hidden
    Nero Vision (x32 Version: 6.4.9.100 - Nero AG) Hidden
    Nero WaveEditor (x32 Version: 5.4.23.0 - Nero AG) Hidden
    NeroBurningROM (x32 Version: 9.4.13.100 - Nero AG) Hidden
    NeroExpress (x32 Version: 9.4.13.100 - Nero AG) Hidden
    NeroLiveGadget (x32 Version: 1.2.7.100 - Nero AG) Hidden
    neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
    Nuclear Coffee - VideoGet (Version: 2012 - Nuclear Coffee)
    NVIDIA CUDA Documentation 5.5 (Version: 5.5 - NVIDIA Corporation)
    NVIDIA GeForce Experience 1.8.2 (Version: 1.8.2 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Nsight Visual Studio Edition 3.1.0.13141 (Version: 3.1.0.13141 - NVIDIA Corporation)
    NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation)
    NVIDIA Pilote audio HD : 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Pilote du contrôleur 3D Vision 320.57 (Version: 320.57 - NVIDIA Corporation)
    NVIDIA Pilote graphique 332.21 (Version: 332.21 - NVIDIA Corporation)
    NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
    Octoshape add-in for Adobe Flash Player (HKCU Version: - )
    Outil de téléchargement Windows Live (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
    Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
    Panneau de configuration NVIDIA 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
    Path of Exile (x32 Version: - Grinding Gear Games)
    PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    PeerBlock 1.0.0 (r181) (Version: 1.0.0.181 - PeerBlock, LLC)
    Portal 2 (x32 Version: - Valve)
    QuickTime (x32 Version: 7.71.80.42 - Apple Inc.)
    Razer DeathAdder Black Edition Mouse (x32 Version: 1.02 - Razer USA Ltd.)
    Razer DeathAdder(TM) Mouse (x32 Version: 3.05 - Razer USA Ltd.)
    Realtek 8169 8168 8101E 8102E Ethernet Driver (x32 Version: 1.00.0000 - Realtek)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.5780 - Realtek Semiconductor Corp.)
    Samsung_MonSetup (x32 Version: 1.00.0000 - Samsung)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
    Sid Meier's Civilization V (x32 Version: - 2K Games, Inc.)
    Six Updater (x32 Version: 2.09.7016 - Six Projects)
    Skype Click to Call (x32 Version: 6.3.11079 - Skype Technologies S.A.)
    Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
    SoundTrax (x32 Version: 4.4.23.0 - Nero AG) Hidden
    SpeedFan (remove only) (x32 Version: - )
    Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
    Spybot - Search & Destroy (x32 Version: 1.6.2 - Safer Networking Limited)
    StarCraft II (x32 Version: - Blizzard Entertainment)
    Steam (x32 Version: 1.0.0.0 - Valve Corporation)
    System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC)
    TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
    Terraria (x32 Version: - Re-Logic)
    The Binding of Isaac (x32 Version: - Edmund McMillen and Florian Himsl)
    The Walking Dead (x32 Version: - )
    Tomb Raider (x32 Version: - Crystal Dynamics)
    Torchlight II (x32 Version: - Runic Games)
    UltraMon (Version: 3.1.0 - Realtime Soft Ltd)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version: - Microsoft)
    Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version: - Microsoft)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    Vegas Pro 9.0 (x32 Version: 9.0.563 - Sony)
    Ventrilo Client for Windows x64 (Version: 3.0.5.0 - Flagship Industries, Inc.)
    VLC media player 1.0.1 (x32 Version: 1.0.1 - VideoLAN Team)
    WAV To MP3 Converter version 1.0 r1 (x32 Version: 1.0 r1 - )
    WBFS Manager 3.0 (x32 Version: 3.0 - AlexDP)
    Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
    WinPcap 4.1.1 (x32 Version: 4.1.0.1753 - CACE Technologies)
    XSplit Broadcaster (x32 Version: 1.3.1307.1904 - SplitMediaLabs)
    Yahoo! Detect (x32 Version: - )

    ==================== Restore Points =========================

    28-01-2014 21:43:43 Windows Update
    29-01-2014 01:01:56 Installed AMD OverDrive.
    31-01-2014 11:58:01 Point de contrôle planifié
    01-02-2014 13:56:07 Point de contrôle planifié

