Jump to content

Graphics card running when it shouldn't, possible malware?

G4ben
 Share

Recommended Posts

G4ben

G4ben

Posted
Posted

In the last few days, my NVIDIA GeForest GTX 765M has been running, even though my laptop is in Power Saver mode and I shouldn't have any programs making it run.

I used Process Explorer to check the GPU usage, and the main processes using are csrss.exe and dwm.exe. After that I noticed that I have 2 csrss.exe running, one taking 2740K memory and other taking 12472K memory. The csrss.exe taking 12472K memory is the one using GPU, the other doesn't use any.

I ran a full scan with Malwarebytes in Safe Mode with networking and found 3 files in my downloads folder, which I removed, but the problem still percisted.

Next I tried to do a system restore, I thought it was related to me updating my 765M drivers, but that wasn't the case.

Could anyone help me fix this?

Link to post
Share on other sites
G4ben

G4ben

Posted
  • Author
Posted

Here are my Farbar Recovery Scan Tool results:

 

FRST.txt :

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Martin (administrator) on MARTIN-PC on 04-06-2014 11:48:36
Running from E:\Users\Martin\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Valve Corporation) E:\Program Files\Steam\Steam.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sysinternals - www.sysinternals.com) E:\Users\Martin\Desktop\sassd\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Martin\AppData\Local\Temp\procexp64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKLM-x32\...\Run: [installValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] => C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265096 2013-06-19] ()
HKLM\...\Winlogon: [userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-840660807-2650127800-3795887055-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [7892864 2013-09-02] (Binary Fortress Software)
HKU\S-1-5-21-840660807-2650127800-3795887055-1000\...\Run: [steam] => E:\Program Files\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-840660807-2650127800-3795887055-1000\...\Run: [sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-04-01] (Sony)
HKU\S-1-5-21-840660807-2650127800-3795887055-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-840660807-2650127800-3795887055-1000\...\MountPoints2: {7fe728de-3fcd-11e3-8604-68a3c4f7d5ef} - F:\Startme.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://maplestory.nexon.com/
DPF: HKLM-x32 {063F7D71-5E0B-48F2-87D5-F63C5917947E} https://platform.nexon.com/activex/ahnlab/aosmgr.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 85.253.0.130 85.253.0.2

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\yib7c5ep.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.ee
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ahnlab.com/asp/npaosmgr.1 - C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_536\npaosmgr.dll (AhnLab, Inc.)
FF Plugin-x32: @ahnlab.com/asp/npmkd25sp - C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @ahnlab.com/asp/npmkd25sp - C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\yib7c5ep.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eki-ee.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\neti-ee.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\osta-ee.xml
FF Extension: Media Hint - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\yib7c5ep.default\Extensions\mediahint@jetpack.xpi [2013-08-27]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1315728 2013-09-02] (Binary Fortress Software)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-03-04] (Intel Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-03-04] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-08-22] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942528 2013-08-22] (GlavSoft LLC.)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 Mkd2Bthf; C:\Windows\System32\drivers\Mkd2Bthf.sys [98520 2014-02-24] (AhnLab, Inc.)
R3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [112856 2014-02-24] (AhnLab, Inc.)
S3 Mkd3kfNt; C:\Windows\System32\drivers\Mkd3kfNt.sys [168664 2014-03-17] (AhnLab, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-04-29] (Anchorfree Inc.)
S3 uisp; C:\Windows\System32\Drivers\usbicp.sys [20480 2010-08-24] (Motorola)
R3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
R3 cpuz136; \??\C:\Users\Martin\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 11:48 - 2014-06-04 11:48 - 00000000 ____D () C:\FRST
2014-06-04 11:10 - 2014-05-30 02:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-04 11:10 - 2014-05-30 02:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-04 11:04 - 2014-06-04 11:04 - 1031032133 _____ () C:\Windows\MEMORY.DMP
2014-06-04 11:04 - 2014-06-04 11:04 - 00286040 _____ () C:\Windows\Minidump\060414-8751-01.dmp
2014-06-04 10:36 - 2014-06-04 10:36 - 00000886 _____ () C:\Windows\PFRO.log
2014-06-04 09:48 - 2014-06-04 11:10 - 00000887 _____ () C:\Windows\setupact.log
2014-06-04 09:48 - 2014-06-04 09:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-02 08:15 - 2014-06-02 08:16 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\SumatraPDF
2014-05-31 11:46 - 2014-05-31 11:47 - 00000000 ____D () C:\Users\Martin\AppData\Local\Sony
2014-05-31 11:46 - 2014-05-31 11:46 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-05-31 11:45 - 2014-05-31 11:46 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Sony
2014-05-31 11:45 - 2014-05-31 11:46 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install
2014-05-28 21:33 - 2014-05-28 21:33 - 00000337 _____ () C:\Users\Martin\AppData\Local\Perfmon.PerfmonCfg
2014-05-25 08:14 - 2014-05-25 09:41 - 00000000 ____D () C:\Program Files (x86)\VIA
2014-05-25 08:04 - 2014-05-25 08:04 - 00000000 ____D () C:\Users\Martin\AppData\Local\SlimWare Utilities Inc
2014-05-24 13:00 - 2014-03-31 19:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-24 13:00 - 2014-03-31 19:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-18 18:14 - 2014-05-18 18:14 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-05-18 18:14 - 2014-05-18 18:14 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-05-15 05:44 - 2014-06-04 11:04 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-05-14 21:07 - 2014-05-06 07:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 21:07 - 2014-05-06 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 21:07 - 2014-05-06 06:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 21:07 - 2014-05-06 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 21:07 - 2014-05-06 06:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 21:07 - 2014-05-06 05:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 21:01 - 2014-05-09 09:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 21:01 - 2014-05-09 09:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 21:01 - 2014-04-12 05:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 21:01 - 2014-04-12 05:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 21:01 - 2014-04-12 05:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 21:01 - 2014-04-12 05:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 21:01 - 2014-04-12 05:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 21:01 - 2014-04-12 05:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 21:01 - 2014-04-12 05:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 21:01 - 2014-04-12 05:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 21:01 - 2014-04-12 05:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 21:01 - 2014-03-25 05:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 21:01 - 2014-03-25 05:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 21:01 - 2014-03-04 12:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 21:01 - 2014-03-04 12:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 21:01 - 2014-03-04 12:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 21:01 - 2014-03-04 12:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 21:01 - 2014-03-04 12:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 21:01 - 2014-03-04 12:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 21:01 - 2014-03-04 12:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 21:01 - 2014-03-04 12:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 21:01 - 2014-03-04 12:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 21:01 - 2014-03-04 12:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 21:01 - 2014-03-04 12:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 21:01 - 2014-03-04 12:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 21:01 - 2014-03-04 12:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 21:01 - 2014-03-04 12:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 21:01 - 2014-03-04 12:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 21:01 - 2014-03-04 12:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 21:01 - 2014-03-04 12:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 21:01 - 2014-03-04 12:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 21:01 - 2014-03-04 12:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 21:01 - 2014-03-04 12:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 21:01 - 2014-03-04 12:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-10 08:40 - 2014-05-10 08:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-06 18:52 - 2014-05-06 18:52 - 00000841 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC.lnk
2014-05-06 18:50 - 2014-05-06 18:50 - 00000000 ____D () C:\Program Files\Adobe
2014-05-06 18:48 - 2014-05-06 18:48 - 00000741 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC.lnk
2014-05-06 18:46 - 2014-05-06 18:46 - 00000000 ____D () C:\adobeTemp
2014-05-05 21:18 - 2014-05-11 09:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-05 21:18 - 2014-05-05 21:18 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== One Month Modified Files and Folders =======

2014-06-04 11:48 - 2014-06-04 11:48 - 00000000 ____D () C:\FRST
2014-06-04 11:48 - 2013-08-23 18:18 - 00000000 ____D () C:\Users\Martin\AppData\Local\Temp
2014-06-04 11:47 - 2013-08-24 21:30 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\uTorrent
2014-06-04 11:43 - 2013-08-24 18:16 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype
2014-06-04 11:14 - 2013-08-23 18:18 - 01562533 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 11:11 - 2009-07-14 07:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 11:11 - 2009-07-14 07:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 11:10 - 2014-06-04 09:48 - 00000887 _____ () C:\Windows\setupact.log
2014-06-04 11:10 - 2009-07-14 08:13 - 00793694 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 11:05 - 2013-08-23 21:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2014-06-04 11:04 - 2014-06-04 11:04 - 1031032133 _____ () C:\Windows\MEMORY.DMP
2014-06-04 11:04 - 2014-06-04 11:04 - 00286040 _____ () C:\Windows\Minidump\060414-8751-01.dmp
2014-06-04 11:04 - 2014-05-15 05:44 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-06-04 11:04 - 2013-09-08 09:47 - 00000000 ____D () C:\Windows\Minidump
2014-06-04 11:04 - 2013-08-24 21:34 - 00000000 ____D () C:\ProgramData\VMware
2014-06-04 11:04 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 11:02 - 2013-08-24 20:11 - 00007601 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-06-04 10:36 - 2014-06-04 10:36 - 00000886 _____ () C:\Windows\PFRO.log
2014-06-04 09:48 - 2014-06-04 09:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 09:35 - 2013-08-23 21:43 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe
2014-06-04 09:30 - 2013-08-23 21:40 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-04 09:26 - 2013-08-23 21:44 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-04 09:26 - 2013-08-23 21:44 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-04 09:25 - 2014-03-26 20:43 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-04 09:25 - 2014-03-26 20:43 - 00000000 ____D () C:\Windows\system32\NV
2014-06-04 09:25 - 2013-12-09 23:17 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\texstudio
2014-06-04 09:25 - 2013-10-28 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-04 09:25 - 2013-10-28 17:00 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-06-04 09:25 - 2013-08-27 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-04 09:25 - 2013-08-25 16:13 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Rainmeter
2014-06-04 09:25 - 2013-08-25 10:51 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\VMware
2014-06-04 09:25 - 2013-08-23 18:31 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-04 09:25 - 2013-08-23 18:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-04 09:25 - 2013-08-23 18:18 - 00000000 ____D () C:\Users\Martin
2014-06-04 09:24 - 2013-08-27 16:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\foobar2000
2014-06-04 09:24 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration
2014-06-03 21:17 - 2013-08-23 18:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-03 17:56 - 2013-08-25 10:51 - 00000000 ____D () C:\Users\Martin\AppData\Local\VMware
2014-06-02 08:16 - 2014-06-02 08:15 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\SumatraPDF
2014-06-01 08:07 - 2013-08-24 20:50 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts_tmp
2014-05-31 11:47 - 2014-05-31 11:46 - 00000000 ____D () C:\Users\Martin\AppData\Local\Sony
2014-05-31 11:46 - 2014-05-31 11:46 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-05-31 11:46 - 2014-05-31 11:45 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Sony
2014-05-31 11:46 - 2014-05-31 11:45 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install
2014-05-31 11:46 - 2013-08-23 19:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-30 02:07 - 2014-06-04 11:10 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 02:07 - 2014-06-04 11:10 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 02:07 - 2013-10-28 20:05 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-30 02:07 - 2013-10-28 20:05 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-29 10:57 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2014-05-28 21:33 - 2014-05-28 21:33 - 00000337 _____ () C:\Users\Martin\AppData\Local\Perfmon.PerfmonCfg
2014-05-28 21:32 - 2014-03-18 11:58 - 00000000 ____D () C:\Program Files (x86)\Arduino
2014-05-28 07:08 - 2013-11-05 19:17 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-05-28 07:08 - 2013-08-23 19:29 - 00081056 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-28 07:08 - 2013-08-23 18:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-28 07:08 - 2009-07-14 07:45 - 05007824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-25 09:44 - 2013-08-29 15:15 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-05-25 09:44 - 2013-08-29 15:05 - 00000000 ____D () C:\Program Files\Speccy
2014-05-25 09:42 - 2013-08-27 08:55 - 00000000 ____D () C:\ProgramData\Soluto
2014-05-25 09:42 - 2013-08-23 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-25 09:41 - 2014-05-25 08:14 - 00000000 ____D () C:\Program Files (x86)\VIA
2014-05-25 09:41 - 2013-08-23 19:10 - 00000000 ____D () C:\Program Files\Intel
2014-05-25 08:04 - 2014-05-25 08:04 - 00000000 ____D () C:\Users\Martin\AppData\Local\SlimWare Utilities Inc
2014-05-23 12:03 - 2013-08-23 18:18 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 12:02 - 2013-08-23 21:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-18 18:14 - 2014-05-18 18:14 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
2014-05-18 18:14 - 2014-05-18 18:14 - 00000000 ____D () C:\Program Files\Microsoft Research
2014-05-15 17:17 - 2013-12-29 13:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 17:13 - 2009-07-14 08:08 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-14 22:24 - 2013-08-23 21:24 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Adobe
2014-05-14 22:18 - 2013-10-08 17:08 - 00000000 ____D () C:\Program Files\Sublime Text 2
2014-05-14 21:12 - 2013-08-23 18:18 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 21:11 - 2014-04-24 07:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 21:06 - 2013-08-23 20:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 21:03 - 2013-08-23 20:43 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 19:48 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-11 09:27 - 2014-05-05 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 08:40 - 2014-05-10 08:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 09:14 - 2014-05-14 21:01 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:11 - 2014-05-14 21:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 19:50 - 2013-09-01 14:50 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-06 19:06 - 2013-10-08 22:16 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-06 18:52 - 2014-05-06 18:52 - 00000841 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC.lnk
2014-05-06 18:50 - 2014-05-06 18:50 - 00000000 ____D () C:\Program Files\Adobe
2014-05-06 18:48 - 2014-05-06 18:48 - 00000741 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC.lnk
2014-05-06 18:46 - 2014-05-06 18:46 - 00000000 ____D () C:\adobeTemp
2014-05-06 18:45 - 2013-09-01 14:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-06 07:40 - 2014-05-14 21:07 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:17 - 2014-05-14 21:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 06:25 - 2014-05-14 21:07 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 06:07 - 2014-05-14 21:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 06:00 - 2014-05-14 21:07 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:10 - 2014-05-14 21:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 21:18 - 2014-05-05 21:18 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptoh53m.dll
C:\Users\Martin\AppData\Local\Temp\procexp64.exe
C:\Users\Martin\AppData\Local\Temp\speccycpuid.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 10:50

==================== End Of Log ============================

 

And my Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Martin at 2014-06-04 11:49:28
Running from E:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
AhnLab Online Security (HKLM-x32\...\AhnLab Online Security) (Version:  - AhnLab, Inc)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Combined Community Codec Pack 2014-01-17 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.01.17.0 - CCCP Project)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DisplayFusion 5.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 5.1.0.0 - Binary Fortress Software)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
foobar2000 v1.2.9 (HKLM-x32\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Geany 1.23.1 (HKLM-x32\...\Geany) (Version: 1.23.1 - The Geany developer team)
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.28.0 - International GeoGebra Institute)
GraphicsGale FreeEdition version 2.03.19 (HKLM-x32\...\GraphicsGale FreeEdition_is1) (Version:  - HUMANBALANCE Ltd.)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)
Heroine's Quest: The Herald of Ragnarok (HKLM-x32\...\Steam App 283880) (Version:  - Crystal Shard)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.6.1.0536 - Intel Corporation) Hidden
Intel® PROSet/Wireless WiFi Software Driver (Version: 15.06.1000.0167 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fad118b4-798f-4755-9e67-a622eec95b62}) (Version: 15.6.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO MINDSTORMS EV3 (HKLM-x32\...\LEGO_SW.{5B0CB826-E499-4E6B-94F0-75B6327ED934}) (Version: 1.0.0 - The LEGO Group)
LEGO MINDSTORMS EV3 Home Content (x32 Version: 1.0.259 - The LEGO Group) Hidden
LEGO MINDSTORMS EV3 Home Edition (x32 Version: 1.0.346 - The LEGO Group) Hidden
LEGO MINDSTORMS EV3 Home English Support (x32 Version: 1.0.229 - The LEGO Group) Hidden
LEGO MINDSTORMS EV3 Uninstaller (x32 Version: 1.0.11 - The LEGO Group) Hidden
LEGO MINDSTORMS NXT x64 Driver (HKLM\...\{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}) (Version: 1.20.115.0 - LEGO)
LibreOffice 4.1.0.4 (HKLM-x32\...\{F8478020-D98E-49FB-BA14-07A534AED99C}) (Version: 4.1.0.4 - The Document Foundation)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.4.132.12090 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.132.12090 - Sony)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Silverlight 5.1 (x32 Version: 5.1.4001 - National Instruments) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MonkeyJam 3_050529 (HKLM-x32\...\MonkeyJam_is1) (Version:  - GiantScreamingRobotMonkeys)
Mozilla Firefox 29.0.1 (x86 et) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 et)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-d97ddf53-b514-4db3-a327-1f62dd70e562) (Version:  - Epic Games, Inc.)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NI .NET Framework 4 (x32 Version: 4.00.49152 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.11.190 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.11.190 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.11.190 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Pinball Arcade (HKLM-x32\...\Steam App 238260) (Version:  - FarSight Studios)
Python 3.2 pygame-1.9.2a0 (HKLM-x32\...\{265E2F1D-0025-45DF-B83B-8320466108A8}) (Version: 1.9.2 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.2.5 (HKLM-x32\...\{AE3AAD33-1790-415f-A3D0-63FC889FD49E}) (Version: 3.2.5150 - Python Software Foundation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 r2116 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.27035 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Solid Edge ST5 (HKLM-x32\...\{64E87E22-A6E5-4EA4-A14F-089BA2470D1D}) (Version: 105.00.00102 - Siemens)
Soluto (HKLM\...\{871338F7-DFB1-4E10-9EA2-1876A48AAA2B}) (Version: 1.3.1440.0 - Soluto)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.2.201402071544 - Sony Mobile Communications AB)
Sony PC Companion 2.10.206 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Super Sanctum TD (HKLM-x32\...\Steam App 235250) (Version:  - Coffee Stain Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeXstudio 2.5.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.5.2 - Benito van der Zander)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
tools-freebsd (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
Train Simulator 2013 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
Vim 7.4 (self-installing) (HKLM\...\Vim 7.4) (Version:  - )
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.1 - VMware, Inc)
VMware Workstation (Version: 10.0.1 - VMware, Inc.) Hidden

==================== Restore Points  =========================

03-06-2014 17:10:00 Installed DirectX
03-06-2014 18:44:12 Removed Media Go
04-06-2014 06:22:21 Restore Operation
04-06-2014 08:10:35 Installed DirectX

==================== Hosts content: ==========================

2009-07-14 05:34 - 2009-06-11 00:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00FEBE97-CFC7-49D4-B44D-D76CB0C9D547} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {5CEC339D-F7BA-4C3B-8146-7F0E8759154B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AB14446E-26AA-4319-8E82-9B3A3F417F40} - System32\Tasks\AdobeAAMUpdater-1.0-Martin-PC-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {ACE9F76D-7AA0-4E76-B4D7-97CE153A6E45} - System32\Tasks\{8EB0EC3A-5501-4670-A8D9-863D4C593770} => Firefox.exe http://ui.skype.com/ui/0/6.7.59.102/et/go/help.faq.installer?LastError=1618

==================== Loaded Modules (whitelisted) =============

2013-08-23 18:31 - 2014-03-04 17:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-08-23 18:31 - 2014-03-04 16:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-11 20:50 - 2013-04-15 11:50 - 00198144 _____ () C:\Windows\System32\HP1006LM.DLL
2013-09-11 20:50 - 2013-04-15 11:50 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll
2014-02-13 20:01 - 2014-02-13 20:01 - 03677184 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\4d01b810c8e3c6bc2ed12d76a61bec0e\PCGPreCompiled.ni.dll
2014-02-13 20:03 - 2014-02-13 20:03 - 00267264 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\4452a58e4560f9c4b7cc6ba9aeb1667c\PCGAppControlPluginLoader.ni.dll
2014-02-13 20:04 - 2014-02-13 20:04 - 00068096 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\72953193ec1da26829b68832a7920eb1\SignalRWrapper.ni.dll
2013-08-22 16:07 - 2013-08-22 16:07 - 00090688 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-08-22 16:07 - 2013-08-22 16:07 - 00054848 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2013-08-22 16:07 - 2013-08-22 16:07 - 00090688 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2014-03-15 02:00 - 2014-03-15 02:00 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-10-28 17:00 - 2013-10-31 12:35 - 00070880 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-10-13 19:05 - 2013-10-13 19:05 - 00038072 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-10-13 19:05 - 2013-10-13 19:05 - 00752824 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-10-13 19:04 - 2013-10-13 19:04 - 00383488 _____ () C:\Program Files\Rainmeter\Plugins\NowPlaying.dll
2013-09-11 20:50 - 2013-04-15 11:49 - 04003328 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006SU.DLL
2013-09-11 20:50 - 2013-04-15 11:49 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006GC.dll
2014-03-15 01:59 - 2014-03-15 01:59 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2013-08-23 18:31 - 2014-03-04 17:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-22 07:20 - 2014-04-30 03:08 - 01135104 _____ () E:\Program Files\Steam\libavcodec-55.dll
2014-04-23 06:28 - 2014-04-30 03:08 - 00471552 _____ () E:\Program Files\Steam\libavutil-53.dll
2014-05-22 07:20 - 2014-04-30 03:08 - 00404992 _____ () E:\Program Files\Steam\libavformat-55.dll
2014-01-08 17:39 - 2014-04-30 03:08 - 00340992 _____ () E:\Program Files\Steam\libavresample-1.dll
2013-07-01 08:20 - 2014-05-17 04:36 - 00756224 _____ () E:\Program Files\Steam\SDL2.dll
2014-05-22 07:20 - 2014-05-29 20:37 - 02139840 _____ () E:\Program Files\Steam\video.dll
2014-05-22 07:20 - 2014-04-29 03:37 - 00519168 _____ () E:\Program Files\Steam\libswscale-2.dll
2013-07-26 14:46 - 2014-05-29 20:36 - 01116864 _____ () E:\Program Files\Steam\bin\chromehtml.DLL
2013-07-15 14:32 - 2014-05-02 02:35 - 20628160 _____ () E:\Program Files\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 02:49 - 01100800 _____ () E:\Program Files\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 02:49 - 00124416 _____ () E:\Program Files\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 02:49 - 00192000 _____ () E:\Program Files\Steam\bin\avformat-53.dll
2013-10-28 17:00 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2013-10-28 17:00 - 2013-09-13 11:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2013-10-28 17:00 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-02-14 11:25 - 2014-02-14 11:25 - 00571392 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2014-06-04 11:04 - 2014-06-04 11:04 - 00043008 _____ () c:\users\martin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptoh53m.dll
2013-08-23 22:01 - 2013-08-23 22:01 - 25100288 _____ () C:\Users\Martin\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-19 00:22 - 2014-03-19 00:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-05-10 08:40 - 2014-05-10 08:40 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-23 19:10 - 2013-03-04 21:29 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-06-04 09:26 - 2014-06-04 09:26 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:cP20uTtyxC1sQ8ZyIyFYWinKt
AlternateDataStreams: C:\ProgramData\Microsoft:swL3gmOYSpdiiYFt9qF73
AlternateDataStreams: C:\Users\Martin\Local Settings:930CO9LhRM1PUiDVV3YV0zX9er3jVR
AlternateDataStreams: C:\Users\Martin\AppData\Local:930CO9LhRM1PUiDVV3YV0zX9er3jVR
AlternateDataStreams: C:\Users\Martin\AppData\Local\Application Data:930CO9LhRM1PUiDVV3YV0zX9er3jVR
AlternateDataStreams: C:\Users\Martin\AppData\Local\Temp:S1dKM41OEKGUDwo1EnCFRaGRVwb

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8188CE Wireless LAN 802.11n COMBO PCI-E NIC
Description: Realtek RTL8188CE Wireless LAN 802.11n COMBO PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192Ce
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware VMCI Host Device
Description: VMware VMCI Host Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: vmci
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2014 11:04:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 11:04:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (06/04/2014 11:04:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (06/04/2014 11:04:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (06/04/2014 11:05:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/04/2014 11:04:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The cpuz136 service failed to start due to the following error:
%%3

Error: (06/04/2014 11:04:31 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (06/04/2014 11:04:28 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa8009202060, 0xfffffa8009202340, 0xfffff800023ca270)C:\Windows\MEMORY.DMP060414-8751-01

Error: (06/04/2014 11:04:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:03:11 on ‎4.‎06.‎2014 was unexpected.

Error: (06/04/2014 10:37:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2

Error: (06/04/2014 10:36:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/04/2014 10:36:36 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (06/04/2014 10:36:20 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (06/04/2014 09:53:09 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}


Microsoft Office Sessions:
=========================
Error: (06/04/2014 11:04:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 11:04:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name43900

Error: (06/04/2014 11:04:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name25900

Error: (06/04/2014 11:04:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name17900

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (06/04/2014 10:36:36 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 8080.96 MB
Available physical RAM: 4098.46 MB
Total Pagefile: 16160.09 MB
Available Pagefile: 11955.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:46.5 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:81.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9FCEBD12)
Partition 1: (Not Active) - (Size=932 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: AD5BFFA0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites
  • 1 month later...
  • 1 month later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept