Jump to content

chives

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you so much! That was extremely helpful! I hope you find the small donation as a token of my appreciation.
  2. I saw that message, haha. I do have an SSD so it isn't a problem. # DelFix v10.8 - Logfile created 17/10/2014 at 11:53:27# Updated 29/07/2014 by Xplode# Username : Will - SANIC# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\QooboxDeleted : C:\FRSTDeleted : C:\AdwCleanerDeleted : C:\ComboFix.txtDeleted : C:\TDSSKiller.3.0.0.40_17.10.2014_01.58.07_log.txtDeleted : C:\Users\Will\Desktop\Addition.txtDeleted : C:\Users\Will\Desktop\ComboFix.exeDeleted : C:\Users\Will\Desktop\Fixlog.txtDeleted : C:\Users\Will\Desktop\FRST.txtDeleted : C:\Users\Will\Desktop\FRST64.exeDeleted : C:\Users\Will\Desktop\FSS.exeDeleted : C:\Users\Will\Desktop\FSS.txtDeleted : C:\Users\Will\Desktop\rkill.comDeleted : C:\Users\Will\Desktop\Rkill.txtDeleted : C:\Users\Will\Desktop\SecurityCheck.exeDeleted : C:\Windows\grep.exeDeleted : C:\Windows\PEV.exeDeleted : C:\Windows\NIRCMD.exeDeleted : C:\Windows\MBR.exeDeleted : C:\Windows\SED.exeDeleted : C:\Windows\SWREG.exeDeleted : C:\Windows\SWSC.exeDeleted : C:\Windows\SWXCACLS.exeDeleted : C:\Windows\Zip.exeDeleted : HKLM\SOFTWARE\AdwCleanerDeleted : HKLM\SOFTWARE\SwearwareDeleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Cleaning system restore ... Deleted : RP #295 [Removed Java 7 Update 71 | 10/17/2014 08:11:51] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  3. Results of screen317's Security Check version 0.99.89 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 15.0.0.152 Adobe Reader XI Google Chrome 37.0.2062.120 Google Chrome 37.0.2062.124 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 27% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  4. Farbar Service Scanner Version: 21-07-2014 Ran by Will (administrator) on 17-10-2014 at 11:38:35 Running from "C:\Users\Will\Desktop" Microsoft Windows 7 Ultimate Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Windows\System32\ipnathlp.dll => File is digitally signed C:\Windows\System32\iphlpsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log ****
  5. Results of screen317's Security Check version 0.99.89 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 15.0.0.152 Adobe Reader XI Google Chrome 37.0.2062.120 Google Chrome 37.0.2062.124 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 27% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  6. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 10/17/2014Scan Time: 6:36:36 AMLogfile: MalwareBytesLog.txtAdministrator: Yes Version: 2.00.3.1025Malware Database: v2014.10.17.02Rootkit Database: v2014.10.15.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Will Scan Type: Threat ScanResult: CompletedObjects Scanned: 327122Time Elapsed: 3 min, 56 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) ESETSmartInstaller@High as downloader log:all okesets_scanner_update returned -1 esets_gle=12ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.7623# api_version=3.0.2# EOSSerial=bf0135be898ec14a9387d55b3b1af3f8# engine=20646# end=finished# remove_checked=false# archives_checked=false# unwanted_checked=true# unsafe_checked=false# antistealth_checked=true# utc_time=2014-10-17 06:29:42# local_time=2014-10-17 02:29:42 (-0500, Eastern Daylight Time)# country="United States"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode_1='avast! Antivirus'# compatibility_mode=783 16777213 100 97 0 177026272 0 0# compatibility_mode_1=''# compatibility_mode=5893 16776573 100 94 0 165070832 0 0# scanned=5968# found=0# cleaned=0# scan_time=196ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.7623# api_version=3.0.2# EOSSerial=bf0135be898ec14a9387d55b3b1af3f8# engine=20646# end=stopped# remove_checked=false# archives_checked=true# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2014-10-17 06:52:19# local_time=2014-10-17 02:52:19 (-0500, Eastern Daylight Time)# country="United States"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode_1='avast! Antivirus'# compatibility_mode=783 16777213 100 97 0 177027629 0 0# compatibility_mode_1=''# compatibility_mode=5893 16776574 100 94 0 165072189 0 0# scanned=22934# found=2# cleaned=0# scan_time=932sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe"sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat"ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.7623# api_version=3.0.2# EOSSerial=bf0135be898ec14a9387d55b3b1af3f8# engine=20646# end=finished# remove_checked=false# archives_checked=true# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2014-10-17 12:56:56# local_time=2014-10-17 08:56:56 (-0500, Eastern Daylight Time)# country="United States"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode_1='avast! Antivirus'# compatibility_mode=783 16777213 100 97 0 177049506 0 0# compatibility_mode_1=''# compatibility_mode=5893 16776573 100 94 0 165094066 0 0# scanned=826570# found=5# cleaned=0# scan_time=7954sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe"sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat"sh=9885328E24C1A20ADB8C20C29DA8DCC001953387 ft=1 fh=5463d3a99fbd52e3 vn="a variant of Win32/OpenCandy.A potentially unsafe application" ac=I fn="H:\Downloads\FreeVideoToMP3Converter.exe"sh=D22C1F17C1E011B17C629720891D5F941DD11CFF ft=1 fh=62fb8a81edf1092f vn="Win32/Toolbar.Conduit.R potentially unwanted application" ac=I fn="H:\Downloads\PowerISO5-x64.exe"sh=B727D2434A9F8CB574E764D318E8E2DFC754E711 ft=1 fh=05a6130f7208080d vn="a variant of Win32/OpenInstall potentially unwanted application" ac=I fn="H:\Downloads\VLCv213.exe"
  7. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014 Ran by Will at 2014-10-17 06:28:04 Running from C:\Users\Will\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome (HKLM-x32\...\Steam App 15560) (Version: - Dejobaan Games, LLC) Abyss Odyssey (HKLM-x32\...\Steam App 255070) (Version: - ACE Team) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.05) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated) Antichamber (HKLM\...\UDK-5fe3d2e2-3981-4df6-9f08-d633d3d66103) (Version: - Epic Games, Inc.) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.8.0 - Asmedia Technology) ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - ASUS) Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team) Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software) Bad Hotel (HKLM-x32\...\Steam App 231720) (Version: - Lucky Frame) Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal) BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth) Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games) BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version: - Gaijin Games) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Capsized (HKLM-x32\...\Steam App 95300) (Version: - Alientrap Games Inc) Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth) CDisplayEx 1.9.7 (HKLM\...\CDisplayEx_is1) (Version: - cdisplayex.com) Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) Computer-Aided Thermodynamic Tables 3 (HKLM-x32\...\Catt3) (Version: - ) Costume Quest (HKLM-x32\...\Steam App 115100) (Version: - Double Fine Productions) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Darwinia (HKLM-x32\...\Steam App 1500) (Version: - Introversion Software) Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland) DEFCON (HKLM-x32\...\Steam App 1520) (Version: - Introversion Software) Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal) DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio) Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks) Divekick (HKLM-x32\...\Steam App 244730) (Version: - Iron Galaxy Studios) DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version: - Ninja Theory) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC) EES - Engineering Equation Solver (HKLM-x32\...\EES - Engineering Equation Solver) (Version: 9.6 - F-Chart Software) Eets (HKLM-x32\...\Steam App 6100) (Version: - Klei Entertainment) Electronic Super Joy (HKLM-x32\...\Steam App 244870) (Version: - Michael Todd Games) erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Evoland (HKLM-x32\...\Steam App 233470) (Version: - Shiro Games) Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff) F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith ) Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip) Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai) FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX) Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version: - Mode 7) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games) Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games) GOG.com Beyond Good and Evil (HKLM\...\{de495fd2-006f-494f-8a94-467eabd400ce}.sdb) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Chrome Canary (HKCU\...\Google Chrome SxS) (Version: 40.0.2191.0 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version: - Positech Games) Gratuitous Tank Battles (HKLM-x32\...\Steam App 205530) (Version: - Positech Games) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments) Hack, Slash, Loot (HKLM-x32\...\Steam App 207430) (Version: - David Williamson) Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive) Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - ) HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - ) Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version: - NetherRealm Studios) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Jack Lumber (HKLM-x32\...\Steam App 220900) (Version: - Owlchemy Labs) Joe Danger 2: The Movie (HKLM-x32\...\Steam App 242110) (Version: - Hello Games) Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche) Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios) Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) La-Mulana (HKLM-x32\...\Steam App 230700) (Version: - NIGORO) League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games) League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version: - Almost Human Games) LEGO Batman 2 (HKLM-x32\...\Steam App 213330) (Version: - TT Games) Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster) Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment) MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.) Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios) Megabyte Punch 1.0 (HKLM-x32\...\Megabyte Punch 1.0) (Version: 1.0 - Cat-A-Cat) METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\Steam App 235460) (Version: - PlatinumGames) Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games) Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games) Miasmata (HKLM-x32\...\Steam App 223510) (Version: - ) MicroShield 9 (HKLM-x32\...\MicroShield 9) (Version: 9.07 - Grove Software) Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 RC (Version: 4.5.50861 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) mirkes.de Tiny Hexer (HKLM-x32\...\{CC399A03-4695-432E-AE6E-BB450DDE5248}_is1) (Version: 1.8 - markus stephany) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig) MurGee Auto Mouse Click 1.0 (HKLM-x32\...\{22300F72-8BFC-4BCA-881A-2D2234979FBB}_is1) (Version: 1.0 - MurGee.com) MX vs ATV Reflex (HKLM-x32\...\Steam App 55140) (Version: - Double Helix Games) Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140806.90000 - Square Enix Ltd) NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation) NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation) NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden Octodad: Dadliest Catch (HKLM-x32\...\Steam App 224480) (Version: - Young Horses) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden Oil Rush (HKLM-x32\...\Steam App 200390) (Version: - ) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Organ Trail: Director's Cut (HKLM-x32\...\Steam App 233740) (Version: - The Men Who Wear Many Hats) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - ) Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version: - Vitali Kirpu) PixelJunk Eden (HKLM-x32\...\Steam App 105800) (Version: - Q-Games, Ltd.) Poke (HKLM-x32\...\{FC9F924E-9472-45F1-980D-8267E47AA054}) (Version: 2.0.1 - CodeFromThe70s.org) PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd) Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software) Psychonauts (HKLM-x32\...\Steam App 3830) (Version: - Double Fine Productions) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.) Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version: - Volition) Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom) Retro City Rampage™ (HKLM-x32\...\Steam App 204630) (Version: - Vblank Entertainment, Inc.) Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games) Rochard (HKLM-x32\...\Steam App 107800) (Version: - Recoil Games) Rock of Ages (HKLM-x32\...\Steam App 22230) (Version: - ACE Team) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games) Rogue Warrior (HKLM-x32\...\Steam App 22310) (Version: - Rebellion) RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\GOGPACKRCT2_is1) (Version: 2.0.0.6 - GOG.com) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version: - GSC Game World) Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam) Serious Sam Double D (HKLM-x32\...\Steam App 111600) (Version: - Mommy's Best Games) Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version: - Croteam) Shank (HKLM-x32\...\Steam App 6120) (Version: - Klei Entertainment) SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden Sigils of Elohim (HKLM-x32\...\Steam App 321480) (Version: - Croteam) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) Snuggle Truck (HKLM-x32\...\Steam App 111100) (Version: - Owlchemy Labs) Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital) Speccy (HKLM\...\Speccy) (Version: 1.23 - Piriform) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB) State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Strike Suit Zero: Director's Cut (HKLM-x32\...\Steam App 288370) (Version: - Born Ready Games) Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat) Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version: - Bossa Studios) System Requirements Lab (Test) (HKLM-x32\...\{9BFD3F1F-E5FD-4358-988F-FC9A9446286D}) (Version: 6.0.3.0 - Husdawg, LLC) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Basement Collection (HKLM-x32\...\Steam App 214790) (Version: - Edmund McMillen, Tyler Glaiel) The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - ) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Typing of The Dead: Overkill (HKLM-x32\...\Steam App 246580) (Version: - Modern Dream) The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games) Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version: - ) Tixati (HKLM-x32\...\tixati) (Version: - ) Toki Tori (HKLM-x32\...\Steam App 38700) (Version: - Two Tribes) Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games) Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1268.1 - Hi-Rez Studios) Trine (HKLM-x32\...\Steam App 35700) (Version: - Frozenbyte) Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) Uplink (HKLM-x32\...\Steam App 1510) (Version: - Introversion Software) User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VVVVVV (HKLM-x32\...\Steam App 70300) (Version: - Terry Cavanagh) Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden WinRAR 5.00 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.5 - win.rar GmbH) Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.) XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1065900218-815454683-988220776-1000_Classes\CLSID\{1BEAC3E3-B852-44F4-B468-8906C062422E}\localserver32 -> C:\Users\Will\AppData\Local\Google\Chrome SxS\Application\40.0.2191.0\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1065900218-815454683-988220776-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Will\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1065900218-815454683-988220776-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Will\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1065900218-815454683-988220776-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Will\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 17-10-2014 08:11:51 Removed Java 7 Update 71 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2014-10-17 05:57 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {14470464-EA40-4D23-8EE2-6C93BA512A31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated) Task: {196402C8-2E21-4321-BA1E-5A5B6BBE6316} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: {5652EEAF-10F5-49DA-931D-9F69670665AB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {740E8FE7-5CBD-4482-A04B-247F022C2CDA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Sanic-Will Sanic => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-25] (Microsoft Corporation) Task: {86766A23-F2D2-407C-8AAB-7B1380BDA81C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1065900218-815454683-988220776-1000UA => C:\Users\Will\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.) Task: {B2543C6B-10A6-43F3-B19C-3B4D73EAA5AA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1065900218-815454683-988220776-1000Core => C:\Users\Will\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.) Task: {C1365A65-04F0-4220-B61F-B37FDD19AE00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation) Task: {D66E8A03-F227-4643-9812-27ACDD5C83D5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software) Task: {D6EDFBDE-D477-4183-821B-759DA2B55C81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: {DFDBBFD5-3C0B-4A55-A6F4-FD1AFD3F3E97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation) Task: {E85CD1E4-7058-457E-96DA-1F07BAD095AE} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe Task: {EB57AAFE-8FFD-4D28-B35C-7049794B1CBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065900218-815454683-988220776-1000Core.job => C:\Users\Will\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065900218-815454683-988220776-1000UA.job => C:\Users\Will\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-06-06 17:26 - 2014-09-13 17:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-03-20 13:22 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-11-20 02:03 - 2013-12-21 23:01 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-08-29 01:08 - 2014-09-25 12:12 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-08-06 11:20 - 2014-08-06 11:20 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-10-16 17:52 - 2014-10-16 17:52 - 02874368 _____ () C:\Program Files\AVAST Software\Avast\defs\14101601\algo.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-04-13 18:24 - 2014-09-25 12:11 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2014-08-06 11:20 - 2014-08-06 11:20 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-16 18:18 - 2014-10-16 18:18 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll 2013-06-06 17:32 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2014-08-29 01:08 - 2014-09-25 12:12 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll 2014-09-24 22:46 - 2014-09-23 00:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll 2014-09-24 22:46 - 2014-09-23 00:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll 2014-09-24 22:46 - 2014-09-23 00:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll 2014-09-24 22:46 - 2014-09-23 00:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll 2014-09-24 22:46 - 2014-09-23 00:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1065900218-815454683-988220776-500 - Administrator - Disabled) Guest (S-1-5-21-1065900218-815454683-988220776-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1065900218-815454683-988220776-1002 - Limited - Enabled) Will (S-1-5-21-1065900218-815454683-988220776-1000 - Administrator - Enabled) => C:\Users\Will ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/17/2014 06:27:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1244561 Error: (10/17/2014 06:27:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1244561 Error: (10/17/2014 06:27:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2014 06:26:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1237556 Error: (10/17/2014 06:26:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1237556 Error: (10/17/2014 06:26:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2014 06:06:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5133 Error: (10/17/2014 06:06:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5133 Error: (10/17/2014 06:06:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2014 06:06:24 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4103 System errors: ============= Error: (10/17/2014 06:26:56 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (10/17/2014 05:57:03 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (10/17/2014 05:56:33 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (10/17/2014 05:54:20 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (10/17/2014 05:46:18 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/17/2014 04:50:37 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/17/2014 04:35:20 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/17/2014 04:34:47 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 4:30:52 AM on ‎10/‎17/‎2014 was unexpected. Error: (10/17/2014 04:20:58 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/17/2014 04:20:24 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 4:19:19 AM on ‎10/‎17/‎2014 was unexpected. Microsoft Office Sessions: ========================= Error: (10/17/2014 06:27:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1244561 Error: (10/17/2014 06:27:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1244561 Error: (10/17/2014 06:27:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2014 06:26:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1237556 Error: (10/17/2014 06:26:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1237556 Error: (10/17/2014 06:26:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2014 06:06:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5133 Error: (10/17/2014 06:06:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5133 Error: (10/17/2014 06:06:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/17/2014 06:06:24 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4103 CodeIntegrity Errors: =================================== Date: 2014-10-17 05:56:33.677 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-10-17 05:56:33.621 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Core i5-3570K CPU @ 3.40GHz Percentage of memory in use: 17% Total physical RAM: 8141.63 MB Available physical RAM: 6740.96 MB Total Pagefile: 16281.43 MB Available Pagefile: 13707.69 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:19.76 GB) NTFS Drive h: (New Volume) (Fixed) (Total:931.51 GB) (Free:206.86 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 712F2397) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 66CDD2C0) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  8. Sorry about that! Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014Ran by Will (administrator) on SANIC on 17-10-2014 06:27:49Running from C:\Users\Will\DesktopLoaded Profile: Will (Available profiles: Will)Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\btwdins.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe(Hi-Rez Studios) H:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\BTTray.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Logitech Inc.) H:\Program Files\Logitech\SetPoint II\SetPointII.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-16] (NVIDIA Corporation)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2014-03-30] (Power Software Ltd)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)HKU\S-1-5-21-1065900218-815454683-988220776-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-09] (Valve Corporation)HKU\S-1-5-21-1065900218-815454683-988220776-1000\...\Run: [spotify Web Helper] => C:\Users\Will\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-04] (Spotify Ltd)HKU\S-1-5-21-1065900218-815454683-988220776-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000Lsa: [Notification Packages] scecli C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dllStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnkShortcutTarget: Bluetooth.lnk -> C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnkShortcutTarget: SetPointII.lnk -> H:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)Startup: C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnkShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCD78CB52FC62CE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeBHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No FileToolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileToolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cabHandler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\7ck22wgb.defaultFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Will\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Will\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-11]FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: =======CHR HomePage: Default -> CHR StartupUrls: Default -> "hxxp://www.google.com/"CHR Profile: C:\Users\Will\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Angry Birds) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-06-06]CHR Extension: (Google Docs) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-06]CHR Extension: (Google Drive) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-06]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (YouTube) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]CHR Extension: (Google Search) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]CHR Extension: (AdBlock) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-06]CHR Extension: (avast! Online Security) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-11]CHR Extension: (Kindle Cloud Reader) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2013-06-06]CHR Extension: (Adventure Time - Finn, Jake and BMO) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmgldhndejkhjokapdbmcldedofhabl [2014-03-16]CHR Extension: (Google Wallet) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]CHR Extension: (Gmail) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]CHR Extension: (Canvas Rider) - C:\Users\Will\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-06-06]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)R2 btwdins; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [1005944 2012-12-06] (Broadcom Corporation.)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-06-18] (EasyAntiCheat Ltd)R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)U2 HiPatchService; H:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-04-23] (Hi-Rez Studios) [File not signed]R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-21] ()R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)S3 DAUpdaterSvc; H:\Program Files (x86)\SteamLibrary\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-06] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-17] (Malwarebytes Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)U3 catchme; \??\C:\ComboFix\catchme.sys [X]S3 DIRECTIO; \??\H:\Program Files\PerformanceTest\DirectIo64.sys [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X]S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-17 05:58 - 2014-10-17 05:58 - 00027449 _____ () C:\ComboFix.txt2014-10-17 05:51 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe2014-10-17 05:51 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe2014-10-17 05:51 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2014-10-17 05:51 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2014-10-17 05:51 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2014-10-17 05:51 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe2014-10-17 05:51 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe2014-10-17 05:51 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe2014-10-17 05:48 - 2014-10-17 05:58 - 00000000 ____D () C:\Qoobox2014-10-17 05:48 - 2014-10-17 05:57 - 00000000 ____D () C:\Windows\erdnt2014-10-17 05:47 - 2014-10-17 05:47 - 05583559 ____R (Swearware) C:\Users\Will\Desktop\ComboFix.exe2014-10-17 05:18 - 2014-10-17 05:18 - 00044736 _____ () C:\Users\Will\Desktop\Addition.txt2014-10-17 05:17 - 2014-10-17 06:27 - 00020467 _____ () C:\Users\Will\Desktop\FRST.txt2014-10-17 05:08 - 2014-10-17 01:59 - 02112000 _____ (Farbar) C:\Users\Will\Desktop\FRST64.exe2014-10-17 04:38 - 2014-10-17 04:39 - 00002032 _____ () C:\Users\Will\Desktop\Rkill.txt2014-10-17 04:38 - 2014-10-17 04:37 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Will\Desktop\rkill.com2014-10-17 04:34 - 2014-10-17 04:34 - 00003408 ____N () C:\bootsqm.dat2014-10-17 04:33 - 2014-10-17 04:33 - 00000000 ____D () C:\found.0002014-10-17 04:15 - 2014-10-17 05:38 - 00000000 ____D () C:\AdwCleaner2014-10-17 04:12 - 2014-10-17 04:12 - 00000000 ____D () C:\Windows\system32\appmgmt2014-10-17 02:57 - 2007-06-04 02:10 - 00000660 _____ () C:\Users\Will\Desktop\InstallTakeOwnership.reg2014-10-17 02:57 - 2007-05-07 00:05 - 00000250 _____ () C:\Users\Will\Desktop\RemoveTakeOwnership.reg2014-10-17 02:00 - 2014-10-17 02:00 - 00000000 ____D () C:\Program Files (x86)\ESET2014-10-17 01:59 - 2014-10-17 06:27 - 00000000 ____D () C:\FRST2014-10-17 00:18 - 2014-10-17 03:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-17 00:18 - 2014-10-17 00:18 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-10-17 00:18 - 2014-10-17 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-10-17 00:18 - 2014-10-17 00:18 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-10-17 00:18 - 2014-10-17 00:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-10-17 00:18 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-10-17 00:18 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-10-17 00:18 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-10-17 00:08 - 2014-10-17 00:32 - 00000000 ____D () C:\Users\Will\Desktop\Parts4and52014-10-17 00:08 - 2014-10-17 00:08 - 00000000 ____D () C:\Users\Will\AppData\OICE_15_974FA576_32C1D314_12842014-10-16 18:05 - 2014-10-16 18:05 - 00000000 ____D () C:\Users\Will\AppData\Roaming\Oracle2014-10-16 03:02 - 2014-10-16 03:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET2014-10-16 00:49 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-10-16 00:49 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-10-16 00:49 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-10-16 00:49 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-10-16 00:49 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-10-16 00:49 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-10-16 00:49 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-10-16 00:49 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-10-16 00:49 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-10-16 00:49 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-10-16 00:49 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-10-16 00:49 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-10-16 00:49 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-10-16 00:49 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-10-16 00:49 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-10-16 00:49 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-10-16 00:49 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-10-16 00:49 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-10-16 00:49 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-10-16 00:49 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-10-16 00:49 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-10-16 00:49 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-10-16 00:49 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-10-16 00:49 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-10-16 00:49 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-10-16 00:49 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-10-16 00:49 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-10-16 00:49 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-10-16 00:49 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-10-16 00:49 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-10-16 00:49 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-10-16 00:49 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-10-16 00:49 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-10-16 00:49 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-10-16 00:49 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-10-16 00:49 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-10-16 00:49 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-10-16 00:49 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-10-16 00:49 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-10-16 00:49 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-10-16 00:49 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-10-16 00:49 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-10-16 00:49 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-10-16 00:49 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-10-16 00:49 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-10-16 00:49 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-10-16 00:49 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-10-16 00:49 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-10-16 00:49 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-10-16 00:49 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-10-16 00:49 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-10-16 00:49 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-10-16 00:49 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-10-16 00:49 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-10-16 00:49 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-10-16 00:49 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-10-16 00:49 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-10-16 00:49 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll2014-10-16 00:49 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll2014-10-16 00:49 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll2014-10-16 00:49 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll2014-10-16 00:49 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll2014-10-16 00:49 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll2014-10-16 00:48 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-10-16 00:48 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-10-16 00:48 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll2014-10-16 00:48 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll2014-10-16 00:48 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-10-16 00:48 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe2014-10-16 00:48 - 2014-07-16 22:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-10-16 00:48 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll2014-10-16 00:48 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-10-16 00:48 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll2014-10-16 00:48 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll2014-10-16 00:48 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-10-16 00:48 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-10-16 00:48 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll2014-10-16 00:48 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-10-16 00:48 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe2014-10-16 00:48 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll2014-10-16 00:48 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-10-16 00:48 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-10-16 00:48 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys2014-10-16 00:48 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys2014-10-16 00:48 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-10-16 00:48 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-10-16 00:48 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-10-16 00:48 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-10-16 00:48 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-10-16 00:48 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-10-16 00:48 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-10-16 00:48 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-10-10 05:53 - 2014-10-10 05:53 - 00000493 _____ () C:\Users\Will\Desktop\MCNP+Visualization+Instructions.txt2014-10-06 03:37 - 2014-10-14 23:47 - 00053412 _____ () C:\Users\Will\Desktop\Project_1.EES2014-10-06 02:47 - 2014-10-15 00:14 - 00045950 _____ () C:\Users\Will\Desktop\Project1_DATA.xlsx2014-10-05 11:14 - 2014-10-06 02:46 - 00001625 _____ () C:\Users\Will\Desktop\Project1_DATA.csv2014-09-28 03:11 - 2014-09-28 03:11 - 00000821 _____ () C:\Users\Will\Desktop\Mumble.lnk2014-09-26 08:08 - 2014-09-26 08:08 - 00000000 ____D () C:\Users\Will\Documents\OneNote Notebooks2014-09-24 00:25 - 2014-09-24 00:25 - 00000000 ____D () C:\Windows\MicroShield 92014-09-24 00:25 - 2014-09-24 00:25 - 00000000 ____D () C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grove Software2014-09-24 00:25 - 2014-09-24 00:25 - 00000000 ____D () C:\Program Files (x86)\MicroShield 92014-09-19 23:51 - 2014-09-19 23:51 - 00002377 _____ () C:\Users\Will\Documents\MumbleAutomaticCertificateBackup.p122014-09-19 23:46 - 2014-10-05 15:46 - 00000000 ____D () C:\Users\Will\AppData\Roaming\Mumble2014-09-19 23:42 - 2014-09-19 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble2014-09-19 22:54 - 2014-09-19 22:54 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-09-19 22:54 - 2014-09-19 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2014-09-19 22:08 - 2014-09-19 22:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies2014-09-19 22:08 - 2014-09-13 16:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2014-09-19 22:07 - 2014-09-17 00:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2014-09-19 22:07 - 2014-09-17 00:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2014-09-19 22:07 - 2014-09-13 19:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-09-19 22:07 - 2014-09-13 19:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-09-19 22:07 - 2014-09-13 19:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-09-19 22:07 - 2014-09-13 19:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2014-09-19 22:07 - 2014-09-13 19:48 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2014-09-19 22:07 - 2014-09-13 19:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-09-19 22:07 - 2014-09-13 19:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-09-19 22:07 - 2014-09-13 19:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-09-19 22:07 - 2014-09-13 19:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-09-19 22:07 - 2014-09-13 19:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-09-19 22:07 - 2014-09-13 19:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-09-19 22:07 - 2014-09-13 19:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-09-19 22:07 - 2014-09-13 19:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-09-19 22:07 - 2014-09-13 19:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll2014-09-19 22:07 - 2014-09-13 19:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2014-09-19 22:07 - 2014-09-13 19:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2014-09-19 21:13 - 2014-09-04 15:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2014-09-19 21:13 - 2014-09-04 15:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2014-09-17 18:22 - 2014-09-17 18:22 - 00000000 ____D () C:\Users\Will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EES2014-09-17 18:22 - 2014-09-17 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EES ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-17 06:27 - 2014-06-03 18:58 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065900218-815454683-988220776-1000UA.job2014-10-17 06:27 - 2013-12-12 13:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-10-17 06:06 - 2013-06-06 17:14 - 01837028 _____ () C:\Windows\WindowsUpdate.log2014-10-17 05:58 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default2014-10-17 05:57 - 2014-01-10 00:52 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Sanic-Will Sanic2014-10-17 05:57 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini2014-10-17 05:52 - 2009-07-14 00:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-10-17 05:52 - 2009-07-14 00:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-10-17 05:51 - 2013-06-06 18:23 - 00000000 ____D () C:\Program Files (x86)\Steam2014-10-17 05:51 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI2014-10-17 05:47 - 2013-12-28 21:00 - 00007664 _____ () C:\Users\Will\AppData\Local\Resmon.ResmonCfg2014-10-17 05:45 - 2014-07-20 00:39 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-10-17 05:45 - 2013-06-06 17:27 - 00000000 ____D () C:\ProgramData\NVIDIA2014-10-17 05:45 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-10-17 05:45 - 2009-07-14 00:51 - 00163780 _____ () C:\Windows\setupact.log2014-10-17 05:38 - 2010-11-20 23:47 - 00805778 _____ () C:\Windows\PFRO.log2014-10-17 04:44 - 2014-07-20 00:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-10-17 04:36 - 2013-06-11 13:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update2014-10-17 03:27 - 2014-03-18 17:32 - 00003584 ___SH () C:\Users\Will\Thumbs.db2014-10-17 00:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PLA2014-10-16 23:59 - 2013-06-06 17:56 - 00000000 ____D () C:\Users\Will\AppData\Roaming\Skype2014-10-16 23:25 - 2013-12-06 12:00 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-10-16 23:25 - 2013-11-20 02:03 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-10-16 23:22 - 2013-11-20 02:03 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-10-16 23:19 - 2014-07-21 16:59 - 00000000 ____D () C:\Users\Will\Documents\Euro Truck Simulator 22014-10-16 18:46 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2014-10-16 18:10 - 2014-06-03 18:58 - 00002422 _____ () C:\Users\Will\Desktop\Google Chrome Canary.lnk2014-10-16 18:05 - 2013-10-17 10:16 - 00000000 ____D () C:\ProgramData\Oracle2014-10-16 17:51 - 2009-07-14 00:45 - 00437848 _____ () C:\Windows\system32\FNTCACHE.DAT2014-10-16 03:02 - 2013-08-01 07:54 - 00000000 ____D () C:\Windows\system32\MRT2014-10-16 03:00 - 2013-06-07 20:27 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-10-14 18:29 - 2014-06-03 18:58 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1065900218-815454683-988220776-1000Core.job2014-10-14 14:21 - 2013-09-01 19:37 - 00000000 ____D () C:\Users\Will\Desktop\Syl-HW2014-10-14 12:26 - 2014-05-18 21:08 - 00000000 ____D () C:\Users\Will\Documents\MATLAB2014-10-10 18:30 - 2013-10-21 02:38 - 00000000 ____D () C:\Users\Will\AppData\Roaming\Audacity2014-10-06 20:39 - 2014-05-20 16:42 - 00000000 ____D () C:\Users\Will\AppData\Local\Microsoft Help2014-09-25 13:11 - 2013-06-06 23:35 - 00000000 ____D () C:\Program Files\Microsoft Office 152014-09-24 12:21 - 2013-12-12 13:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-09-24 12:21 - 2013-06-06 17:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-09-24 12:21 - 2013-06-06 17:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-09-22 21:54 - 2009-07-14 01:08 - 00032646 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-09-19 22:54 - 2014-03-21 09:40 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk2014-09-19 22:54 - 2013-06-06 17:56 - 00000000 ____D () C:\ProgramData\Skype2014-09-19 22:08 - 2013-10-09 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2014-09-19 22:08 - 2013-06-06 17:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-09-19 21:14 - 2013-06-06 17:26 - 00000000 ____D () C:\Program Files\NVIDIA Corporation2014-09-17 00:51 - 2014-01-22 18:54 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll Files to move or delete:====================C:\Users\Will\mcnp_env.bat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-16 18:38 ==================== End Of Log ============================
  9. Thanks for the response! Here is my Combofix log: ComboFix.txt
  10. Hi, I've been having a problem with dllhost.exe*32 starting tens of instances and restarting every few minutes after I have ended the correct process tree. This seems to need a personal fix, and it is an urgent matter for me to get my computer fixed ASAP, so any help would be extremely kind. Thank you for reading this and maybe helping out! Here are the FRST scans of my computer. If anything else is needed, I'll be happy to oblige. FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.