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {57033494-7FEB-43C0-9771-C699AA91279C} - System32\Tasks\{F33B8D71-69E3-432D-8247-9BE2E25AAED0} => Firefox.exe http://ui.skype.com/ui/0/5.5.0.119/...2,google-chrome:offered-installed;madedefault
    Task: {6CA0C333-2524-4732-8353-2C31756304EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
    Task: {763C549F-8609-4085-AACA-C14E813E7FA3} - System32\Tasks\{69FFD1FA-CFA1-4BB4-9B49-1BA21B513BC9} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
    Task: {8F338A18-3CDA-419E-87AD-41E6318B9BA1} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2013-09-06] ()
    Task: {9A441CE9-6C4F-4991-954B-EDCB9256D04F} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
    Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
    Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
    Task: {D39A1A8E-53E3-4BDB-AFB1-F11010632A11} - System32\Tasks\{450C1FF6-D342-4110-8512-1CAA53939BEE} => Firefox.exe http://ui.skype.com/ui/0/5.1.0.112/...wser2,google-chrome:notoffered;alreadyoffered
    Task: {E32336D0-42D9-40D3-8C0A-BF7B59ED6FEA} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2009-08-06 14:09 - 2009-07-20 13:16 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
    2009-08-06 10:20 - 2008-12-05 16:03 - 00098304 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
    2009-03-30 14:31 - 2009-03-30 14:31 - 01581056 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
    2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-11-18 16:23 - 2011-11-18 16:23 - 00032336 _____ () C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qgif4.dll
    2011-11-18 16:23 - 2011-11-18 16:23 - 00202320 _____ () C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats\qjpeg4.dll
    2013-02-12 21:38 - 2013-02-12 21:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2013-12-20 12:36 - 2013-12-20 12:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2014-01-28 16:40 - 2013-12-12 17:19 - 00142848 _____ () D:\Jeux\Steam\libavresample-1.dll
    2014-01-28 16:40 - 2013-11-04 20:12 - 00890592 _____ () D:\Jeux\Steam\libavutil-52.dll
    2014-01-28 16:40 - 2014-01-10 18:33 - 00717312 _____ () D:\Jeux\Steam\SDL2.dll
    2014-01-28 16:40 - 2014-01-27 14:02 - 01138088 _____ () D:\Jeux\Steam\bin\chromehtml.dll
    2014-01-28 16:40 - 2014-01-10 18:33 - 20625832 _____ () D:\Jeux\Steam\bin\libcef.dll
    2014-01-28 16:40 - 2013-06-14 18:49 - 01100800 _____ () D:\Jeux\Steam\bin\avcodec-53.dll
    2014-01-28 16:40 - 2013-06-14 18:49 - 00124416 _____ () D:\Jeux\Steam\bin\avutil-51.dll
    2014-01-28 16:40 - 2013-06-14 18:49 - 00192000 _____ () D:\Jeux\Steam\bin\avformat-53.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF

    ==================== Safe Mode (whitelisted) ===================


    ==================== Faulty Device Manager Devices =============

    Name:
    Description:
    Class Guid: {6264e7e6-b95c-4033-908f-86e7ab9e2554}
    Manufacturer: Razer
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Dispositifs Logitech GamePanel (QVGA)
    Description: Dispositifs Logitech GamePanel (QVGA)
    Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
    Manufacturer: Logitech Inc
    Service: WUDFRd
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Dispositifs Logitech GamePanel (Mono)
    Description: Dispositifs Logitech GamePanel (Mono)
    Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
    Manufacturer: Logitech Inc
    Service: WUDFRd
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/01/2014 10:29:46 PM) (Source: Perflib) (User: )
    Description: EmdCache4


    System errors:
    =============

    Microsoft Office Sessions:
    =========================
    Error: (02/01/2014 10:29:46 PM) (Source: Perflib)(User: )
    Description: EmdCache4


    CodeIntegrity Errors:
    ===================================
    Date: 2009-09-11 21:28:06.967
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-11 21:28:06.928
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:44:35.282
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:44:35.259
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:38:27.530
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 23:38:27.507
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:39:26.973
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:39:26.958
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:15:33.290
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.

    Date: 2009-09-08 19:15:33.275
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Jeux\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s'agit éventuellement d'un logiciel malveillant d'une source inconnue.


    ==================== Memory info ===========================

    Percentage of memory in use: 58%
    Total physical RAM: 4093.57 MB
    Available physical RAM: 1694.9 MB
    Total Pagefile: 8411.66 MB
    Available Pagefile: 5847.54 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:100 GB) (Free:21.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: () (Fixed) (Total:831.51 GB) (Free:43.48 GB) NTFS
    Drive g: () (Fixed) (Total:232.88 GB) (Free:90.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: D373C8AD)
    Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=832 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 1824942D)
    Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================


    Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
    Ran by NormS at 2014-02-02 01:04:05
    Running from D:\Downloads
    Boot Mode: Normal

    ================== Search: "ntoskrnl.exe" ===================

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23154_none_ca8cec4d82e97ab3\ntoskrnl.exe
    [2013-08-13 17:37] - [2013-07-07 23:08] - 4664256 ____A (Microsoft Corporation) B1AAE884320029A58F72B7CE0ABBDDB2

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_ca794b2382f7e81c\ntoskrnl.exe
    [2013-04-10 11:13] - [2013-03-11 08:33] - 4678504 ____A (Microsoft Corporation) 1873B95FCEAA40EC9CADF2C1BB61ABF2

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_caae5a7582d04310\ntoskrnl.exe
    [2013-02-13 13:09] - [2013-01-22 08:12] - 4681592 ____A (Microsoft Corporation) B1266A731C2326EBE8E01F46F18728AC

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_caa980e182d4911b\ntoskrnl.exe
    [2012-10-10 08:42] - [2012-08-29 06:40] - 4686208 ____A (Microsoft Corporation) 34C970A45CCC0D65A4A0F8D306E12844

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_ca9faf5982dbc93c\ntoskrnl.exe
    [2012-05-11 11:17] - [2012-04-03 03:22] - 4687232 ____A (Microsoft Corporation) B59E026F49BF06B435795F867AD46009

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22662_none_ca803c1382f33c18\ntoskrnl.exe
    [2011-08-09 20:19] - [2011-06-20 03:45] - 4688784 ____A (Microsoft Corporation) D14B8C4AB6C05B89D430D3911FE2833B

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_cac41a9382bfe350\ntoskrnl.exe
    [2011-02-09 00:38] - [2010-10-15 09:02] - 4689808 ____A (Microsoft Corporation) 255A6D981139EFEF605A88E003D1B2A2

