Jump to content

Recommended Posts

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\ProgramData\MobileBroadbandQuickStartService\VMBQuickStartService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe

(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe

(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe

(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe

() C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe

(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google) C:\Users\Scott\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-30] (Realtek Semiconductor)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011312 2013-04-08] (Synaptics Incorporated)

HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-04-11] (Intel Corporation)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-05] (Alienware)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM-x32\...\Run: [Alienware Survey] => c:\Program Files (x86)\Alienware Customer Surveys\AlienSurvey.exe [7396920 2013-04-24] (Alienware, Inc.)

HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-09-01] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-12] (Intel Corporation)

HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4434224 2013-08-21] ()

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-3755944248-2681048182-3681660583-1001\...\Run: [Google Update] => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-29] (Google Inc.)

HKU\S-1-5-21-3755944248-2681048182-3681660583-1001\...\MountPoints2: {4c3183bd-15a2-11e4-bc8c-54271e6b1411} - F:\setup_QuickStart.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-03] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-03] (NVIDIA Corporation)

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienwarearena.com/welcome-au

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienwarearena.com/welcome-au

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

Tcpip\Parameters: [DhcpNameServer] 10.1.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Scott\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Scott\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "hxxp://www.searchnu.com/406?appid=362", "hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=a8867265241047da81e529714dcbd480&tu=11JL0008M2B000s&sku=&tstsId=&ver=&", "hxxp://searchou.com/?id=82cb330d000000000000848f69d4b9dc", "hxxp://www.search.ask.com/?tpid=CME-V7&o=APN11293&pf=&trgb=CR&p2=%5EB7N%5EYYYYYY%5EYY%5EAU&gct=hp&apn_ptnrs=%5EB7N&apn_dtid=%5EYYYYYY%5EYY%5EAU&apn_dbr=cr_30.0.1599.101&apn_uid=FD934107-2135-4FEC-96D5-5704D7688ED1&itbv=12.7.0.2278&doi=2013-11-15&psv=barid%253D287838570641934212090310625869661836220%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10716%2526ppd%253D", "hxxp://search.conduit.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M40FC5699-B181-46FC-920C-51BAA691CA5A&SearchSource=55&CUI=&UM=5&UP=SP476ADD99-4EDB-479D-BAFB-FA18182B32A4&SSPV="

CHR DefaultSearchKeyword: google.com.au


CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}

CHR Extension: (Google Docs) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-14]

CHR Extension: (Google Drive) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-14]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]

CHR Extension: (YouTube) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-14]

CHR Extension: (Adblock Plus) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-07]

CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2014-04-15]

CHR Extension: (Search by Image (by Google)) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-04-15]

CHR Extension: (Google+) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-04-15]

CHR Extension: (Chromebleed) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-15]

CHR Extension: (NetBank) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnpedghacgigoamalnfnikaagobdbjp [2014-04-15]

CHR Extension: (http://instagram.com/) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcokijhmpkbmpfgfagjaimkadpkiafmk [2014-05-27]

CHR Extension: (http://howlinbeats.tumblr.com/) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidmjeljkjgcleidknjnfmllhoochgem [2014-06-25]

CHR Extension: (Custom Google™ Background) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg [2014-04-15]

CHR Extension: (Shareaholic for Google Chrome™) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2014-04-23]

CHR Extension: (WordPress.com) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2014-04-15]

CHR Extension: (https://twitter.com/) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\lddagfjihimnacaabfnfagjcokfmnekc [2014-05-27]

CHR Extension: (Pinterest ™ ) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldekkfiehnegbjkcmalkfcgfecambndd [2014-04-15]

CHR Extension: (Google Wallet) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-14]

CHR Extension: (Google Quick Scroll) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2014-04-15]

CHR Extension: (Gmail) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-14]

CHR Extension: (http://www.linkedin.com/?trk=nav_logo) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmhnbilieekngfoebfemgflbiplpfahp [2014-05-27]

CHR Extension: (Streak for Gmail) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2014-04-15]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-07] (CyberLink)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-11] (Intel Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-14] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-14] (Intel® Corporation)

S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-02] (iolo technologies, LLC)

R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-08] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-26] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-26] (NVIDIA Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)

R2 Vodafone Mobile Broadband QuickStart; C:\ProgramData\MobileBroadbandQuickStartService\VMBQuickStartService.exe [229216 2011-12-21] ()

S3 McAWFwk; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [X]

S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-03-09] (Broadcom Corporation.)

R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-29] (McAfee, Inc.)

R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-05] (Intel Corporation)

R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [43800 2012-12-13] (Intel Corporation)

R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2012-12-13] (Qualcomm Atheros, Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-19] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299352 2014-07-03] (NVIDIA Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-26] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-04-01] (NVIDIA Corporation)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-04-08] (Synaptics Incorporated)

R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [87776 2013-04-12] (STMicroelectronics)

S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2014-03-09] (Microsoft Corporation) [File not signed]

S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2014-03-09] (Microsoft Corporation) [File not signed]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-19 14:01 - 2014-08-19 14:01 - 00022395 _____ () C:\Users\Scott\Downloads\FRST.txt

2014-08-19 14:01 - 2014-08-19 14:01 - 00000000 ____D () C:\FRST

2014-08-19 14:00 - 2014-08-19 14:01 - 02101760 _____ (Farbar) C:\Users\Scott\Downloads\FRST64.exe

2014-08-18 17:12 - 2014-08-18 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone

2014-08-18 16:56 - 2014-08-18 16:56 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\PC Suite

2014-08-18 16:56 - 2014-08-18 16:56 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Nokia

2014-08-18 16:56 - 2014-08-18 16:56 - 00000000 ____D () C:\ProgramData\PC Suite

2014-08-18 16:55 - 2014-08-18 16:55 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution

2014-08-18 16:55 - 2014-08-18 16:55 - 00000000 ____D () C:\Program Files (x86)\Nokia

2014-08-18 16:55 - 2012-06-11 11:33 - 00026112 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys

2014-08-18 16:55 - 2012-01-09 17:28 - 00057856 _____ (Nokia) C:\Windows\system32\nmwcdclsX64.dll

2014-08-18 16:52 - 2014-08-18 16:52 - 00000000 ____D () C:\ProgramData\Installations

2014-08-18 16:47 - 2014-08-18 16:52 - 40628992 _____ () C:\Users\Scott\Downloads\Nokia_PC_Suite_eng_us_web.exe

2014-08-14 08:37 - 2014-07-01 08:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-14 08:37 - 2014-07-01 08:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-08-14 08:37 - 2014-06-06 16:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-14 08:37 - 2014-06-06 16:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-14 08:37 - 2014-03-10 07:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-14 08:37 - 2014-03-10 07:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-14 08:37 - 2014-03-10 07:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-08-14 08:37 - 2014-03-10 07:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-08-13 11:30 - 2014-08-01 09:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-13 11:30 - 2014-08-01 09:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-08-13 11:30 - 2014-07-26 00:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-13 11:30 - 2014-07-26 00:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-13 11:30 - 2014-07-26 00:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-08-13 11:30 - 2014-07-25 23:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-13 11:30 - 2014-07-25 23:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-13 11:30 - 2014-07-25 23:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-13 11:30 - 2014-07-25 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-08-13 11:30 - 2014-07-25 23:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-13 11:30 - 2014-07-25 23:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-08-13 11:30 - 2014-07-25 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-13 11:30 - 2014-07-25 23:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-13 11:30 - 2014-07-25 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-08-13 11:30 - 2014-07-25 23:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-13 11:30 - 2014-07-25 23:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-13 11:30 - 2014-07-25 23:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-08-13 11:30 - 2014-07-25 22:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-08-13 11:30 - 2014-07-25 22:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-08-13 11:30 - 2014-07-25 22:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-13 11:30 - 2014-07-25 22:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-13 11:30 - 2014-07-25 22:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-08-13 11:30 - 2014-07-25 22:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-13 11:30 - 2014-07-25 22:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-13 11:30 - 2014-07-25 22:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-13 11:30 - 2014-07-25 22:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-13 11:30 - 2014-07-25 22:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-13 11:30 - 2014-07-25 22:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-13 11:30 - 2014-07-25 22:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-13 11:30 - 2014-07-25 22:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-13 11:30 - 2014-07-25 22:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-08-13 11:30 - 2014-07-25 22:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-08-13 11:30 - 2014-07-25 22:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-13 11:30 - 2014-07-25 22:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-13 11:30 - 2014-07-25 22:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-08-13 11:30 - 2014-07-25 22:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-13 11:30 - 2014-07-25 21:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-13 11:30 - 2014-07-25 21:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-13 11:30 - 2014-07-25 21:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-13 11:30 - 2014-07-25 21:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-13 11:30 - 2014-07-25 21:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-13 11:30 - 2014-07-25 21:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-08-13 11:30 - 2014-07-25 21:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-08-13 11:30 - 2014-07-25 21:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-13 11:30 - 2014-07-25 21:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-13 11:30 - 2014-07-25 21:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-13 11:30 - 2014-07-25 21:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-13 11:30 - 2014-07-25 21:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-13 11:30 - 2014-07-25 21:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-08-13 11:30 - 2014-07-25 21:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-13 11:30 - 2014-07-25 20:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-13 11:30 - 2014-07-25 20:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-13 11:30 - 2014-07-25 20:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-13 11:30 - 2014-07-25 20:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-08-13 11:30 - 2014-07-25 20:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-13 11:30 - 2014-07-25 20:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-13 11:15 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2014-08-13 11:15 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2014-08-13 11:15 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2014-08-13 11:15 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2014-08-13 11:15 - 2014-07-09 12:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2014-08-13 11:15 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL

2014-08-13 11:15 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL

2014-08-13 11:15 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL

2014-08-13 11:15 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL

2014-08-13 11:15 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL

2014-08-13 11:15 - 2014-07-09 08:38 - 00419992 _____ () C:\Windows\system32\locale.nls

2014-08-13 11:15 - 2014-07-09 08:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls

2014-08-13 10:04 - 2014-07-16 13:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-13 10:04 - 2014-07-16 13:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-08-13 10:04 - 2014-07-16 12:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-13 10:04 - 2014-07-16 12:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-08-13 10:04 - 2014-07-16 12:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-13 10:04 - 2014-06-25 12:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-08-13 10:04 - 2014-06-25 11:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-08-13 10:04 - 2014-06-16 12:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-13 10:04 - 2014-06-03 20:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-13 10:04 - 2014-06-03 20:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-13 10:04 - 2014-06-03 20:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-13 10:04 - 2014-06-03 20:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-13 10:04 - 2014-06-03 19:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-08-13 10:04 - 2014-06-03 19:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-08-13 10:04 - 2014-06-03 19:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-08-13 10:03 - 2014-08-07 12:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-13 10:03 - 2014-08-07 12:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-13 10:03 - 2014-07-14 12:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-08-13 10:03 - 2014-07-14 11:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-08-12 09:51 - 2014-05-08 19:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-08-12 09:51 - 2014-05-08 19:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-08-12 09:50 - 2014-01-09 12:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-08-12 09:50 - 2014-01-04 08:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-08-11 23:52 - 2013-10-02 12:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-08-11 23:52 - 2013-10-02 12:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-08-11 23:52 - 2013-10-02 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-08-11 23:52 - 2013-10-02 11:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-08-11 23:52 - 2013-10-02 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-08-11 23:52 - 2013-10-02 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-08-11 23:52 - 2013-10-02 11:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-08-11 23:52 - 2013-10-02 10:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-08-11 23:52 - 2013-10-02 10:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-08-11 23:52 - 2013-10-02 10:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2014-08-11 23:52 - 2013-10-02 10:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-08-11 23:52 - 2013-10-02 10:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-08-11 23:52 - 2013-10-02 09:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-08-11 23:52 - 2013-10-02 09:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-08-11 23:52 - 2013-10-02 09:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-08-11 23:52 - 2013-10-02 08:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-08-11 23:52 - 2012-08-24 00:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2014-08-11 23:52 - 2012-08-24 00:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys

2014-08-11 23:52 - 2012-08-24 00:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys

2014-08-11 23:52 - 2012-08-23 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll

2014-08-11 23:52 - 2012-08-23 20:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll

2014-08-11 19:02 - 2014-08-19 13:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-11 19:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-08-11 19:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-08-11 19:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-08-11 18:58 - 2014-08-11 19:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012.exe

2014-08-07 11:06 - 2014-08-07 11:06 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Scott\Downloads\mbam-clean-2.1.1.1001.exe

2014-08-06 14:18 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-08-06 14:17 - 2014-08-07 10:59 - 00000000 ____D () C:\AdwCleaner

2014-08-06 14:17 - 2014-08-06 14:17 - 01361309 _____ () C:\Users\Scott\Downloads\AdwCleaner.exe

2014-08-04 19:38 - 2014-08-04 19:39 - 00000000 ____D () C:\Users\Scott\AppData\Local\NVIDIA Corporation

2014-08-04 19:38 - 2014-08-04 19:39 - 00000000 ____D () C:\Users\Scott\AppData\Local\NVIDIA

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\Windows\system32\NV

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-08-04 19:38 - 2014-07-26 00:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2014-08-04 19:38 - 2014-07-26 00:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2014-08-04 19:38 - 2014-07-26 00:01 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2014-08-04 19:38 - 2014-07-26 00:01 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2014-08-04 19:38 - 2014-07-03 03:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2014-08-04 19:38 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll

2014-08-04 19:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll

2014-08-04 19:38 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll

2014-08-04 19:38 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll

2014-08-04 19:38 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll

2014-08-04 19:38 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-08-04 19:37 - 2014-07-03 06:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-08-04 19:37 - 2014-07-03 06:48 - 00299352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys

2014-08-04 19:37 - 2014-07-03 06:48 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys

2014-08-04 19:37 - 2014-04-01 02:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2014-08-04 19:37 - 2014-04-01 02:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2014-08-04 19:37 - 2014-04-01 02:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2014-08-04 19:35 - 2014-08-04 19:35 - 00000000 ____D () C:\NVIDIA

2014-08-04 17:18 - 2014-08-04 17:18 - 00000000 ____D () C:\ProgramData\MobileBroadbandQuickStartService

2014-08-04 17:18 - 2014-08-04 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Broadband QuickStart Service

2014-07-26 10:54 - 2014-07-26 10:54 - 00024596 _____ () C:\Users\Scott\Downloads\[kickass.to]de.la.soul.best.of.torrent

2014-07-22 16:59 - 2014-07-22 16:59 - 00016090 _____ () C:\Users\Scott\Downloads\[kickass.to]ll.cool.j.walking.with.a.panther.1989.mp3.320kbps.torrent

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-19 14:01 - 2014-08-19 14:01 - 00022395 _____ () C:\Users\Scott\Downloads\FRST.txt

2014-08-19 14:01 - 2014-08-19 14:01 - 00000000 ____D () C:\FRST

2014-08-19 14:01 - 2014-08-19 14:00 - 02101760 _____ (Farbar) C:\Users\Scott\Downloads\FRST64.exe

2014-08-19 13:44 - 2014-03-09 06:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-19 13:39 - 2014-03-09 06:59 - 01080603 _____ () C:\Windows\WindowsUpdate.log

2014-08-19 13:37 - 2014-08-11 19:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-19 13:10 - 2014-04-15 06:03 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-19 13:06 - 2014-03-29 11:59 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3755944248-2681048182-3681660583-1001UA.job

2014-08-19 08:29 - 2009-07-14 14:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-19 08:29 - 2009-07-14 14:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-19 08:26 - 2014-03-29 11:59 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3755944248-2681048182-3681660583-1001Core.job

2014-08-19 08:23 - 2014-04-15 06:03 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-18 17:18 - 2014-03-09 07:18 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn

2014-08-18 17:17 - 2009-07-14 15:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-18 17:12 - 2014-08-18 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone

2014-08-18 17:12 - 2014-06-12 18:55 - 00000000 ____D () C:\Program Files (x86)\Windows Phone

2014-08-18 17:12 - 2014-03-09 07:08 - 00003282 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager

2014-08-18 17:11 - 2014-03-09 07:09 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-18 17:11 - 2010-11-21 13:47 - 00280226 _____ () C:\Windows\PFRO.log

2014-08-18 17:11 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-18 17:11 - 2009-07-14 14:51 - 00061990 _____ () C:\Windows\setupact.log

2014-08-18 17:11 - 2009-07-14 14:45 - 00289536 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-18 17:10 - 2014-03-09 07:04 - 00042944 _____ () C:\Windows\DPINST.LOG

2014-08-18 16:56 - 2014-08-18 16:56 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\PC Suite

2014-08-18 16:56 - 2014-08-18 16:56 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Nokia

2014-08-18 16:56 - 2014-08-18 16:56 - 00000000 ____D () C:\ProgramData\PC Suite

2014-08-18 16:56 - 2014-03-09 07:08 - 00000000 ____D () C:\Program Files\DIFX

2014-08-18 16:55 - 2014-08-18 16:55 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution

2014-08-18 16:55 - 2014-08-18 16:55 - 00000000 ____D () C:\Program Files (x86)\Nokia

2014-08-18 16:52 - 2014-08-18 16:52 - 00000000 ____D () C:\ProgramData\Installations

2014-08-18 16:52 - 2014-08-18 16:47 - 40628992 _____ () C:\Users\Scott\Downloads\Nokia_PC_Suite_eng_us_web.exe

2014-08-17 16:08 - 2014-03-14 20:47 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2014-08-16 13:47 - 2014-03-09 07:18 - 00000000 ____D () C:\ProgramData\PCDr

2014-08-15 19:20 - 2014-03-15 00:27 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\Skype

2014-08-14 18:40 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache

2014-08-14 08:46 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-08-14 08:40 - 2014-03-20 10:08 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-08-14 08:40 - 2014-03-20 10:08 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-14 08:37 - 2014-05-01 05:37 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-08-13 16:31 - 2014-03-15 03:14 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\PCDr

2014-08-11 23:54 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-11 19:01 - 2014-08-11 18:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012.exe

2014-08-07 21:03 - 2014-04-24 00:24 - 00000000 ____D () C:\Users\Scott\AppData\Local\Microsoft Games

2014-08-07 12:06 - 2014-08-13 10:03 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-07 12:01 - 2014-08-13 10:03 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-07 11:06 - 2014-08-07 11:06 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Scott\Downloads\mbam-clean-2.1.1.1001.exe

2014-08-07 10:59 - 2014-08-06 14:17 - 00000000 ____D () C:\AdwCleaner

2014-08-07 10:33 - 2014-03-18 21:44 - 00000000 ____D () C:\Users\Scott\AppData\Roaming\uTorrent

2014-08-06 14:17 - 2014-08-06 14:17 - 01361309 _____ () C:\Users\Scott\Downloads\AdwCleaner.exe

2014-08-04 19:39 - 2014-08-04 19:38 - 00000000 ____D () C:\Users\Scott\AppData\Local\NVIDIA Corporation

2014-08-04 19:39 - 2014-08-04 19:38 - 00000000 ____D () C:\Users\Scott\AppData\Local\NVIDIA

2014-08-04 19:39 - 2014-03-09 07:09 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\Windows\system32\NV

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-08-04 19:38 - 2014-08-04 19:38 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-08-04 19:38 - 2014-03-09 07:18 - 00000000 ____D () C:\Temp

2014-08-04 19:38 - 2014-03-09 07:09 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-08-04 19:38 - 2014-03-09 07:09 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-08-04 19:35 - 2014-08-04 19:35 - 00000000 ____D () C:\NVIDIA

2014-08-04 17:18 - 2014-08-04 17:18 - 00000000 ____D () C:\ProgramData\MobileBroadbandQuickStartService

2014-08-04 17:18 - 2014-08-04 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Broadband QuickStart Service

2014-08-01 09:41 - 2014-08-13 11:30 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-01 09:16 - 2014-08-13 11:30 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-26 10:54 - 2014-07-26 10:54 - 00024596 _____ () C:\Users\Scott\Downloads\[kickass.to]de.la.soul.best.of.torrent

2014-07-26 00:52 - 2014-08-13 11:30 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-26 00:02 - 2014-08-13 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-26 00:01 - 2014-08-13 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-26 00:01 - 2014-08-04 19:38 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2014-07-26 00:01 - 2014-08-04 19:38 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2014-07-26 00:01 - 2014-08-04 19:38 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2014-07-26 00:01 - 2014-08-04 19:38 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2014-07-25 23:51 - 2014-08-13 11:30 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-25 23:30 - 2014-08-13 11:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-25 23:28 - 2014-08-13 11:30 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-25 23:28 - 2014-08-13 11:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-25 23:25 - 2014-08-13 11:30 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-25 23:25 - 2014-08-13 11:30 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-25 23:11 - 2014-08-13 11:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-25 23:10 - 2014-08-13 11:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-25 23:04 - 2014-08-13 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-25 23:03 - 2014-08-13 11:30 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-25 23:00 - 2014-08-13 11:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-25 23:00 - 2014-08-13 11:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-25 22:59 - 2014-08-13 11:30 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-25 22:47 - 2014-08-13 11:30 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-25 22:40 - 2014-08-13 11:30 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-25 22:34 - 2014-08-13 11:30 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-25 22:34 - 2014-08-13 11:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-25 22:33 - 2014-08-13 11:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-25 22:30 - 2014-08-13 11:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-25 22:28 - 2014-08-13 11:30 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-25 22:28 - 2014-08-13 11:30 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-25 22:21 - 2014-08-13 11:30 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-25 22:19 - 2014-08-13 11:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-25 22:18 - 2014-08-13 11:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-25 22:17 - 2014-08-13 11:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-25 22:17 - 2014-08-13 11:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-25 22:12 - 2014-08-13 11:30 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-25 22:10 - 2014-08-13 11:30 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-25 22:10 - 2014-08-13 11:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-25 22:08 - 2014-08-13 11:30 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-25 22:06 - 2014-08-13 11:30 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-25 21:52 - 2014-08-13 11:30 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-25 21:47 - 2014-08-13 11:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-25 21:43 - 2014-08-13 11:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-25 21:42 - 2014-08-13 11:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-25 21:39 - 2014-08-13 11:30 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-25 21:39 - 2014-08-13 11:30 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-25 21:36 - 2014-08-13 11:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-25 21:34 - 2014-08-13 11:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-25 21:29 - 2014-08-13 11:30 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-25 21:23 - 2014-08-13 11:30 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-25 21:13 - 2014-08-13 11:30 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-25 21:07 - 2014-08-13 11:30 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-25 21:07 - 2014-08-13 11:30 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-25 21:03 - 2014-08-13 11:30 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-25 20:52 - 2014-08-13 11:30 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-25 20:26 - 2014-08-13 11:30 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-25 20:17 - 2014-08-13 11:30 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-25 20:09 - 2014-08-13 11:30 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-25 20:05 - 2014-08-13 11:30 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-25 20:00 - 2014-08-13 11:30 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-22 21:45 - 2014-03-09 06:58 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-22 21:45 - 2014-03-09 06:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-22 21:45 - 2014-03-09 06:58 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-22 19:08 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-07-22 16:59 - 2014-07-22 16:59 - 00016090 _____ () C:\Users\Scott\Downloads\[kickass.to]ll.cool.j.walking.with.a.panther.1989.mp3.320kbps.torrent

 

Some content of TEMP:

====================

C:\Users\Scott\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpalwoow.dll

C:\Users\Scott\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Scott\AppData\Local\Temp\nvStInst.exe

C:\Users\Scott\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-17 16:51

 

==================== End Of Log ============================

 

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01

Ran by Scott at 2014-08-19 14:01:56

Running from C:\Users\Scott\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.08)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)

AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Alienware)

AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Alienware)

Alienware Command Center (HKLM-x32\...\InstallShield_{D4CE21D4-27E5-46DB-9FFE-553A90AD4B9F}) (Version: 3.5.14.0 - Alienware Corp.)

Alienware Command Center (Version: 3.5.14.0 - Alienware Corp.) Hidden

Alienware Customer Surveys (HKLM-x32\...\{9AAA35D1-B21D-4610-BBAE-18FE2D00C3E0}) (Version: 1.11.4124 - Dell Inc.)

Alienware Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)

Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.10C - )

Alienware On-Screen Display (x32 Version: 0.33.0.10C - ) Hidden

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)

Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version:  - )

Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden

Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden

Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden

CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.6603 - CyberLink Corp.) Hidden

CyberLink Media Suite 10 (x32 Version: 10.0.1.3214 - CyberLink Corp.) Hidden

CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)

CyberLink Power2Go 8 (x32 Version: 8.0.0.3123 - CyberLink Corp.) Hidden

CyberLink PowerDirector 10 (x32 Version: 10.0.1.3126 - CyberLink Corp.) Hidden

CyberLink PowerDVD 12 (x32 Version: 12.0.3205.55 - CyberLink Corp.) Hidden

Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.5.0.19 - Dell)

Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)

DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden

EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)

Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3324 - Intel Corporation)

Intel® Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1008 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)

Intel® Rapid Storage Technology (Version: 12.0.7.1002 - Intel Corporation) Hidden

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)

NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)

NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)

NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden

NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)

Pioneer DDJ Driver (HKLM-x32\...\Pioneer DDJ ASIO) (Version: 1.001.000.002 - Pioneer Corporation.)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6876 - Realtek Semiconductor Corp.)

Serato DJ  (HKLM-x32\...\{cff70cd3-29c4-4043-b20c-e085773b05e0}) (Version: 1.6.3.7539 - )

Serato DJ  (x32 Version: 1.6.3.7539 - Serato) Hidden

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)

ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0040 - ST Microelectronics)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.8.62 - Synaptics Incorporated)

ULTIMEYES (HKLM-x32\...\{FB212723-6FDB-44DA-9B58-D11561980993}) (Version: 1.101 - Carrot Neurotechnology, Inc.)

Vodafone QuickStart Uninstaller (HKLM-x32\...\{676D78AA-4FD4-405D-8872-E63052EF5716}) (Version: 22.10.2.5011 - Vodafone)

WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4800 - Broadcom Corporation)

Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)

Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-3755944248-2681048182-3681660583-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

CustomCLSID: HKU\S-1-5-21-3755944248-2681048182-3681660583-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-3755944248-2681048182-3681660583-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3755944248-2681048182-3681660583-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-3755944248-2681048182-3681660583-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

 

==================== Restore Points  =========================

 

13-08-2014 22:37:31 Windows Update

17-08-2014 15:14:33 Windows Update

18-08-2014 06:56:04 Removed Windows Phone app for desktop

18-08-2014 07:12:33 Installed Windows Phone app for desktop

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {197EA564-3FA4-4368-83D2-795324D45511} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2014-02-01] (PC-Doctor, Inc.)

Task: {1DBD07CA-3210-4598-9940-FD642441BA57} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)

Task: {3319B361-F60C-4BAF-8B41-EC8EF793F300} - System32\Tasks\Dell\Alienware Survey (Scott) => C:\Program Files (x86)\Alienware Customer Surveys\AlienSurvey.exe [2013-04-24] (Alienware, Inc.)

Task: {33E05A16-053E-4406-AA33-328F47F4FF02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-15] (Google Inc.)

Task: {4E126B1A-85C1-42E6-AA98-0C6EC112F01D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3755944248-2681048182-3681660583-1001Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)

Task: {79D99ECA-960B-492E-9BF3-24C2C99A8293} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\AlienAutopsy\uaclauncher.exe [2014-02-01] (PC-Doctor, Inc.)

Task: {81FE5D68-9AB1-4E15-B4E4-0E6CADFE6BAD} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-02-08] (Intel)

Task: {857FE9EE-A057-47C1-BF2F-3C1E21E4E9E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {8DEBA489-A4FE-4096-AF6D-C4D182356336} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-22] (Adobe Systems Incorporated)

Task: {AB5B4298-8E75-4FEB-A460-F00753B343EA} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-02-01] (PC-Doctor, Inc.)

Task: {ADFC9983-7095-4D1C-AA13-6CCE6B7FB581} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {BF740F89-0A7D-49CD-92D3-E095E90C6A25} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3755944248-2681048182-3681660583-1001UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)

Task: {DD410774-8539-4C4C-BE57-11AB9E3C0865} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)

Task: {E1F51ADA-84D6-4CC4-BF3B-83E4B0DE0962} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-15] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3755944248-2681048182-3681660583-1001Core.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3755944248-2681048182-3681660583-1001UA.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-08-04 19:37 - 2014-07-03 06:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-03-09 07:09 - 2014-07-03 04:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2011-12-21 10:49 - 2011-12-21 10:49 - 00229216 _____ () C:\ProgramData\MobileBroadbandQuickStartService\VMBQuickStartService.exe

2013-08-21 09:02 - 2013-08-21 09:02 - 04434224 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe

2014-03-09 07:18 - 2014-05-01 03:35 - 00486880 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe

2014-08-04 19:37 - 2014-07-03 06:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2009-12-19 03:07 - 2009-12-19 03:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll

2014-03-09 07:16 - 2013-03-05 13:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2013-03-06 03:41 - 2013-03-06 03:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

2014-03-09 07:05 - 2013-03-12 18:20 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2014-05-03 01:44 - 2013-12-18 12:47 - 01904928 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\STRestoreAPI.dll

2014-03-09 07:18 - 2012-11-26 15:20 - 01153384 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\libxml2.dll

2014-03-09 07:18 - 2012-11-26 15:20 - 00117608 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\zlib1.dll

2014-08-16 07:05 - 2014-08-07 13:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll

2014-08-16 07:05 - 2014-08-07 13:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll

2014-08-16 07:05 - 2014-08-07 13:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-16 07:05 - 2014-08-07 13:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-16 07:05 - 2014-08-07 13:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup

MSCONFIG\startupreg: (default) => 

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"

MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 

MSCONFIG\startupreg: RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /IM

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/18/2014 05:12:05 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/18/2014 04:59:17 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PcSync2.exe, version: 9.1.180.801, time stamp: 0x4fe97687

Faulting module name: NGSCM.DLL, version: 7.1.180.94, time stamp: 0x4fe9796b

Exception code: 0xc0000005

Fault offset: 0x00087bd1

Faulting process id: 0xdd4

Faulting application start time: 0xPcSync2.exe0

Faulting application path: PcSync2.exe1

Faulting module path: PcSync2.exe2

Report Id: PcSync2.exe3

 

Error: (08/18/2014 03:58:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/17/2014 04:08:03 PM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

.

 

 

Operation:

   Instantiating VSS server

 

Error: (08/17/2014 04:08:03 PM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

]

 

 

Operation:

   Instantiating VSS server

 

Error: (08/16/2014 01:47:29 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/16/2014 01:27:12 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/16/2014 11:44:26 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/14/2014 09:26:01 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 738

 

Start Time: 01cfb7b240c93041

 

Termination Time: 0

 

Application Path: C:\Windows\explorer.exe

 

Report Id: bede0d8c-23a5-11e4-924d-54271e6b1411

 

Error: (08/14/2014 08:50:09 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (08/18/2014 05:11:36 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

 

Reported by component: Processor Core

Error Source: 3

Error Type: 9

Processor ID: 0

 

The details view of this entry contains further information.

 

Error: (08/18/2014 05:11:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee OOBE Service2 service failed to start due to the following error: 

%%2

 

Error: (08/18/2014 04:55:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: The ServiceLayer service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Error: (08/18/2014 03:58:36 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

 

Reported by component: Processor Core

Error Source: 3

Error Type: 9

Processor ID: 0

 

The details view of this entry contains further information.

 

Error: (08/18/2014 03:58:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee OOBE Service2 service failed to start due to the following error: 

%%2

 

Error: (08/17/2014 04:49:20 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.179.3065.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.5.0216.00

 

Source Path: 4.5.0216.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (08/17/2014 02:25:13 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.179.3065.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.5.0216.00

 

Source Path: 4.5.0216.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (08/16/2014 01:46:55 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)

Description: A fatal hardware error has occurred.

 

Reported by component: Processor Core

Error Source: 3

Error Type: 9

Processor ID: 0

 

The details view of this entry contains further information.

 

Error: (08/16/2014 01:46:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee OOBE Service2 service failed to start due to the following error: 

%%2

 

Error: (08/16/2014 01:42:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The SoftThinks Agent Service service terminated unexpectedly.  It has done this 1 time(s).

 

 

Microsoft Office Sessions:

=========================

Error: (08/18/2014 05:12:05 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/18/2014 04:59:17 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: PcSync2.exe9.1.180.8014fe97687NGSCM.DLL7.1.180.944fe9796bc000000500087bd1dd401cfbab182637be8C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PcSync2.exeC:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL2b2cc8d2-26a5-11e4-9809-54271e6b1411

 

Error: (08/18/2014 03:58:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/17/2014 04:08:03 PM) (Source: VSS) (EventID: 8193) (User: )

Description: CoCreateInstance0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

 

Operation:

   Instantiating VSS server

 

Error: (08/17/2014 04:08:03 PM) (Source: VSS) (EventID: 13) (User: )

Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

 

 

Operation:

   Instantiating VSS server

 

Error: (08/16/2014 01:47:29 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/16/2014 01:27:12 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/16/2014 11:44:26 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/14/2014 09:26:01 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: explorer.exe6.1.7601.1756773801cfb7b240c930410C:\Windows\explorer.exebede0d8c-23a5-11e4-924d-54271e6b1411

 

Error: (08/14/2014 08:50:09 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i7-4700MQ CPU @ 2.40GHz

Percentage of memory in use: 46%

Total physical RAM: 8077.06 MB

Available physical RAM: 4331.33 MB

Total Pagefile: 16152.3 MB

Available Pagefile: 11148.75 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:192.33 GB) (Free:119.91 GB) NTFS

Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:931.3 GB) NTFS

Drive y: (RECOVERY) (Fixed) (Total:14.1 GB) (Free:5.51 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 878BCD90)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 878BC881)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=14.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=192.3 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=32 GB) - (Type=84)

 

==================== End Of Log ============================


 

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
    
 
    
Before we start please read and note the following:
    
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.
icon_arrow.gif Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.
icon_arrow.gif Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
icon_arrow.gif If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
    
icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
 
P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

 

 

Reports aren't complete. Please run FRST again, check Addition.txt, press Scan and this time please Attach reports instead of copying them. Thanks.

Link to post
Share on other sites

FRST.gif Fix with Farbar Recovery Scan Tool
 



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.
 
 
 
 
adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.
  • Please include the contents of that file in your reply.
     
     
     
     

    51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
     
    Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.
    • First of all, select update.
    • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
    • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
    • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
    • Upon completion of the scan (or after the reboot), click the History tab.
    • Click Application Logs and double-click the newest Scan Log.
    • At the bottom click Export and choose Text file.
    Save the file to your desktop and include its content in your next reply.

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.