Jump to content

Gpu and fps drops that didnt happen a month ago


Recommended Posts

Hi I am new to the forums but I see the people here have helped a lot of users. I think there may be unwanted programs running in the background of my computer that I am unaware of. A game World of Tanks used to run at 120fps, and gpu~30% about a month ago. now it spikes up and down from 40-55fps and gpu spikes upto 100%. Can anyone help me?

Link to post
Share on other sites

Hello and welome,

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Thank you,

 

Kevin

Link to post
Share on other sites

Thank you for helping, I am unaware of p2p software or other illegal software on my computer.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Jonathan (administrator) on JPC on 16-02-2015 12:40:36
Running from C:\Users\Jonathan\Desktop
Loaded Profiles: Jonathan (Available profiles: Jonathan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanWpsSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanCU.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5119600 2012-05-11] (VIA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-3036070069-3583451209-3644060078-1000\...\RunOnce: [Adobe Speed Launcher] => 1424105062
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk
ShortcutTarget: Wireless Configuration Utility.lnk -> C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanCU.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3036070069-3583451209-3644060078-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0&ocid=iehp
URLSearchHook: HKU\S-1-5-21-3036070069-3583451209-3644060078-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5EB62251-430C-42B1-8452-09AED0611C47}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{91A77953-6792-48D9-9C32-EA1A32141313}: [NameServer] 8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Jonathan\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-01]
CHR Extension: (AdBlock) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-07]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-08-02]
CHR Extension: (Google Wallet) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05]
CHR HKLM-x32\...\Chrome\Extension: [bcjagnifjocnddgeknajocbkkhlgibem] - C:\Program Files (x86)\Chrome\surfcanyon.crx [2012-06-27]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows ® Win 7 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-08-21] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [607232 2009-07-03] (Realtek Semiconductor Corporation                           )
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-09-04] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-09-04] (Razer Inc)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-11] (Microsoft Corporation)
S3 USBPNPA; system32\drivers\CM10864.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 12:40 - 2015-02-16 12:40 - 00015109 _____ () C:\Users\Jonathan\Desktop\FRST.txt
2015-02-16 12:39 - 2015-02-16 12:40 - 00000000 ____D () C:\FRST
2015-02-16 12:39 - 2015-02-16 12:39 - 02085888 _____ (Farbar) C:\Users\Jonathan\Desktop\FRST64.exe
2015-02-15 16:12 - 2015-02-15 16:13 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-15 16:11 - 2015-02-15 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-02-15 16:11 - 2015-02-15 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-15 16:08 - 2015-02-15 16:10 - 178639264 _____ (Oracle Corporation) C:\Users\Jonathan\Downloads\jdk-8u31-windows-x64.exe
2015-02-15 16:06 - 2015-02-15 16:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-15 16:06 - 2015-02-15 16:06 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-02-15 16:06 - 2015-02-15 16:06 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-15 16:06 - 2015-02-15 16:06 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-15 16:05 - 2015-02-15 16:06 - 00000000 ____D () C:\Users\Jonathan\AppData\Local\Adobe
2015-02-12 10:15 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 10:15 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 10:15 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 10:15 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 23:57 - 2015-02-11 23:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-02-11 13:15 - 2015-02-03 22:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 13:15 - 2015-02-03 22:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 13:15 - 2015-02-03 22:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 13:15 - 2015-02-03 22:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 13:15 - 2015-02-03 22:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 13:15 - 2015-02-03 22:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 13:15 - 2015-02-03 22:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 13:15 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 13:15 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 13:15 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 13:15 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 13:15 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 13:15 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 13:15 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 13:15 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 13:15 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 13:15 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 13:15 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 13:15 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 13:15 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 13:15 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 13:15 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 13:15 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 13:15 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 13:15 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 13:15 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 13:15 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 13:15 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 13:15 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 13:15 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 13:15 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 13:15 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 13:15 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 13:15 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 13:15 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 13:15 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 13:15 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 13:15 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 13:15 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 13:15 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 13:15 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 13:15 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 13:15 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 13:15 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 13:15 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 13:15 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 13:15 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 13:15 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 13:15 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 13:15 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 13:15 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 13:15 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 13:15 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 13:15 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 13:15 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 13:15 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 13:15 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 13:15 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 13:15 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 13:15 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 13:15 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 13:15 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 13:15 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 13:15 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 13:15 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 13:15 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 13:15 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 13:15 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 13:15 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 13:15 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 13:15 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 13:15 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 13:15 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 13:15 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 13:14 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 13:14 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 13:14 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 13:14 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 13:14 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 13:14 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 13:14 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 13:14 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 13:14 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 13:14 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 13:14 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 13:14 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 13:14 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 13:14 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 13:14 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 13:14 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 13:14 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 13:14 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 13:14 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 13:14 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 13:13 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 13:13 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 13:13 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 13:13 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 13:13 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 13:13 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 13:13 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 13:13 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 13:13 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 13:13 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 13:13 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 13:13 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 13:13 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 13:13 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 13:13 - 2014-10-03 21:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 13:13 - 2014-10-03 20:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 13:13 - 2014-10-03 20:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 13:31 - 2015-02-10 13:31 - 00000000 ____D () C:\Users\Jonathan\AppData\Local\RzStats
2015-02-10 13:27 - 2015-02-10 13:27 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-02-10 13:26 - 2015-02-10 13:27 - 00000000 ____D () C:\Users\Jonathan\AppData\Local\NVIDIA Corporation
2015-02-10 13:26 - 2015-02-10 13:27 - 00000000 ____D () C:\Users\Jonathan\AppData\Local\NVIDIA
2015-02-10 13:26 - 2015-02-10 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-10 13:26 - 2015-02-10 13:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-02-10 13:26 - 2015-02-05 16:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-02-10 13:26 - 2015-02-05 16:01 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-02-10 13:26 - 2015-02-05 16:01 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-02-10 13:26 - 2015-02-05 16:01 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-02-10 13:26 - 2015-02-05 12:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-10 13:25 - 2015-02-16 11:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-10 13:25 - 2015-02-10 13:26 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 13:25 - 2015-02-05 16:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-10 13:25 - 2015-02-05 16:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-02-10 13:25 - 2015-02-05 16:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-02-10 13:25 - 2015-02-05 16:01 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-02-10 13:25 - 2015-02-05 16:01 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-10 13:25 - 2015-02-05 14:07 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-10 13:25 - 2015-02-05 14:07 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-10 13:25 - 2015-02-05 14:07 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-10 13:25 - 2015-02-05 14:07 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-10 13:25 - 2015-02-05 14:07 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-10 13:25 - 2015-02-05 14:06 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-10 13:25 - 2015-02-05 07:50 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-02-10 13:23 - 2015-02-10 13:23 - 00000000 ____D () C:\NVIDIA
2015-02-10 13:18 - 2015-02-10 13:23 - 309136440 _____ (NVIDIA Corporation) C:\Users\Jonathan\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-02-09 17:15 - 2015-02-16 11:43 - 00020534 _____ () C:\Windows\setupact.log
2015-02-09 17:15 - 2015-02-09 17:15 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-09 14:21 - 2015-02-16 11:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-09 14:21 - 2015-02-09 14:32 - 00000000 ____D () C:\Users\Jonathan\Documents\888poker
2015-02-09 14:21 - 2015-02-09 14:21 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-09 14:19 - 2015-02-09 14:19 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2015-02-05 16:05 - 2015-02-05 16:05 - 00118401 _____ () C:\Users\Jonathan\Downloads\OneDrive-2015-02-05.zip
2015-02-04 13:05 - 2015-02-04 13:05 - 00001152 _____ () C:\Users\Public\Desktop\Install Microsoft LifeCam.lnk
2015-02-02 19:45 - 2015-02-02 19:45 - 05325208 _____ (Piriform Ltd) C:\Users\Jonathan\Downloads\ccsetup502.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 12:26 - 2012-12-22 22:24 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-16 11:51 - 2009-07-13 23:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-16 11:51 - 2009-07-13 23:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 11:49 - 2009-07-14 00:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-16 11:47 - 2012-08-21 12:56 - 01174579 _____ () C:\Windows\WindowsUpdate.log
2015-02-16 11:44 - 2012-12-22 22:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-16 11:44 - 2012-09-28 11:40 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-16 11:43 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 16:29 - 2012-11-16 14:46 - 00007602 _____ () C:\Users\Jonathan\AppData\Local\Resmon.ResmonCfg
2015-02-15 16:12 - 2012-10-22 17:14 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-15 16:12 - 2012-10-22 17:14 - 00000000 ____D () C:\Program Files\Java
2015-02-15 14:53 - 2012-08-21 15:05 - 00000000 ____D () C:\Users\Jonathan\AppData\Roaming\vlc
2015-02-13 11:15 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 23:13 - 2014-01-16 07:58 - 00000000 ____D () C:\Users\Jonathan\AppData\Local\Battle.net
2015-02-12 09:40 - 2014-12-10 08:58 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 09:40 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 09:40 - 2009-07-13 23:45 - 00384856 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 23:58 - 2013-04-21 04:17 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 23:57 - 2013-08-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 23:57 - 2013-01-18 13:37 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 23:57 - 2013-01-18 13:37 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-02-11 23:57 - 2013-01-18 13:37 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 23:57 - 2013-01-18 13:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 23:54 - 2012-08-21 01:35 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 13:27 - 2012-08-21 12:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-10 13:26 - 2012-08-21 12:58 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-10 13:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Help
2015-02-09 15:32 - 2014-01-16 07:59 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-02-09 14:21 - 2012-09-28 11:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 14:21 - 2012-09-28 11:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-06 12:44 - 2014-01-16 07:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-02-05 16:01 - 2012-08-21 12:59 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-02-05 16:01 - 2012-08-21 12:59 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-02-03 22:20 - 2012-12-22 22:24 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-03 22:20 - 2012-12-22 22:24 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-02 19:47 - 2014-06-11 16:29 - 00000000 ____D () C:\Windows\Minidump
2015-02-02 19:47 - 2013-06-26 21:08 - 00000000 ____D () C:\Users\Jonathan\AppData\Roaming\Media Player Classic
 
==================== Files in the root of some directories =======
 
2013-09-02 11:38 - 2013-09-02 11:53 - 0000077 _____ () C:\Users\Jonathan\AppData\Roaming\Rim.Desktop.Exception.log
2013-09-02 11:38 - 2013-09-02 11:38 - 0001153 _____ () C:\Users\Jonathan\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-09-02 11:38 - 2013-09-02 11:53 - 0000077 _____ () C:\Users\Jonathan\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-09-02 11:49 - 2013-09-02 11:53 - 0000077 _____ () C:\Users\Jonathan\AppData\Roaming\Rim.Transcoder.Exception.log
2013-01-10 10:26 - 2013-09-02 11:49 - 0007168 _____ () C:\Users\Jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-16 14:46 - 2015-02-15 16:29 - 0007602 _____ () C:\Users\Jonathan\AppData\Local\Resmon.ResmonCfg
 
Some content of TEMP:
====================
C:\Users\Jonathan\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jonathan\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-13 11:08
 
==================== End Of Log ============================
 
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Jonathan at 2015-02-16 12:40:55
Running from C:\Users\Jonathan\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.24 - GIGABYTE)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.278 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Aslain's XVM Mod version 4.1.18 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 4.1.18 - Aslain)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4000.108 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.20 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Easy Tune 6 B12.0525.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0525.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Etron USB3.0 Host Controller (x32 Version: 0.109 - Etron Technology) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 7 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.110 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
MPC-HC 1.6.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.8.7417 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-ec7087bd-78f5-4933-bc23-ab4cb0057383) (Version:  - Epic Games, Inc.)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3036070069-3583451209-3644060078-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Void (HKLM-x32\...\Steam App 37000) (Version:  - Ice-pick Lodge)
TRENDnet TEW-641PC/TEW-643PI Wireless Cardbus/PCI Adapter (HKLM-x32\...\{A9A1B8A2-D2EC-4A05-951D-7E337B07B5C3}) (Version: 1.00.0000 - TRENDnet)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - Realtek Semiconductor Corp. (rtl819xp) Net  (07/02/2009 1676.5.0702.2009) (HKLM\...\CCCEFA182E4523A863E4A7685B35D3DC3BAE16B0) (Version: 07/02/2009 1676.5.0702.2009 - Realtek Semiconductor Corp.)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-3036070069-3583451209-3644060078-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
11-02-2015 23:53:50 Windows Update
13-02-2015 03:00:11 Windows Update
15-02-2015 16:11:19 Installed Java SE Development Kit 8 Update 31 (64-bit)
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2013-02-09 13:36 - 00000845 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00950E9B-CC24-41C4-B6C2-831E39056CA8} - System32\Tasks\{137AC537-9965-4A6A-9E21-70127F164A45} => pcalua.exe -a D:\CDSetup.exe -d D:\
Task: {05441341-0A19-4E61-AE44-489220141965} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22] (Google Inc.)
Task: {10A31AB8-B2B2-4905-BF8A-CA8101AF9637} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated)
Task: {883D51E4-4B92-4E15-9995-FBE54F00AEB7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {969C2173-B30A-45BC-B9E7-7F8978AC95BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22] (Google Inc.)
Task: {DD9B7F34-BC99-46E9-A0A5-F55EDE875FE6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E26ECAB2-2466-40EA-872D-FE98D3A70729} - System32\Tasks\{BBD3B0AE-9095-42F2-8C98-9C87018D6EC0} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsMain
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-10 13:25 - 2015-02-05 14:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-06 11:23 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-09 17:22 - 2014-12-09 17:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-09-08 20:01 - 2008-06-26 18:09 - 00167936 _____ () C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanWpsSvc.exe
2014-11-15 08:42 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-08 20:01 - 2009-12-09 17:20 - 00507904 _____ () C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanCU.exe
2012-08-21 13:03 - 2012-05-11 02:46 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-08-21 13:03 - 2012-05-11 02:46 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-09-08 20:01 - 2009-10-07 15:58 - 00376832 _____ () C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanDll.dll
2014-09-08 20:01 - 2009-09-03 09:53 - 00200704 _____ () C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WPSCtrl.dll
2012-08-21 13:03 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-02-05 18:27 - 2015-02-04 04:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-05 18:27 - 2015-02-04 04:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-05 18:27 - 2015-02-04 04:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-05 18:27 - 2015-02-04 04:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3036070069-3583451209-3644060078-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bitmeter2.lnk => C:\Windows\pss\Bitmeter2.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jonathan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: EPSON Stylus CX4200 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAEA.EXE /FU "C:\Users\Jonathan\AppData\Local\Temp\E_S5E26.tmp" /EF "HKCU"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PeerBlock => E:\PeerBlock\peerblock.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3036070069-3583451209-3644060078-500 - Administrator - Disabled)
Guest (S-1-5-21-3036070069-3583451209-3644060078-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3036070069-3583451209-3644060078-1003 - Limited - Enabled)
Jonathan (S-1-5-21-3036070069-3583451209-3644060078-1000 - Administrator - Enabled) => C:\Users\Jonathan
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/16/2015 11:45:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/15/2015 06:01:41 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (02/15/2015 02:46:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/13/2015 11:11:08 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (02/13/2015 11:10:23 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (02/13/2015 10:23:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/12/2015 09:42:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/11/2015 01:09:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/10/2015 04:46:11 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (02/10/2015 03:53:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (02/12/2015 09:50:45 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error: 
%%5
 
Error: (02/12/2015 09:50:43 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (01/22/2015 11:23:32 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ca (0x0000000000000002, 0xfffffa8008090ba0, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP012215-10077-01
 
Error: (01/22/2015 11:23:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:22:29 AM on ‎1/‎22/‎2015 was unexpected.
 
Error: (01/22/2015 07:28:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.191.3003.0).
 
Error: (01/22/2015 07:28:19 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.191.2930.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (01/20/2015 08:54:10 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ca (0x0000000000000002, 0xfffffa80080aa400, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP012015-8954-01
 
Error: (01/20/2015 08:54:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:53:14 AM on ‎1/‎20/‎2015 was unexpected.
 
Error: (01/19/2015 05:14:32 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.
 
Error: (01/15/2015 10:19:59 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.
 
 
Microsoft Office Sessions:
=========================
Error: (02/16/2015 11:45:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/15/2015 06:01:41 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2
 
Error: (02/15/2015 02:46:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/13/2015 11:11:08 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2
 
Error: (02/13/2015 11:10:23 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2
 
Error: (02/13/2015 10:23:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/12/2015 09:42:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/11/2015 01:09:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/10/2015 04:46:11 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2
 
Error: (02/10/2015 03:53:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 30%
Total physical RAM: 8154.25 MB
Available physical RAM: 5668.44 MB
Total Pagefile: 20383.43 MB
Available Pagefile: 17496.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:119.14 GB) (Free:35.2 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:1863.01 GB) (Free:294.44 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 373E3C01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 16264221)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Download Malwarebytes Anti-Malware to your desktop.


Double-click mbam-setup and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes Select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Now select > Scan > Threat scan > Scan now
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

When the scan is completed from the main GUI click on History > Application Logs. Find your scan log, the date when run will identify it. Checkmark "select" box > then hit the "view" button. The history log window will open. At the bottom of that window are two options, "Copy to clipboard" and "Export"

Select > "Copy to clipboard" that copies the full log to the windows clipboard, so at your reply you right click into the text field and select "Paste" the log is pasted (copied) to  your reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en'>https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

 

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window

In the "Scan Type" window, select Quick Scan

Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

 

1) Select the Windows key and R key together to open the "Run" function

2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

 

notepad c:\windows\debug\mrt.log

 

Next,

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very Important

 

Post those logs, also give an update on any remaining issues or concerns...

 

Thanks,

 

Kevin..

 

 

 

 

Fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015

Ran by Jonathan at 2015-02-16 15:46:03 Run:1

Running from C:\Users\Jonathan\Desktop

Loaded Profiles: Jonathan (Available profiles: Jonathan)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

start

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

URLSearchHook: HKU\S-1-5-21-3036070069-3583451209-3644060078-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File

S3 USBPNPA; system32\drivers\CM10864.sys [X]

C:\Users\Jonathan\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Jonathan\AppData\Local\Temp\nvStInst.exe

AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo

EmptyTemp:

end

 

 

 

*****************

 

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

HKU\S-1-5-21-3036070069-3583451209-3644060078-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} => value deleted successfully.

"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.

HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found. 

USBPNPA => Service deleted successfully.

C:\Users\Jonathan\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.

C:\Users\Jonathan\AppData\Local\Temp\nvStInst.exe => Moved successfully.

C:\Users\Public\.DS_Store => ":AFP_AfpInfo" ADS removed successfully.

EmptyTemp: => Removed 814.3 MB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog 15:46:10 ====


Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 2/16/2015

Scan Time: 3:54:27 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.4.1028

Malware Database: v2015.02.16.09

Rootkit Database: v2015.02.03.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Jonathan

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 338173

Time Elapsed: 4 min, 29 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 5

PUP.Optional.MyFreeze.A, HKLM\SOFTWARE\WOW6432NODE\Freeze.com, Quarantined, [e82a2cee216944f2acdfa9f07a895ca4], 

PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Quarantined, [d042fd1d5931f4420eab832606fd6799], 

PUP.Optional.Softonic.A, HKU\S-1-5-21-3036070069-3583451209-3644060078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Quarantined, [d63c8694adddf24455fc4e4cf11247b9], 

PUP.Optional.WeDownLoadManager.A, HKU\S-1-5-21-3036070069-3583451209-3644060078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEDLMNGR, Quarantined, [72a0ce4c4248e155f86f1f917f8403fd], 

PUP.Optional.InstallCore.A, HKU\S-1-5-21-3036070069-3583451209-3644060078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [0b07dd3dfe8ce35340fc47a906fe639d], 

 

Registry Values: 1

PUP.Optional.InstallCore.A, HKU\S-1-5-21-3036070069-3583451209-3644060078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1X2T1J1I1M0X1N1KtGtBtF1HtG0B, Quarantined, [0b07dd3dfe8ce35340fc47a906fe639d]

 

Registry Data: 0

(No malicious items detected)

 

Folders: 1

PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, Quarantined, [ac66e3376f1b072f8f5fdf7a0003e61a], 

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

Do i need java on my computer? i do not directly use it that i am aware of

Link to post
Share on other sites
# AdwCleaner v4.110 - Logfile created 16/02/2015 at 16:05:58

# Updated 05/02/2015 by Xplode

# Database : 2015-02-14.2 [server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Jonathan - JPC

# Running from : C:\Users\Jonathan\Downloads\AdwCleaner.exe

# Option : Cleaning

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\ProgramData\surf and keepe

Folder Deleted : C:\ProgramData\5017abbc3833385b

Folder Deleted : C:\Program Files (x86)\surf and keepe

 

***** [ Scheduled tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\IGearSettings

Key Deleted : HKLM\SOFTWARE\PIP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Link to post
Share on other sites
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.2 (02.02.2015:1)

OS: Windows 7 Home Premium x64

Ran by Jonathan on Mon 02/16/2015 at 16:12:09.97

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller_RASMANCS

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 02/16/2015 at 16:13:53.03

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites
------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)

Started On Wed Feb 11 23:54:28 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.3593.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 23:57:18 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)

Started On Mon Feb 16 16:16:42 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.3593.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 16:19:49 2015

 

 

Return code: 0 (0x0)
Link to post
Share on other sites

Regarding Java, is up to you whether to keep or not. If you want it ensure you have the latest update, if you prefer not to keep it, uninstall any outdated versions you have.

 

What is the current status of your system, any remaining issues or concerns?

 

Run this please:

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)
Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

If Security Check will not run or you get an alert saying it is not supported, Re-boot your PC then try again...
 

Kevin...

Link to post
Share on other sites
 Results of screen317's Security Check version 0.99.96  

 Windows 7 Service Pack 1 x64 (UAC is disabled!)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 AVG PC TuneUp Language Pack (en-US) 

 Java 8 Update 31  

 Java version 32-bit out of Date! 

  Java 64-bit 8 Update 31  

 Adobe Flash Player 16.0.0.257  

 Adobe Reader XI  

 Google Chrome (40.0.2214.111) 

 Google Chrome (40.0.2214.94) 

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Microsoft Security Essentials msseces.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 24% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 

 

 

The spikes were happening again, tabs open were WoT game and chrome. I had been playing for an hour without any trouble then it lasted ~5mins. My C drive is an ssd
Link to post
Share on other sites

I see UAC is disabled, I guess that has been done by choice.. Java is showing as outdated, if you intend to keep java is essential to keep it updated..

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. <<-- Very Important

 

tabs open were WoT game and chrome

 

Does that mean Chrome was open, you have a game running in Chrome and WOT open (Web of Trust?)

Link to post
Share on other sites
  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.