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22420_none_caa9776382d49f58\ntoskrnl.exe
    [2010-08-11 11:31] - [2010-06-08 13:10] - 4688256 ____A (Microsoft Corporation) 04C706018E9F0A2C835A427A8AB6EBA1

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_ca94d5ef82e3f36a\ntoskrnl.exe
    [2010-04-13 15:45] - [2010-02-18 09:22] - 4690304 ____A (Microsoft Corporation) AE0C10C55347383C0CD6CFF3F4794FD7

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_ca6b94ed830298b5\ntoskrnl.exe
    [2010-02-09 16:30] - [2009-12-08 15:05] - 4691528 ____A (Microsoft Corporation) CBA7366E93C4DCAA62005A177EEC2FCE

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_ca5ec287830c84d1\ntoskrnl.exe
    [2009-10-15 18:50] - [2009-08-05 09:09] - 4693576 ____A (Microsoft Corporation) 0DD0FCFB9609403352FF75656826E82F

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18881_none_c9e004d869e6b24e\ntoskrnl.exe
    [2013-08-13 17:37] - [2013-07-07 23:51] - 4691904 ____A (Microsoft Corporation) 82272D72710ED6A40E9A2A2286A9BBF4

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_ca3a856069a23822\ntoskrnl.exe
    [2013-04-10 11:13] - [2013-03-11 08:33] - 4691304 ____A (Microsoft Corporation) 1F8B1075A863117A35EE94436E2962E7

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_c9f9a3f269d2e2a1\ntoskrnl.exe
    [2013-02-13 13:09] - [2013-01-05 00:37] - 4695400 ____A (Microsoft Corporation) 8A3AB79510C3384BF14D1731DD1ED963

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_c9e5027e69e236b3\ntoskrnl.exe
    [2012-10-10 08:42] - [2012-08-29 06:40] - 4699520 ____A (Microsoft Corporation) 1A14913D51571403CF8A3941BDC3BA67

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_ca3c822869a07082\ntoskrnl.exe
    [2012-05-11 11:17] - [2012-04-03 03:22] - 4699520 ____A (Microsoft Corporation) 7180984A68411B9D2F2495E03561B47E

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18484_none_c9e2fe1e69e409b7\ntoskrnl.exe
    [2011-08-09 20:19] - [2011-06-20 03:45] - 4699536 ____A (Microsoft Corporation) A26DE9288D67E4EAC2D1205043AFD430

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_ca26dc9e69b0b0ef\ntoskrnl.exe
    [2011-02-09 00:38] - [2010-10-15 09:02] - 4699024 ____A (Microsoft Corporation) 4065E920FB6ED05B5F62A1FB6908C6C5

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18267_none_c9fb9b0869d1238c\ntoskrnl.exe
    [2010-08-11 11:31] - [2010-06-08 13:00] - 4697992 ____A (Microsoft Corporation) 825926D6AD714A529F4069D9EBBD1D3B

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_ca3e7b24699eae94\ntoskrnl.exe
    [2010-04-13 15:45] - [2010-02-18 09:28] - 4697992 ____A (Microsoft Corporation) 72FD908E7D1F176C00F1EF8F3D1445B0

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_c9f4971c69d77504\ntoskrnl.exe
    [2010-02-09 16:30] - [2009-12-08 15:22] - 4698184 ____A (Microsoft Corporation) 9668520760E72E1B1B9EDFB7BFB6A691

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_c9e0f5f269e5e26d\ntoskrnl.exe
    [2009-10-15 18:50] - [2009-08-04 07:47] - 4698168 ____A (Microsoft Corporation) 8E43DA6C8040C68446AA4B5D84C8127A

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_ca3a763069a24eea\ntoskrnl.exe
    [2009-08-06 17:21] - [2009-04-10 23:15] - 4699608 ____A (Microsoft Corporation) 1B60CCC70788044404EEFBBB389FC111

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_c893f7e585d0874a\ntoskrnl.exe
    [2011-02-09 00:38] - [2010-10-15 09:02] - 4678032 ____A (Microsoft Corporation) 3A22B135BC4341025E19B9ADFB26C02A

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22707_none_c8dfa7598597c3b3\ntoskrnl.exe
    [2010-08-11 11:31] - [2010-06-08 12:18] - 4675976 ____A (Microsoft Corporation) 31F137EEB5121654A9448904D89209A2

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_c8be356585b10108\ntoskrnl.exe
    [2010-04-13 15:45] - [2010-02-18 10:04] - 4678032 ____A (Microsoft Corporation) C0EC74895F90E5E788061C7F305F57D1

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_c893f41985d08cfc\ntoskrnl.exe
    [2010-02-09 16:30] - [2009-12-08 16:13] - 4678232 ____A (Microsoft Corporation) 6DC7FC9EB17EF1CB809AED351DE91DB9

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_c88b22db85d6de74\ntoskrnl.exe
    [2009-10-15 18:50] - [2009-08-05 09:12] - 4682824 ____A (Microsoft Corporation) 0170600F2A613CE3E8CC2B66A6DC7885

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_c88b20f585d6e14d\ntoskrnl.exe
    [2009-08-05 23:54] - [2009-08-05 23:54] - 4691424 ____A (Microsoft Corporation) 65252FED486E5BF1E384CA65C16148C7

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_c836992e6c9193ec\ntoskrnl.exe
    [2011-02-09 00:38] - [2010-10-15 09:02] - 4692368 ____A (Microsoft Corporation) 760A67A51D409EB396D1942D5555435C

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18488_none_c80087ac6cba227a\ntoskrnl.exe
    [2010-08-11 11:31] - [2010-06-08 12:47] - 4690832 ____A (Microsoft Corporation) CCCD9EE56C92778385A3E715DC3D5ABF

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_c84066ea6c8a617d\ntoskrnl.exe
    [2010-04-13 15:45] - [2010-02-18 10:01] - 4690832 ____A (Microsoft Corporation) 413D579C2CDEF19CD842F4DF4A90C4ED

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_c80a55686cb2f00b\ntoskrnl.exe
    [2010-02-09 16:30] - [2009-12-08 15:59] - 4691032 ____A (Microsoft Corporation) E50C900C7F479886F26FA60ADBEE5852

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_c85303fe6c7ce06f\ntoskrnl.exe
    [2009-10-15 18:50] - [2009-08-05 09:56] - 4691016 ____A (Microsoft Corporation) 043EB4B7C74C189E06584411B2C9EB8F

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_c83f62d46c8b4dd8\ntoskrnl.exe
    [2009-08-05 23:54] - [2009-08-05 23:54] - 4692448 ____A (Microsoft Corporation) ED97E8551F0B1844250ED1B07393B10D

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_c84efd246c80839e\ntoskrnl.exe
    [2009-08-06 15:58] - [2008-01-18 23:12] - 4694072 ____A (Microsoft Corporation) 6760643D6400CA78640E9DD3824115B1

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_c6e29ce788828a41\ntoskrnl.exe
    [2010-04-13 15:45] - [2010-02-18 10:10] - 4411272 ____A (Microsoft Corporation) AF706D838B59A6C30D8B46C5C2D9D2FD

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_c6ab8b1b88abff78\ntoskrnl.exe
    [2010-02-09 16:30] - [2009-12-08 16:05] - 4412504 ____A (Microsoft Corporation) 46B167601033C2DB4E1A727569A8CA31

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_c6f339678876d685\ntoskrnl.exe
    [2009-10-15 18:50] - [2009-08-05 10:14] - 4412488 ____A (Microsoft Corporation) 5E99FFD02816FF54247294C7C9C003B9

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_c6df983d888543ee\ntoskrnl.exe
    [2009-08-05 23:54] - [2009-08-05 23:54] - 4413936 ____A (Microsoft Corporation) CC172711FF2FCE0673321A951B02C379

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20707_none_c6f95d4f887143d8\ntoskrnl.exe
    [2009-08-06 15:26] - [2007-10-24 00:32] - 4429368 ____A (Microsoft Corporation) 7853B6079DFEF3B92170D6FC4704C7F2

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20670_none_c6a6a9ef88b058e7\ntoskrnl.exe
    [2009-08-06 15:26] - [2007-08-28 22:56] - 4433080 ____A (Microsoft Corporation) B729503349ED1AD1A3DAFAC99A8EC6F0

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20629_none_c6e5bc25887fb141\ntoskrnl.exe
    [2009-08-05 23:41] - [2009-08-05 23:41] - 4431544 ____A (Microsoft Corporation) 0D759AEA38AB472BC31BE20ADB826DC8

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_c653fcc46f696e9d\ntoskrnl.exe
    [2010-04-13 15:45] - [2010-02-18 10:05] - 4424072 ____A (Microsoft Corporation) 8E3658ABC4A2053DBEA37C84E416DEB5

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_c620159a6f8ff9be\ntoskrnl.exe
    [2010-02-09 16:30] - [2009-12-08 16:09] - 4425304 ____A (Microsoft Corporation) 5183EBE8114DA62A532E275CFB3729CC

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_c669c47a6f590379\ntoskrnl.exe
    [2009-10-15 18:50] - [2009-08-05 10:07] - 4425288 ____A (Microsoft Corporation) C53B06CB817845873A3D32C1BAD33727

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_c64852866f7240ce\ntoskrnl.exe
    [2009-08-05 23:54] - [2009-08-05 23:54] - 4427232 ____A (Microsoft Corporation) 8B3095B00E832ABFC7047A04E681CCDE

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16584_none_c6163e606f973a6a\ntoskrnl.exe
    [2009-08-06 15:26] - [2007-10-24 00:38] - 4428344 ____A (Microsoft Corporation) C8F63B25C6E46DA63BD9C7858C4721FF

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16551_none_c633ad466f819a92\ntoskrnl.exe
    [2009-08-06 15:26] - [2007-08-28 23:26] - 4430520 ____A (Microsoft Corporation) 229046035D363AA26030701B547F0067

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16514_none_c661edd46f5e76d3\ntoskrnl.exe
    [2009-08-05 23:41] - [2009-08-05 23:41] - 4430008 ____A (Microsoft Corporation) 019BFB3BB384A1F5F14758FBF68BB116

    C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16386_none_c6183b286f9572ca\ntoskrnl.exe
    [2006-11-02 04:14] - [2006-11-02 06:52] - 4420712 ____A (Microsoft Corporation) BD7680463BBD88364F47B0F3956F1F79

    C:\Windows\System32\ntoskrnl.exe
    [2013-08-13 17:37] - [2013-07-07 23:51] - 4691904 ____A (Microsoft Corporation) 82272D72710ED6A40E9A2A2286A9BBF4

    C:\Windows\SoftwareDistribution\Download\e718191f6d90e545e9141da4bedca37f\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_c89ebc6d85c87c6f\ntoskrnl.exe
    [2009-08-06 17:17] - [2008-04-26 03:43] - 4694584 ____A (Microsoft Corporation) A1DC0EFF401FE35688F1046F10BEE5BF

    C:\Windows\SoftwareDistribution\Download\e718191f6d90e545e9141da4bedca37f\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_c8111e7a6cae7749\ntoskrnl.exe
    [2009-08-06 17:17] - [2008-04-26 03:53] - 4694584 ____A (Microsoft Corporation) 6DEA6827709FC6F047580111651DFF02

    ====== End Of Search ======

    # AdwCleaner v3.018 - Rapport créé le 02/02/2014 à 01:14:46
    # Mis à jour le 28/01/2014 par Xplode
    # Système d'exploitation : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
    # Nom d'utilisateur : NormS - PC-NORMAND
    # Exécuté depuis : D:\Downloads\AdwCleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****


    ***** [ Fichiers / Dossiers ] *****

    [!] Dossier Supprimé : C:\ProgramData\boost_interprocess
    [!] Dossier Supprimé : C:\Users\NormS\AppData\Local\PackageAware

    ***** [ Raccourcis ] *****


    ***** [ Registre ] *****

    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKLM\Software\PIP
    Clé Supprimée : HKLM\Software\VDownloader\OpenCandy

    ***** [ Navigateurs ] *****

    -\\ Internet Explorer v8.0.6001.19489


    -\\ Mozilla Firefox v26.0 (en-US)

    [ Fichier : C:\Users\NormS\AppData\Roaming\Mozilla\Firefox\Profiles\usyu8i0h.default\prefs.js ]

    Ligne Supprimée : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,fr-moderne%40dictionaries.addons.mozilla.org:4.3,rstarcraft_firefox_extension%40rstarcraft.info:0.16.0,%7B34878998-c8be-40bc-b[...]
    Ligne Supprimée : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESmodules.betteReddit.subreddits.Adonisto", "[{\"display_name\":\"AdviceAnimals\",\"url\":\"/r/AdviceAnimal[...]
    Ligne Supprimée : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESoptions.keyboardNav", "{\"focusBorder\":{\"type\":\"text\",\"value\":\"1px dashed #888888\",\"description[...]
    Ligne Supprimée : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.rsci_data_hash", "\"{\\\"malfore\\\":0,\\\"raegx\\\":1717,\\\"daschande\\\":1718,\\\"brutalhonesty08\\\":3,\[...]

    -\\ Google Chrome v

    [ Fichier : C:\Users\NormS\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [3075 octets] - [01/02/2014 20:16:56]
    AdwCleaner[R1].txt - [3135 octets] - [02/02/2014 01:13:32]
    AdwCleaner[S0].txt - [3078 octets] - [02/02/2014 01:14:46]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3138 octets] ##########


    (Sorry my OS is in french.)

    Also, thank you for your time JSntgRvr I really appreciate it.
     
  6. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    It appears that there is nothing wrong with the ntoskrnl.exe file as GMER states.

    Are you still unable to access the Advanced menu?
     
  7. normsrayn

    normsrayn Thread Starter

    Joined:
    Jan 29, 2014
    Messages:
    8
    I can now access the advanced boot option when my SSD with Windows 7 on it is unplugged but when I plug my SSD I can't anymore. It used to be even when my SSD is unplugged I couldn't access it.

    Should I redo every step above in Wdinows 7(OS on my SSD)?
     
  8. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Do you have a password to Enter the CMOS Setup Utility (BIOS). Enter the BIOS. Is your Hard drive recognized?
     
  9. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    When you refer to "my SSD with Windows 7", are you referring to a Solid State Drive with Windows 7?
     
  10. normsrayn

    normsrayn Thread Starter

    Joined:
    Jan 29, 2014
    Messages:
    8
    Yes, that's right. I recently bought a Solid State Drive and the problems started not long after I installed Windows 7 on my new SSD. Now it seems fine when the SSD is not plugged in but the problem is still there If I plug back the SSD with Windows 7 on it. I have Windows Vista on my HDD and Windows 7 on my SSD right now. Sorry if I'm unclear.

    As far as I know, I don't have a password for my BIOS and yes my SSD is recognized.
     
  11. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    I am not sure, but unless you have a dual boot, the Boot Configuration wont permit it. I would suggest you post in the Windows Vista or 7 forum, and see if if the experts may have an answer for you. That is out of my ball park. Clearly explain how both systems are set. I am sure is not due to malware.

    Run AdwCleaner and uninstall. Also remove the C:\FRST folder.

    You be safe. :)
     
  12. normsrayn

    normsrayn Thread Starter

    Joined:
    Jan 29, 2014
    Messages:
    8
    There in nothing that may contribute to this issue. You must remember that the OS wont load during the Advanced menu. It must be due to a Boot Configuration setting. Have the experts help you with that. Prior to any changes, create a System Restore on each drive.
     
  13. normsrayn

    normsrayn Thread Starter

    Joined:
    Jan 29, 2014
    Messages:
    8
    Cont...

    ==================== One Month Modified Files and Folders =======

    2014-02-03 23:52 - 2014-02-03 23:52 - 00000000 ____D () C:\FRST
    2014-02-03 23:51 - 2009-07-14 00:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-02-03 23:49 - 2014-01-27 22:55 - 01071863 _____ () C:\Windows\WindowsUpdate.log
    2014-02-03 23:48 - 2014-02-03 23:48 - 00000000 ____D () C:\Users\Normand\AppData\Roaming\Malwarebytes
    2014-02-03 23:48 - 2014-02-03 23:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-02-03 23:48 - 2014-02-03 23:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-03 23:46 - 2014-01-28 03:43 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-02-03 23:46 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-02-03 23:46 - 2009-07-13 23:51 - 00024577 _____ () C:\Windows\setupact.log
    2014-02-03 23:37 - 2014-02-03 23:37 - 00000000 ____D () C:\AdwCleaner
    2014-02-03 23:37 - 2009-07-13 23:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-02-03 23:37 - 2009-07-13 23:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-02-03 23:26 - 2010-11-20 22:47 - 00020212 _____ () C:\Windows\PFRO.log
    2014-01-28 15:39 - 2014-01-28 12:56 - 00000000 ____D () C:\Users\Normand\AppData\Roaming\uTorrent
    2014-01-28 15:25 - 2014-01-27 23:37 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-01-28 15:14 - 2014-01-28 13:01 - 00000000 ____D () C:\Users\Normand\AppData\Roaming\vlc
    2014-01-28 14:53 - 2014-01-28 14:51 - 291346133 _____ () C:\Users\Normand\Downloads\Rick and Morty S01E05 Meeseeks and Destroy (1280x720) [Phr0stY].mkv
    2014-01-28 14:15 - 2014-01-28 14:15 - 00000000 ____D () C:\Users\Normand\Downloads\Rick.and.Morty.S01E04.720p.HDTV.x264-KILLERS [PublicHD]
    2014-01-28 13:47 - 2014-01-28 13:47 - 00000000 ____D () C:\Users\Normand\Downloads\Rick.and.Morty.S01E03.720p.HDTV.x264-KILLERS [PublicHD]
    2014-01-28 13:24 - 2014-01-28 13:23 - 132388995 _____ () C:\Users\Normand\Downloads\Rick and Morty S01E02 HDTV x264.mp4
    2014-01-28 13:00 - 2014-01-28 13:00 - 24097311 _____ () C:\Users\Normand\Downloads\vlc-2.1.2-win32.exe
    2014-01-28 13:00 - 2014-01-28 13:00 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
    2014-01-28 13:00 - 2014-01-28 13:00 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
    2014-01-28 13:00 - 2014-01-28 12:59 - 135816677 _____ () C:\Users\Normand\Downloads\Rick and Morty Season 1 Episode 1.mp4
    2014-01-28 12:57 - 2014-01-28 12:57 - 00000835 _____ () C:\Users\Normand\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2014-01-28 12:56 - 2014-01-28 12:56 - 01307736 _____ (BitTorrent Inc.) C:\Users\Normand\Downloads\utorrent.exe
    2014-01-28 11:43 - 2014-01-27 22:55 - 00001413 _____ () C:\Users\Normand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-01-28 11:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-01-28 11:29 - 2014-01-28 11:12 - 00765280 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-01-28 11:27 - 2014-01-28 04:35 - 00014804 _____ () C:\Windows\IE11_main.log
    2014-01-28 11:26 - 2014-01-28 11:26 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-01-28 11:26 - 2014-01-28 11:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-01-28 11:26 - 2014-01-28 11:26 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-01-28 11:26 - 2014-01-28 11:26 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-01-28 11:26 - 2014-01-28 11:26 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2014-01-28 11:26 - 2014-01-28 11:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2014-01-28 11:26 - 2014-01-28 11:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-01-28 11:26 - 2014-01-28 11:26 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-01-28 11:26 - 2014-01-28 11:26 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-01-28 11:26 - 2014-01-28 11:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-01-28 11:26 - 2014-01-28 11:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-01-28 11:26 - 2014-01-28 11:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-01-28 11:26 - 2014-01-28 11:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-01-28 11:24 - 2014-01-27 22:59 - 00058016 _____ () C:\Users\Normand\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-01-28 11:24 - 2014-01-27 22:55 - 00000000 ___RD () C:\Users\Normand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2014-01-28 11:24 - 2014-01-27 22:55 - 00000000 ___RD () C:\Users\Normand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2014-01-28 11:17 - 2009-07-13 23:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-01-28 11:16 - 2011-04-12 03:28 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-01-28 11:16 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-01-28 11:16 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-01-28 11:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
    2014-01-28 11:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
    2014-01-28 11:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\zh-HK
    2014-01-28 11:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-01-28 11:16 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2014-01-28 11:14 - 2014-01-28 11:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-01-28 11:14 - 2014-01-28 03:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-01-28 11:08 - 2014-01-28 03:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-01-28 04:12 - 2014-01-28 04:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
    2014-01-28 04:10 - 2014-01-28 04:02 - 00011125 _____ () C:\Windows\IE10_main.log
    2014-01-28 04:03 - 2014-01-28 04:03 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-01-28 04:03 - 2014-01-28 04:03 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-01-28 03:54 - 2014-01-28 03:53 - 00003397 _____ () C:\Windows\IE9_main.log
    2014-01-28 03:43 - 2014-01-28 03:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-01-28 03:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Help
    2014-01-28 03:38 - 2014-01-28 03:37 - 00000000 ____D () C:\Windows\system32\MRT
    2014-01-28 03:33 - 2014-01-28 03:33 - 00000000 ____D () C:\Windows\System32\Tasks\Games
    2014-01-28 01:48 - 2009-07-14 00:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
    2014-01-28 01:48 - 2009-07-14 00:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
    2014-01-28 01:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-01-27 23:37 - 2014-01-27 23:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-01-27 23:37 - 2014-01-27 23:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-01-27 23:37 - 2014-01-27 23:37 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-01-27 23:37 - 2014-01-27 23:37 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
    2014-01-27 23:37 - 2014-01-27 23:37 - 00000000 ____D () C:\Windows\system32\Macromed
    2014-01-27 23:37 - 2014-01-27 23:37 - 00000000 ____D () C:\Users\Normand\AppData\Roaming\Macromedia
    2014-01-27 23:37 - 2014-01-27 23:37 - 00000000 ____D () C:\Users\Normand\AppData\Roaming\Adobe
    2014-01-27 23:37 - 2014-01-27 23:37 - 00000000 ____D () C:\Users\Normand\AppData\Local\Macromedia
    2014-01-27 23:37 - 2014-01-27 23:37 - 00000000 ____D () C:\Users\Normand\AppData\Local\Adobe
    2014-01-27 23:14 - 2014-01-27 23:14 - 00001945 _____ () C:\Windows\epplauncher.mif
    2014-01-27 23:14 - 2014-01-27 23:14 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2014-01-27 23:14 - 2014-01-27 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2014-01-27 23:13 - 2014-01-27 23:12 - 13670584 _____ (Microsoft Corporation) C:\Users\Normand\Downloads\mseinstall.exe
    2014-01-27 23:12 - 2014-01-27 23:12 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-01-27 23:12 - 2014-01-27 23:12 - 00000000 ____D () C:\Users\Normand\AppData\Roaming\Mozilla
    2014-01-27 23:12 - 2014-01-27 23:12 - 00000000 ____D () C:\Users\Normand\AppData\Local\Mozilla
    2014-01-27 23:12 - 2014-01-27 23:12 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-01-27 23:12 - 2014-01-27 23:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-01-27 23:12 - 2014-01-27 23:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-01-27 23:02 - 2010-11-20 22:24 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2014-01-27 23:02 - 2010-11-20 22:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2014-01-27 23:02 - 2010-11-20 22:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
    2014-01-27 23:02 - 2010-11-20 22:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
    2014-01-27 23:02 - 2010-11-20 22:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
    2014-01-27 22:55 - 2014-01-28 01:49 - 00000000 ____D () C:\Windows\Panther
    2014-01-27 22:55 - 2014-01-27 22:55 - 00000020 ___SH () C:\Users\Normand\ntuser.ini
    2014-01-27 22:55 - 2014-01-27 22:55 - 00000000 __SHD () C:\Recovery
    2014-01-27 22:55 - 2014-01-27 22:55 - 00000000 ____D () C:\Users\Normand\AppData\Local\VirtualStore
    2014-01-27 22:55 - 2014-01-27 22:55 - 00000000 ____D () C:\Users\Normand
    2014-01-27 22:55 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\restore
    2014-01-27 22:55 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-01-27 22:52 - 2014-01-27 22:52 - 00001355 _____ () C:\Windows\TSSysprep.log
    2014-01-27 22:52 - 2009-07-13 23:46 - 00002790 _____ () C:\Windows\DtcInstall.log
    2014-01-27 22:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep
    2014-01-27 22:50 - 2014-01-27 22:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2014-01-27 22:50 - 2011-04-12 03:28 - 00000000 ____D () C:\Windows\CSC
    2014-01-19 02:33 - 2010-11-20 22:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-01-06 16:20 - 2014-01-28 03:37 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    Some content of TEMP:
    ====================
    C:\Users\Normand\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
    C:\Users\Normand\AppData\Local\Temp\fp_pl_pfs_installer.exe
    C:\Users\Normand\AppData\Local\Temp\nvStInst.exe
    C:\Users\Normand\AppData\Local\Temp\Quarantine.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-01-28 01:37

    ==================== End Of Log ============================


    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
    Ran by Normand at 2014-02-03 23:53:08
    Running from F:\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

    ==================== Installed Programs ======================

    µTorrent (HKCU Version: 3.3.2.30488 - BitTorrent Inc.)
    Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
    Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
    Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
    Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
    Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
    NVIDIA 3D Vision Controller Driver 320.49 (Version: 320.49 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 320.49 (Version: 320.49 - NVIDIA Corporation)
    NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
    NVIDIA Graphics Driver 320.49 (Version: 320.49 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.24.2 (Version: 1.3.24.2 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604 - NVIDIA Corporation)
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden
    VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)

    ==================== Restore Points =========================

    28-01-2014 03:55:30 Windows Update
    28-01-2014 03:58:11 Windows Update
    28-01-2014 03:59:29 Windows Update
    28-01-2014 04:07:52 Installed ESET NOD32 Antivirus
    28-01-2014 08:37:31 Windows Update
    28-01-2014 16:09:09 Windows Update
    28-01-2014 16:25:33 Windows Update

    ==================== Hosts content: ==========================

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {1AD79540-CCE8-4C95-86AA-0BEA2C784897} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-27] (Adobe Systems Incorporated)
    Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
    Task: {CE6F4E86-C372-4943-AF02-14B653C32E55} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3575433005-851712154-1131379909-1001
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-01-27 23:12 - 2013-12-05 14:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========


    ==================== Safe Mode (whitelisted) ===================


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/03/2014 11:48:37 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/03/2014 11:32:42 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:50:08 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:34:39 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:20:41 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:14:20 AM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (01/28/2014 11:14:20 AM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (01/28/2014 11:14:20 AM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (01/28/2014 11:14:19 AM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (01/28/2014 11:14:19 AM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .


    System errors:
    =============
    Error: (02/03/2014 11:26:41 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (User: NT AUTHORITY)
    Description: SAM failed to start the TCP/IP or SPX/IPX listening thread

    Error: (01/28/2014 11:22:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).

    Error: (01/28/2014 11:19:26 AM) (Source: Service Control Manager) (User: )
    Description: The Windows Modules Installer service terminated with the following error:
    %%16405

    Error: (01/28/2014 11:17:03 AM) (Source: Service Control Manager) (User: )
    Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/28/2014 11:17:03 AM) (Source: Service Control Manager) (User: )
    Description: The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    Error: (01/28/2014 11:15:12 AM) (Source: DCOM) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (01/28/2014 04:38:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

    Error: (01/28/2014 01:41:30 AM) (Source: Service Control Manager) (User: )
    Description: The Superfetch service terminated with the following error:
    %%1062

    Error: (01/27/2014 11:08:15 PM) (Source: Service Control Manager) (User: )
    Description: The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


    Microsoft Office Sessions:
    =========================
    Error: (02/03/2014 11:48:37 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/03/2014 11:32:42 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:50:08 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:34:39 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:20:41 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (01/28/2014 11:14:20 AM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/28/2014 11:14:20 AM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/28/2014 11:14:20 AM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/28/2014 11:14:19 AM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/28/2014 11:14:19 AM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.1 (02.04.2014:1)
    OS: Windows 7 Ultimate x64
    Ran by Normand on 04/02/2014 at 21:56:45.87
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    ~~~ Registry Values

    ~~~ Registry Keys

    ~~~ Files

    ~~~ Folders

    ~~~ FireFox

    Successfully deleted the following from C:\Users\Normand\AppData\Roaming\mozilla\firefox\profiles\6e4wtj4r.default\prefs.js

    user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESmodules.newCommentCount.counts", "{\"k4zqi\":null,\"k4xwu\":null,\"k0yaj\":null,
    user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.rsci_data_array", "\"[{\\\"bnet_code\\\":404,\\\"bnet_id\\\":655626,\\\"bnet_name\\
    Emptied folder: C:\Users\Normand\AppData\Roaming\mozilla\firefox\profiles\6e4wtj4r.default\minidumps [350 files]

    ~~~ Event Viewer Logs were cleared


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 04/02/2014 at 22:00:44.70
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    # AdwCleaner v3.018 - Report created 03/02/2014 at 23:37:35
    # Updated 28/01/2014 by Xplode
    # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Username : Normand - NORMAND-PC
    # Running from : F:\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428


    -\\ Mozilla Firefox v26.0 (en-US)

    [ File : C:\Users\Normand\AppData\Roaming\Mozilla\Firefox\Profiles\6e4wtj4r.default\prefs.js ]

    Line Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,rstarcraft_firefox_extension%40rstarcraft.info:0.16.0,%7Bdb09811d-efff-4339-a548-8550c7238a30%7D:0.1.6,fr-moderne%40dictionari[...]
    Line Deleted : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESmodules.betteReddit.subreddits.Adonisto", "[{\"display_name\":\"AdviceAnimals\",\"url\":\"/r/AdviceAnimal[...]
    Line Deleted : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.RESoptions.keyboardNav", "{\"focusBorder\":{\"type\":\"text\",\"value\":\"1px dashed #888888\",\"description[...]
    Line Deleted : user_pref("greasemonkey.scriptvals.hxxp://reddit.honestbleeps.com//Reddit Enhancement Suite.rsci_data_hash", "\"{\\\"malfore\\\":0,\\\"raegx\\\":1717,\\\"daschande\\\":1718,\\\"brutalhonesty08\\\":3,\[...]

    *************************

    AdwCleaner[R0].txt - [1645 octets] - [03/02/2014 23:37:15]
    AdwCleaner[S0].txt - [1574 octets] - [03/02/2014 23:37:35]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1634 octets] ##########

    ==================== Memory info ===========================

    Percentage of memory in use: 33%
    Total physical RAM: 4094.49 MB
    Available physical RAM: 2719.36 MB
    Total Pagefile: 8187.16 MB
    Available Pagefile: 6539.43 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:111.69 GB) (Free:84 GB) NTFS
    Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive e: () (Fixed) (Total:100 GB) (Free:19.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive f: () (Fixed) (Total:831.51 GB) (Free:43.15 GB) NTFS
    Drive h: () (Fixed) (Total:232.88 GB) (Free:90.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive i: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
    Drive j: (GSP1RMCHPXFRER_FR_DVD) (Removable) (Total:14.92 GB) (Free:12.65 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: F025E495)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: D373C8AD)
    Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=832 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 1824942D)
    Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (Size: 15 GB) (Disk ID: 0064866F)
    Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  14. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Nothing that may contribute to that behavior. Have the experts help you with that. It may be due to a boot configuration setting. Make sure you create a System Restore Point on both drives before any changes.
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1118927

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice