Jump to content

Can't Remove Snap.do

SwitchS
 Share

Recommended Posts

SwitchS

SwitchS

Posted
Posted

I have a program called Snap.do in my uninstall list called Snap.do, and when I try to uninstall I get a popup saying the feature you are trying to use is on a network resource that is unavailable.

 

From googling snap.do it appears to be some sort of malware, any way to get rid of this?

Link to post
Share on other sites
  • 4 weeks later...
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Hello SwitchS

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
Link to post
Share on other sites
SwitchS

SwitchS

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by doliv_000 (administrator) on OLIEBURGZ on 04-08-2014 15:16:59
Running from C:\Users\doliv_000\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4872\Battle.net.exe
(Blizzard Entertainment) C:\Program Files (x86)\Diablo III\Diablo III.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.101\deploy\LolClient.exe
(SplitMediaLabs) C:\Program Files (x86)\SplitmediaLabs\XSplit\XSplit.Core.exe
(SplitMediaLabs) C:\Program Files (x86)\SplitmediaLabs\XSplit\x64\XGS64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SplitmediaLabs Limited) C:\Program Files (x86)\SplitmediaLabs\XSplit\VHMultiWriterExt2.exe
(Spotify Ltd) C:\Users\doliv_000\AppData\Roaming\Spotify\spotify.exe
() C:\Users\doliv_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\doliv_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\doliv_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\doliv_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\doliv_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-05-20] (Razer Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\S-1-5-21-63815030-2767867945-3973429732-1001\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3330800 2011-11-21] (ASUSTek Computer Inc.)
HKU\S-1-5-21-63815030-2767867945-3973429732-1001\...\Run: [spotify] => C:\Users\doliv_000\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-09] (Spotify Ltd)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA5A65E683A06CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\doliv_000\AppData\Roaming\Mozilla\Firefox\Profiles\mchtxv3h.default-1404537164370
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Extension: Adblock Plus - C:\Users\doliv_000\AppData\Roaming\Mozilla\Firefox\Profiles\mchtxv3h.default-1404537164370\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-05]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-30]
FF HKCU\...\FIREFOX\Extensions: [{9e1efa6d-8478-48c3-a97d-dfd617d72f95}] - C:\Program Files (x86)\Buzz-it\150.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL: http://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCh1&co=US&userid=0323c5a1-043d-c93c-621f-8f2dfe4d0e45&searchtype=ds&q={searchTerms}&installDate=30/12/2013
CHR Extension: (Google Docs) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-21]
CHR Extension: (Google Drive) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-21]
CHR Extension: (YouTube) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-21]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (Google Search) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-21]
CHR Extension: (AdBlock) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-08]
CHR Extension: (Buzz-it) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kppkjdpifiiogddjaebpigjoinegfcle [2014-01-02]
CHR Extension: (Skype Click to Call) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-31]
CHR Extension: (Google Wallet) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-31]
CHR Extension: (Gmail) - C:\Users\doliv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-12-31] ()
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SSMO3v2Filter; C:\Windows\system32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 15:16 - 2014-08-04 15:17 - 00018650 _____ () C:\Users\doliv_000\Downloads\FRST.txt
2014-08-04 15:16 - 2014-08-04 15:17 - 00000000 ____D () C:\FRST
2014-08-04 15:16 - 2014-08-04 15:16 - 02094080 _____ (Farbar) C:\Users\doliv_000\Downloads\FRST64.exe
2014-08-03 18:51 - 2014-08-03 19:28 - 00000000 ____D () C:\Program Files (x86)\Diablo III Public Test
2014-08-03 18:51 - 2014-08-03 18:51 - 00001332 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public TestDiablo III Public Test.lnk
2014-08-03 18:51 - 2014-08-03 18:51 - 00001318 _____ () C:\Users\Public\Desktop\Diablo III Public Test.lnk
2014-08-03 18:51 - 2014-08-03 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2014-08-01 15:45 - 2014-08-01 15:45 - 00005893 _____ () C:\Users\doliv_000\Downloads\LOL_OPGG_Observer_1460524004.bat
2014-07-30 14:42 - 2014-07-30 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 17:35 - 2014-07-23 00:16 - 00152194 _____ () C:\Users\doliv_000\Downloads\debug.log
2014-07-22 17:32 - 2014-07-22 17:32 - 00001125 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2014-07-22 17:32 - 2014-07-22 17:32 - 00000000 ____D () C:\Users\doliv_000\AppData\Local\SplitMediaLabs
2014-07-22 17:30 - 2014-07-22 17:30 - 42368408 _____ (SplitmediaLabs) C:\Users\doliv_000\Downloads\xbc_installer.exe
2014-07-22 17:04 - 2014-07-22 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-07-22 17:04 - 2014-07-22 17:32 - 00000000 ____D () C:\Program Files (x86)\SplitmediaLabs
2014-07-22 17:04 - 2014-07-22 17:04 - 00001234 _____ () C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2014-07-22 17:04 - 2014-07-22 17:04 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-07-22 17:03 - 2014-07-22 17:30 - 00000000 ____D () C:\Users\doliv_000\AppData\Roaming\SplitmediaLabs
2014-07-22 17:03 - 2014-07-22 17:03 - 49657376 _____ (SplitmediaLabs) C:\Users\doliv_000\Downloads\xsplit_gc_installer.exe
2014-07-22 13:30 - 2014-07-22 13:30 - 00005908 _____ () C:\Users\doliv_000\Downloads\LOL_OPGG_Observer_1464301650.bat
2014-07-21 13:24 - 2014-07-21 13:24 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-21 13:24 - 2014-07-21 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 13:23 - 2014-07-21 13:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 13:23 - 2014-07-21 13:24 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 13:23 - 2014-07-21 13:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 13:23 - 2014-07-21 13:23 - 00000000 ____D () C:\Program Files\iPod
2014-07-21 13:18 - 2014-07-21 13:18 - 05749375 _____ () C:\Users\doliv_000\Documents\I'm too sexy - - Right Said Fred Lyrics.mp4
2014-07-21 13:13 - 2014-07-21 13:13 - 10474337 _____ () C:\Users\doliv_000\Documents\Nelly - Hot in Here Lyrics.mp4
2014-07-21 13:11 - 2014-07-21 13:11 - 41160140 _____ () C:\Users\doliv_000\Documents\112 - PEACHES & CREAM __(LYRICS ON SCREEN)__.mp4
2014-07-21 13:07 - 2014-07-21 13:07 - 19642728 _____ () C:\Users\doliv_000\Documents\Usher U Got It Bad Lyrics.mp4
2014-07-21 13:03 - 2014-07-21 13:03 - 13776014 _____ () C:\Users\doliv_000\Documents\N'sync - Bye Bye Bye (Lyrics).mp4
2014-07-21 12:54 - 2014-07-21 12:54 - 35332265 _____ () C:\Users\doliv_000\Documents\What's Your Fantasy [Lyrics] HD.mp4
2014-07-21 12:53 - 2014-07-21 12:53 - 15214195 _____ () C:\Users\doliv_000\Documents\Backstreet Boys Larger Than Life w_ lyrics.mp4
2014-07-21 12:50 - 2014-07-21 12:50 - 07336459 _____ () C:\Users\doliv_000\Documents\Christina Aguilera - Genie in A Bottle {Lyrics}.mp4
2014-07-21 12:42 - 2014-07-21 12:42 - 05634434 _____ () C:\Users\doliv_000\Documents\98 Degrees I Do Cherish You.mp4
2014-07-21 12:41 - 2014-07-21 12:41 - 09360200 _____ () C:\Users\doliv_000\Documents\The Hardest Thing - 98 Degrees Lyrics.mp4
2014-07-21 12:38 - 2014-07-21 12:38 - 08383419 _____ () C:\Users\doliv_000\Documents\Jumper-Third Eye Blind Lyrics.mp4
2014-07-21 12:34 - 2014-07-21 12:34 - 10489282 _____ () C:\Users\doliv_000\Documents\Give Me Everything Tonight Pitbull Lyrics.mp4
2014-07-21 12:32 - 2014-07-21 12:32 - 07757728 _____ () C:\Users\doliv_000\Documents\All My Life K C and Jojo lyrics.mp4
2014-07-21 12:29 - 2014-07-21 12:29 - 06555133 _____ () C:\Users\doliv_000\Documents\Petey Pablo - Raise Up (Lyrics).mp4
2014-07-21 12:28 - 2014-07-21 12:28 - 04710312 _____ () C:\Users\doliv_000\Documents\Freek a leak by Petey Pablo.mp4
2014-07-21 12:24 - 2014-07-21 12:24 - 05274050 _____ () C:\Users\doliv_000\Documents\Macklemore- Thrift Shop- (ACCURATE LYRICS ON SCREEN).mp4
2014-07-21 12:22 - 2014-07-21 12:22 - 07583989 _____ () C:\Users\doliv_000\Documents\50 cent in da club lyrics.mp4
2014-07-21 12:21 - 2014-07-21 12:21 - 05602781 _____ () C:\Users\doliv_000\Documents\Enrique Iglesias - Hero w_Lyrics.mp4
2014-07-21 12:20 - 2014-07-21 12:20 - 09822966 _____ () C:\Users\doliv_000\Documents\Sisqo - The Thong Song [LYRICS].mp4
2014-07-21 12:17 - 2014-07-21 12:17 - 41656451 _____ () C:\Users\doliv_000\Documents\Rise and shine - Athlete and running ultimate motivation.mp4
2014-07-21 12:16 - 2014-07-21 12:16 - 06946404 _____ () C:\Users\doliv_000\Documents\It's Beginning To Look A Lot Like Christmas By Johnny Mathis.mp4
2014-07-21 12:14 - 2014-07-21 12:14 - 00001305 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-07-21 12:14 - 2014-07-21 12:14 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications
2014-07-21 12:13 - 2014-07-21 12:13 - 16691888 _____ () C:\Users\doliv_000\Downloads\YTDSetup.exe
2014-07-16 15:04 - 2014-07-16 15:04 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-13 13:42 - 2014-07-13 16:52 - 00001237 _____ () C:\Users\doliv_000\Documents\League.txt
2014-07-13 13:42 - 2014-07-13 13:42 - 00001155 _____ () C:\Users\doliv_000\Desktop\League - Shortcut.lnk
2014-07-10 17:06 - 2014-07-10 17:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-08 17:35 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-07-08 17:26 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-08 17:26 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-08 17:26 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-08 17:26 - 2014-06-18 18:46 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-08 17:26 - 2014-06-18 17:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-08 17:26 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-08 17:26 - 2014-06-16 17:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-08 17:26 - 2014-06-16 17:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-08 17:26 - 2014-06-06 09:20 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-08 17:26 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 17:26 - 2014-05-29 07:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-08 17:26 - 2014-05-29 02:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-07-08 17:26 - 2014-05-29 01:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-07-08 17:26 - 2014-05-29 01:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-07-08 17:26 - 2014-05-29 00:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-07-08 17:26 - 2014-05-29 00:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-08 17:25 - 2014-06-30 17:45 - 00688128 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-08 17:25 - 2014-06-28 02:48 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-08 17:25 - 2014-06-28 02:07 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-08 17:25 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-08 17:25 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-08 17:25 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-08 17:25 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-08 17:25 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-08 17:25 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-08 17:25 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-08 17:25 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-08 17:25 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-08 17:25 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-08 17:25 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-08 17:25 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-08 17:25 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-08 17:25 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-08 17:25 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-08 17:25 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-08 17:25 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-08 17:25 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-08 17:25 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-08 17:25 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-08 17:25 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-08 17:25 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-08 17:25 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-08 17:25 - 2014-05-31 05:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-08 17:25 - 2014-05-31 05:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-07-08 17:25 - 2014-05-30 22:40 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-07-08 17:25 - 2014-05-30 22:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-07-08 17:25 - 2014-05-30 22:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 17:25 - 2014-05-30 22:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-08 17:25 - 2014-05-30 22:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-08 17:25 - 2014-05-30 22:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 17:25 - 2014-05-30 21:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-08 17:25 - 2014-05-30 21:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-08 17:25 - 2014-05-30 21:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-08 17:25 - 2014-05-30 21:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-07-08 17:25 - 2014-05-30 21:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-08 17:25 - 2014-05-30 21:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-07-08 17:25 - 2014-05-30 21:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-08 17:24 - 2014-07-08 17:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 15:17 - 2014-08-04 15:16 - 00018650 _____ () C:\Users\doliv_000\Downloads\FRST.txt
2014-08-04 15:17 - 2014-08-04 15:16 - 00000000 ____D () C:\FRST
2014-08-04 15:16 - 2014-08-04 15:16 - 02094080 _____ (Farbar) C:\Users\doliv_000\Downloads\FRST64.exe
2014-08-04 15:16 - 2013-12-31 07:17 - 00000000 ____D () C:\Users\doliv_000\AppData\Local\Battle.net
2014-08-04 15:06 - 2013-12-31 10:10 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E067CC8A-4083-43CF-BC8F-8334CA4C7D56}
2014-08-04 15:03 - 2013-12-31 07:09 - 00000000 ____D () C:\Users\doliv_000\AppData\Roaming\Skype
2014-08-04 14:55 - 2014-01-19 14:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-04 14:51 - 2013-12-31 20:06 - 00000000 ____D () C:\Users\doliv_000\AppData\Roaming\Spotify
2014-08-04 14:20 - 2013-12-31 10:00 - 01555327 _____ () C:\Windows\WindowsUpdate.log
2014-08-04 14:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-04 10:59 - 2013-12-31 10:30 - 00000000 __RDO () C:\Users\doliv_000\SkyDrive
2014-08-04 03:00 - 2013-12-31 10:12 - 00000000 ____D () C:\Users\doliv_000\AppData\Roaming\ClassicShell
2014-08-04 03:00 - 2013-12-31 10:06 - 00000000 ____D () C:\Users\doliv_000
2014-08-03 21:32 - 2013-12-31 10:12 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-63815030-2767867945-3973429732-1001
2014-08-03 19:28 - 2014-08-03 18:51 - 00000000 ____D () C:\Program Files (x86)\Diablo III Public Test
2014-08-03 19:28 - 2014-01-28 13:16 - 00000000 ____D () C:\Users\doliv_000\Documents\Diablo III
2014-08-03 18:51 - 2014-08-03 18:51 - 00001332 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public TestDiablo III Public Test.lnk
2014-08-03 18:51 - 2014-08-03 18:51 - 00001318 _____ () C:\Users\Public\Desktop\Diablo III Public Test.lnk
2014-08-03 18:51 - 2014-08-03 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2014-08-01 17:20 - 2013-12-31 20:07 - 00000000 ____D () C:\Users\doliv_000\AppData\Local\Spotify
2014-08-01 15:45 - 2014-08-01 15:45 - 00005893 _____ () C:\Users\doliv_000\Downloads\LOL_OPGG_Observer_1460524004.bat
2014-08-01 14:20 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-31 16:45 - 2013-12-31 06:47 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-30 19:43 - 2014-01-19 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-30 19:40 - 2013-12-31 10:04 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-30 19:38 - 2013-12-31 10:44 - 00000000 ____D () C:\Users\doliv_000\AppData\Local\NVIDIA Corporation
2014-07-30 19:37 - 2013-08-22 09:46 - 00019081 _____ () C:\Windows\setupact.log
2014-07-30 19:33 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-30 18:46 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-30 14:42 - 2014-07-30 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 21:50 - 2014-01-17 00:06 - 00000157 _____ () C:\Windows\SysWOW64\SystemPreferences.xml
2014-07-28 00:29 - 2014-06-28 12:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-26 19:38 - 2014-05-29 18:02 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-07-26 19:36 - 2013-12-31 07:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-25 14:59 - 2014-01-23 19:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 14:58 - 2014-01-23 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 08:50 - 2014-06-03 17:34 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-25 08:50 - 2014-06-03 17:34 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-25 08:50 - 2014-05-29 22:14 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-25 08:50 - 2014-05-29 22:14 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-24 18:02 - 2014-01-23 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 20:22 - 2014-01-02 23:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-23 18:32 - 2014-01-03 17:43 - 00000000 ____D () C:\Users\doliv_000\Documents\My Games
2014-07-23 00:16 - 2014-07-22 17:35 - 00152194 _____ () C:\Users\doliv_000\Downloads\debug.log
2014-07-22 17:32 - 2014-07-22 17:32 - 00001125 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2014-07-22 17:32 - 2014-07-22 17:32 - 00000000 ____D () C:\Users\doliv_000\AppData\Local\SplitMediaLabs
2014-07-22 17:32 - 2014-07-22 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-07-22 17:32 - 2014-07-22 17:04 - 00000000 ____D () C:\Program Files (x86)\SplitmediaLabs
2014-07-22 17:32 - 2013-12-31 07:08 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-07-22 17:30 - 2014-07-22 17:30 - 42368408 _____ (SplitmediaLabs) C:\Users\doliv_000\Downloads\xbc_installer.exe
2014-07-22 17:30 - 2014-07-22 17:03 - 00000000 ____D () C:\Users\doliv_000\AppData\Roaming\SplitmediaLabs
2014-07-22 17:06 - 2014-06-03 17:35 - 00000000 ____D () C:\Users\doliv_000\AppData\Roaming\NVIDIA
2014-07-22 17:04 - 2014-07-22 17:04 - 00001234 _____ () C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2014-07-22 17:04 - 2014-07-22 17:04 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-07-22 17:03 - 2014-07-22 17:03 - 49657376 _____ (SplitmediaLabs) C:\Users\doliv_000\Downloads\xsplit_gc_installer.exe
2014-07-22 13:30 - 2014-07-22 13:30 - 00005908 _____ () C:\Users\doliv_000\Downloads\LOL_OPGG_Observer_1464301650.bat
2014-07-21 13:24 - 2014-07-21 13:24 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-21 13:24 - 2014-07-21 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-21 13:24 - 2014-07-21 13:23 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-21 13:24 - 2014-07-21 13:23 - 00000000 ____D () C:\Program Files\iTunes
2014-07-21 13:24 - 2014-07-21 13:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-21 13:23 - 2014-07-21 13:23 - 00000000 ____D () C:\Program Files\iPod
2014-07-21 13:18 - 2014-07-21 13:18 - 05749375 _____ () C:\Users\doliv_000\Documents\I'm too sexy - - Right Said Fred Lyrics.mp4
2014-07-21 13:18 - 2014-01-26 16:53 - 00982016 ___SH () C:\Users\doliv_000\Documents\Thumbs.db
2014-07-21 13:13 - 2014-07-21 13:13 - 10474337 _____ () C:\Users\doliv_000\Documents\Nelly - Hot in Here Lyrics.mp4
2014-07-21 13:11 - 2014-07-21 13:11 - 41160140 _____ () C:\Users\doliv_000\Documents\112 - PEACHES & CREAM __(LYRICS ON SCREEN)__.mp4
2014-07-21 13:07 - 2014-07-21 13:07 - 19642728 _____ () C:\Users\doliv_000\Documents\Usher U Got It Bad Lyrics.mp4
2014-07-21 13:03 - 2014-07-21 13:03 - 13776014 _____ () C:\Users\doliv_000\Documents\N'sync - Bye Bye Bye (Lyrics).mp4
2014-07-21 12:54 - 2014-07-21 12:54 - 35332265 _____ () C:\Users\doliv_000\Documents\What's Your Fantasy [Lyrics] HD.mp4
2014-07-21 12:53 - 2014-07-21 12:53 - 15214195 _____ () C:\Users\doliv_000\Documents\Backstreet Boys Larger Than Life w_ lyrics.mp4
2014-07-21 12:50 - 2014-07-21 12:50 - 07336459 _____ () C:\Users\doliv_000\Documents\Christina Aguilera - Genie in A Bottle {Lyrics}.mp4
2014-07-21 12:42 - 2014-07-21 12:42 - 05634434 _____ () C:\Users\doliv_000\Documents\98 Degrees I Do Cherish You.mp4
2014-07-21 12:41 - 2014-07-21 12:41 - 09360200 _____ () C:\Users\doliv_000\Documents\The Hardest Thing - 98 Degrees Lyrics.mp4
2014-07-21 12:38 - 2014-07-21 12:38 - 08383419 _____ () C:\Users\doliv_000\Documents\Jumper-Third Eye Blind Lyrics.mp4
2014-07-21 12:34 - 2014-07-21 12:34 - 10489282 _____ () C:\Users\doliv_000\Documents\Give Me Everything Tonight Pitbull Lyrics.mp4
2014-07-21 12:32 - 2014-07-21 12:32 - 07757728 _____ () C:\Users\doliv_000\Documents\All My Life K C and Jojo lyrics.mp4
2014-07-21 12:29 - 2014-07-21 12:29 - 06555133 _____ () C:\Users\doliv_000\Documents\Petey Pablo - Raise Up (Lyrics).mp4
2014-07-21 12:28 - 2014-07-21 12:28 - 04710312 _____ () C:\Users\doliv_000\Documents\Freek a leak by Petey Pablo.mp4
2014-07-21 12:24 - 2014-07-21 12:24 - 05274050 _____ () C:\Users\doliv_000\Documents\Macklemore- Thrift Shop- (ACCURATE LYRICS ON SCREEN).mp4
2014-07-21 12:22 - 2014-07-21 12:22 - 07583989 _____ () C:\Users\doliv_000\Documents\50 cent in da club lyrics.mp4
2014-07-21 12:21 - 2014-07-21 12:21 - 05602781 _____ () C:\Users\doliv_000\Documents\Enrique Iglesias - Hero w_Lyrics.mp4
2014-07-21 12:20 - 2014-07-21 12:20 - 09822966 _____ () C:\Users\doliv_000\Documents\Sisqo - The Thong Song [LYRICS].mp4
2014-07-21 12:17 - 2014-07-21 12:17 - 41656451 _____ () C:\Users\doliv_000\Documents\Rise and shine - Athlete and running ultimate motivation.mp4
2014-07-21 12:16 - 2014-07-21 12:16 - 06946404 _____ () C:\Users\doliv_000\Documents\It's Beginning To Look A Lot Like Christmas By Johnny Mathis.mp4
2014-07-21 12:14 - 2014-07-21 12:14 - 00001305 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-07-21 12:14 - 2014-07-21 12:14 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications
2014-07-21 12:14 - 2014-01-26 16:27 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-07-21 12:13 - 2014-07-21 12:13 - 16691888 _____ () C:\Users\doliv_000\Downloads\YTDSetup.exe
2014-07-17 17:52 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-16 15:04 - 2014-07-16 15:04 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-13 16:52 - 2014-07-13 13:42 - 00001237 _____ () C:\Users\doliv_000\Documents\League.txt
2014-07-13 13:42 - 2014-07-13 13:42 - 00001155 _____ () C:\Users\doliv_000\Desktop\League - Shortcut.lnk
2014-07-11 19:30 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-07-10 17:09 - 2013-08-22 09:44 - 00335784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 17:07 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 17:07 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 17:06 - 2014-07-10 17:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 17:06 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-07-10 17:06 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-07-08 17:55 - 2014-01-19 14:04 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 17:36 - 2013-12-31 10:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-08 17:35 - 2013-12-31 10:19 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-08 17:35 - 2013-08-22 14:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 17:35 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-08 17:24 - 2014-07-08 17:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-05 00:04 - 2013-12-31 09:57 - 00509424 _____ () C:\Windows\PFRO.log
2014-07-05 00:03 - 2013-12-30 21:50 - 00001066 _____ () C:\Users\doliv_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

Some content of TEMP:
====================
C:\Users\doliv_000\AppData\Local\Temp\6_Offer_17.exe
C:\Users\doliv_000\AppData\Local\Temp\8251uninstall.exe
C:\Users\doliv_000\AppData\Local\Temp\BackupSetup.exe
C:\Users\doliv_000\AppData\Local\Temp\fr1abeij.dll
C:\Users\doliv_000\AppData\Local\Temp\hcuninstaller_20140704_233320_4344.exe
C:\Users\doliv_000\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\doliv_000\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\doliv_000\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\doliv_000\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\doliv_000\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\doliv_000\AppData\Local\Temp\nvStInst.exe
C:\Users\doliv_000\AppData\Local\Temp\Sqlite3.dll
C:\Users\doliv_000\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\doliv_000\AppData\Local\Temp\ubi9191.tmp.exe
C:\Users\doliv_000\AppData\Local\Temp\vcredist_x64.exe
C:\Users\doliv_000\AppData\Local\Temp\_is2725.exe
C:\Users\doliv_000\AppData\Local\Temp\_is9E25.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 22:32

==================== End Of Log ============================

 

Addition.txt

Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Hello SwitchS

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo

Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept