Jump to content

Recommended Posts

i have had trouble with the net since connected.. I rang optus and they said i have been uploading a HUGE amount lately. I have not uploaded anything really. not even used it.

 

I did a highjackthis scan

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 5:35:38 PM, on 16/02/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
 
 
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Users\Owner\Downloads\HijackThis.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Program Files (x86)\Opera\27.0.1689.69\opera.exe
C:\Windows\SysWOW64\DllHost.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 9485 bytes
 
 
i dunno what to do now after scanning
Link to post
Share on other sites

Hello Prixy_Lee, welcome to Malwarebytes' Malware Removal forum!
 
My name is Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. smile.png
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable at times.   
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • I will notify you when I believe your computer is free of malware. Please bear in mind, absence of symptoms does not necessarily correlate to absence of malware, so please wait until the "All Clean". 
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 

======================================================
 
Please run the following scans so I can ascertain the state of your computer.
 
STEP 1
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 

 
STEP 2

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe or FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 3
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Attach (not copy/paste) the file in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM log
  • FRST.txt
  • Addition.txt
  • TDSSKiller log (attached!)
Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 16/02/2015

Scan Time: 6:33:29 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.4.1028

Malware Database: v2015.02.16.03

Rootkit Database: v2015.02.03.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Owner

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 334583

Time Elapsed: 10 min, 0 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

First log 1

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Owner (administrator) on OWNER-PC on 16-02-2015 18:48:33
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
 
Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-12-17]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-10-02] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-06] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-06] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-14] ()
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [47112 2014-08-19] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [843448 2014-12-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-06] (NVIDIA Corporation)
S3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2013-11-15] (Razer Inc)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [30888 2013-11-15] (Razer Inc)
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
R4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 18:48 - 2015-02-16 18:48 - 00020240 _____ () C:\Users\Owner\Downloads\FRST.txt
2015-02-16 18:47 - 2015-02-16 18:48 - 00000000 ____D () C:\FRST
2015-02-16 18:47 - 2015-02-16 18:47 - 02085888 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2015-02-16 18:31 - 2015-02-16 18:31 - 00002334 _____ () C:\Users\Owner\Desktop\Safe Money.lnk
2015-02-16 18:30 - 2015-02-16 18:30 - 00002132 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-02-16 18:30 - 2015-02-16 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-02-16 18:30 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-02-16 18:29 - 2015-02-16 18:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-16 18:29 - 2015-02-16 18:29 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-02-16 18:29 - 2015-02-16 18:29 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-02-16 18:29 - 2014-12-13 18:21 - 00843448 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-16 18:29 - 2014-11-28 18:19 - 00151240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-16 18:29 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-16 18:12 - 2015-02-16 18:22 - 196612224 _____ (Kaspersky Lab) C:\Users\Owner\Downloads\kis15.0.2.361en.exe
2015-02-16 17:35 - 2015-02-16 17:35 - 00009486 _____ () C:\Users\Owner\Desktop\hijackthis.log
2015-02-16 17:27 - 2015-02-16 17:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HijackThis.exe
2015-02-14 23:29 - 2015-02-14 23:29 - 00002306 _____ () C:\Windows\PFRO.log
2015-02-14 23:23 - 2015-02-14 23:23 - 01533584 _____ () C:\Users\Owner\Downloads\battlelog-web-plugins_2.6.2_157 (1).exe
2015-02-14 23:23 - 2015-02-14 23:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\ESN
2015-02-14 23:14 - 2015-02-14 23:14 - 00018473 _____ () C:\Windows\DirectX.log
2015-02-14 17:24 - 2015-02-14 17:24 - 842945520 _____ () C:\Windows\MEMORY.DMP
2015-02-14 17:24 - 2015-02-14 17:24 - 00262144 _____ () C:\Windows\Minidump\021415-23836-01.dmp
2015-02-13 16:53 - 2015-02-15 18:39 - 00000000 ____D () C:\Users\Owner\AppData\Local\NVIDIA
2015-02-13 16:53 - 2015-02-13 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-13 16:53 - 2015-02-06 07:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-02-13 16:53 - 2015-02-06 07:01 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-02-13 16:53 - 2015-02-06 07:01 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-02-13 16:53 - 2015-02-06 07:01 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-02-13 16:52 - 2015-02-06 03:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-13 16:51 - 2015-02-13 16:51 - 00000000 ____D () C:\NVIDIA
2015-02-13 16:51 - 2015-02-06 07:01 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-02-13 16:51 - 2015-02-06 07:01 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-02-13 16:51 - 2015-02-06 07:01 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-02-13 16:45 - 2015-02-13 16:49 - 309136440 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-02-13 16:41 - 2015-02-13 16:41 - 01005568 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\dotNetFx45_Full_setup.exe
2015-02-13 16:40 - 2015-02-13 16:40 - 07186992 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\vcredist_x64 (2).exe
2015-02-13 16:40 - 2015-02-13 16:40 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-02-13 16:40 - 2015-02-13 16:40 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-13 16:39 - 2015-02-13 16:39 - 00292184 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\dxwebsetup.exe
2015-02-13 16:34 - 2015-02-13 16:35 - 45099266 _____ () C:\Users\Owner\Downloads\DirectX_11_Technology_Update_US (1).zip
2015-02-13 16:32 - 2015-02-13 16:32 - 00000000 ____D () C:\Users\Owner\Downloads\DirectX_11_Technology_Update_US
2015-02-13 16:30 - 2015-02-13 16:31 - 45099266 _____ () C:\Users\Owner\Downloads\DirectX_11_Technology_Update_US.zip
2015-02-13 16:16 - 2015-02-13 16:16 - 07186992 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\vcredist_x64 (1).exe
2015-02-13 16:11 - 2015-02-13 16:11 - 07186992 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\vcredist_x64.exe
2015-02-12 16:51 - 2015-01-23 14:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 16:51 - 2015-01-23 14:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 16:51 - 2015-01-23 13:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 16:51 - 2015-01-23 13:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 19:33 - 2015-02-11 19:35 - 67350808 _____ (Logitech Inc.) C:\Users\Owner\Downloads\LGS_8.57.145_x64_Logitech.exe
2015-02-11 19:31 - 2015-02-11 19:33 - 63059552 _____ (Logitech Inc.) C:\Users\Owner\Downloads\LGS_8.57.145_x86_Logitech.exe
2015-02-11 19:11 - 2015-02-04 13:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 19:11 - 2015-02-04 13:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 19:11 - 2015-02-04 13:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 19:11 - 2015-02-04 13:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 19:11 - 2015-02-04 13:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 19:11 - 2015-02-04 13:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 19:11 - 2015-02-04 13:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 19:11 - 2015-01-28 09:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 19:11 - 2015-01-14 15:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 19:11 - 2015-01-14 15:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 19:11 - 2015-01-12 13:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 19:11 - 2015-01-12 13:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 19:11 - 2015-01-12 13:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 19:11 - 2015-01-12 12:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 19:11 - 2015-01-12 12:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 19:11 - 2015-01-12 12:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 19:11 - 2015-01-12 12:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 19:11 - 2015-01-12 12:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 19:11 - 2015-01-12 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 19:11 - 2015-01-12 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 19:11 - 2015-01-12 12:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 19:11 - 2015-01-12 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 19:11 - 2015-01-12 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 19:11 - 2015-01-12 12:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 19:11 - 2015-01-12 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 19:11 - 2015-01-12 12:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 19:11 - 2015-01-12 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 19:11 - 2015-01-12 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 19:11 - 2015-01-12 12:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 19:11 - 2015-01-12 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 19:11 - 2015-01-12 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 19:11 - 2015-01-12 12:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 19:11 - 2015-01-12 12:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 19:11 - 2015-01-12 12:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 19:11 - 2015-01-12 12:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 19:11 - 2015-01-12 12:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 19:11 - 2015-01-12 12:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 19:11 - 2015-01-12 11:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 19:11 - 2015-01-12 11:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 19:11 - 2015-01-12 11:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 19:11 - 2015-01-12 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 19:11 - 2015-01-12 11:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 19:11 - 2015-01-12 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 19:11 - 2015-01-12 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 19:11 - 2015-01-12 11:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 19:11 - 2015-01-12 11:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 19:11 - 2015-01-12 11:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 19:11 - 2015-01-12 11:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 19:11 - 2015-01-12 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 19:11 - 2015-01-12 11:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 19:11 - 2015-01-12 11:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 19:11 - 2015-01-12 11:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 19:11 - 2015-01-12 11:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 19:11 - 2015-01-12 11:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 19:11 - 2015-01-12 11:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 19:11 - 2015-01-12 11:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 19:11 - 2015-01-12 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 19:11 - 2015-01-12 11:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 19:11 - 2015-01-12 10:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 19:11 - 2015-01-12 10:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 19:11 - 2015-01-10 16:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 19:11 - 2015-01-10 16:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 19:11 - 2015-01-10 16:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 19:11 - 2015-01-10 16:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 19:11 - 2015-01-10 16:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 19:11 - 2015-01-10 16:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 19:11 - 2015-01-10 16:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 19:11 - 2015-01-10 16:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 19:11 - 2015-01-10 16:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 19:11 - 2015-01-10 16:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 19:11 - 2015-01-10 16:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 19:11 - 2015-01-10 16:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 19:11 - 2015-01-10 16:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 19:11 - 2015-01-10 16:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 19:09 - 2015-01-15 18:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 19:09 - 2015-01-15 18:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 19:09 - 2015-01-15 18:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 19:09 - 2015-01-15 18:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 19:09 - 2015-01-15 18:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 19:09 - 2015-01-15 18:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 19:09 - 2015-01-15 18:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 19:09 - 2015-01-15 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 19:09 - 2015-01-15 18:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 19:09 - 2015-01-15 18:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 19:09 - 2015-01-15 18:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 19:09 - 2015-01-15 17:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 19:09 - 2015-01-15 17:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 19:09 - 2015-01-15 17:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 19:09 - 2015-01-15 17:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 19:09 - 2015-01-15 17:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 19:09 - 2015-01-15 17:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 19:09 - 2015-01-15 14:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 19:09 - 2015-01-14 16:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 19:09 - 2015-01-14 16:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 19:09 - 2015-01-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 19:09 - 2015-01-14 16:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 19:09 - 2015-01-14 15:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 19:09 - 2015-01-14 15:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 19:09 - 2015-01-14 15:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 19:09 - 2015-01-13 13:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 19:09 - 2015-01-13 12:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 19:09 - 2015-01-09 12:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 19:09 - 2014-12-12 15:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 19:09 - 2014-12-12 15:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 19:09 - 2014-12-08 13:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 19:09 - 2014-12-08 12:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 19:09 - 2014-11-26 13:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 19:09 - 2014-11-26 13:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 19:09 - 2014-10-04 12:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 19:09 - 2014-10-04 11:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 19:09 - 2014-10-04 11:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 19:09 - 2014-07-07 12:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 19:09 - 2014-07-07 12:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 19:09 - 2014-07-07 11:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 19:09 - 2014-07-07 11:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 15:32 - 2015-02-11 15:32 - 01533584 _____ () C:\Users\Owner\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-11 15:27 - 2015-02-06 07:01 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-11 15:26 - 2015-02-06 07:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-11 15:26 - 2015-02-06 07:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-10 22:39 - 2015-02-16 18:21 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F6417A24-7102-47A2-A9A0-861C30ACA1A6}
2015-02-10 22:32 - 2015-02-12 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-10 22:32 - 2015-02-12 03:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 10:48 - 2015-02-16 16:35 - 00005100 _____ () C:\Windows\setupact.log
2015-02-10 10:48 - 2015-02-10 10:48 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-09 15:20 - 2015-02-09 15:20 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2015-01-30 12:54 - 2015-01-30 12:54 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-30 12:54 - 2015-01-30 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-30 12:53 - 2015-01-30 12:54 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-30 12:53 - 2015-01-30 12:54 - 00000000 ____D () C:\Program Files\iTunes
2015-01-30 12:53 - 2015-01-30 12:54 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-30 12:53 - 2015-01-30 12:53 - 00000000 ____D () C:\Program Files\iPod
2015-01-30 12:51 - 2015-01-30 12:51 - 00000000 ____D () C:\Program Files\Bonjour
2015-01-30 12:51 - 2015-01-30 12:51 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-01-28 09:58 - 2015-01-29 23:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-28 09:58 - 2015-01-29 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 18:33 - 2014-03-27 11:21 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-16 18:25 - 2013-06-28 15:21 - 01974022 _____ () C:\Windows\WindowsUpdate.log
2015-02-16 17:51 - 2013-09-11 18:14 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-16 16:42 - 2009-07-14 15:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-16 16:42 - 2009-07-14 14:45 - 00028896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-16 16:42 - 2009-07-14 14:45 - 00028896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 16:37 - 2013-08-03 15:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-16 16:35 - 2013-06-28 16:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-16 16:35 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 20:41 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-15 20:25 - 2014-03-21 15:12 - 00000000 ____D () C:\ProgramData\Origin
2015-02-15 19:26 - 2014-03-14 17:27 - 00000024 _____ () C:\Users\Owner\random.dat
2015-02-15 19:15 - 2014-03-14 17:27 - 00000024 _____ () C:\Users\Owner\jagexappletviewer.preferences
2015-02-15 19:14 - 2014-03-14 17:27 - 00000044 _____ () C:\Users\Owner\jagex_cl_runescape_LIVE.dat
2015-02-15 18:43 - 2014-10-10 14:22 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-15 18:38 - 2014-03-21 15:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-14 23:29 - 2014-04-22 06:43 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-14 23:27 - 2014-07-02 17:26 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-02-14 23:27 - 2013-08-03 17:02 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-14 23:14 - 2014-10-10 14:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-14 17:24 - 2013-09-17 17:40 - 00000000 ____D () C:\Windows\Minidump
2015-02-13 16:56 - 2014-03-11 20:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\NVIDIA Corporation
2015-02-13 16:56 - 2013-06-28 16:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-13 16:53 - 2013-06-28 16:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-13 16:53 - 2013-06-28 16:07 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-13 16:21 - 2014-08-02 23:28 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2015-02-13 10:28 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 03:13 - 2014-09-13 16:19 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399705257
2015-02-12 03:13 - 2014-05-10 17:00 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-12 03:08 - 2009-07-14 14:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 03:06 - 2014-12-11 02:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:06 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 03:04 - 2014-04-22 06:42 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 19:37 - 2014-03-03 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-02-11 19:37 - 2014-03-03 17:32 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2015-02-10 22:30 - 2013-06-28 16:08 - 00000000 ____D () C:\temp
2015-02-10 22:28 - 2014-03-04 17:26 - 00000000 ____D () C:\Users\Owner\Downloads\downloaded
2015-02-10 22:28 - 2013-09-19 00:14 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2015-02-10 22:26 - 2013-08-03 17:06 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-02-10 22:26 - 2013-06-28 15:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-10 22:26 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-10 22:17 - 2014-05-31 12:12 - 00000000 ____D () C:\ProgramData\Skype
2015-02-10 22:16 - 2014-07-09 15:01 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-10 22:15 - 2013-09-15 15:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2015-02-06 07:01 - 2013-09-09 18:48 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-06 07:01 - 2013-09-09 18:48 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-06 07:01 - 2013-09-09 18:48 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-06 07:01 - 2013-06-28 16:08 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-02-06 07:01 - 2013-06-28 16:08 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-02-06 07:01 - 2013-06-28 16:08 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-06 07:01 - 2013-06-28 16:07 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-06 05:07 - 2013-06-28 16:08 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-06 05:07 - 2013-06-28 16:08 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-06 05:07 - 2013-06-28 16:08 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-06 05:07 - 2013-06-28 16:08 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-06 05:07 - 2013-06-28 16:08 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-06 05:06 - 2013-06-28 16:08 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 22:50 - 2013-06-28 16:08 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-30 19:32 - 2014-10-14 14:34 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-30 19:30 - 2014-11-11 12:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-30 19:30 - 2014-11-11 12:47 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-30 12:53 - 2014-06-15 18:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-30 12:53 - 2014-06-15 18:03 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-30 01:38 - 2013-09-09 18:52 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-29 23:04 - 2014-07-09 15:26 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
 
==================== Files in the root of some directories =======
 
2014-08-02 21:42 - 2014-08-02 21:47 - 0034816 _____ () C:\Users\Owner\AppData\Roaming\RZR_0010d4fe43d3baceb98a499d228b.db
 
Files to move or delete:
====================
C:\Users\Owner\jagex_cl_runescape_LIVE.dat
C:\Users\Owner\jagex_cl_runescape_LIVE1.dat
C:\Users\Owner\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Owner\AppData\Local\Temp\nvStInst.exe
C:\Users\Owner\AppData\Local\Temp\sonarinst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-13 10:21
 
==================== End Of Log ============================
Link to post
Share on other sites

Addition

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Owner at 2015-02-16 18:48:48
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3181306586-3482173347-3556528193-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
12-02-2015 03:00:14 Windows Update
12-02-2015 23:57:49 Windows Update
13-02-2015 16:11:29 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
13-02-2015 16:40:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
14-02-2015 03:00:11 Windows Update
14-02-2015 23:13:13 Installed DirectX
15-02-2015 03:00:11 Windows Update
15-02-2015 10:50:22 Windows Update
15-02-2015 20:48:12 Windows Update
16-02-2015 16:28:27 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {070DF1C9-6B39-4414-A138-6E1B0003A29A} - System32\Tasks\{14B0C3FF-AB69-483A-9396-1E94670F3BDD} => C:\Program Files (x86)\Telstra Turbo Connection Manager\Telstra Turbo Connection Manager.exe
Task: {29094C7C-DAAC-4A83-8B8C-65A86D327CC7} - System32\Tasks\{19D82375-5E0E-4253-AD01-0B8CB7F2F6F1} => pcalua.exe -a "C:\Program Files (x86)\Spy Cleaner Gold\Spy Cleaner Gold.exe" -d C:\Users\Owner\Desktop
Task: {354768C8-DB5F-4B59-9A3E-96287E9B5DA1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-22] (Piriform Ltd)
Task: {61C92C66-8891-45C3-8B6A-0691A6C4F2DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BC7D74AB-8FAC-4844-8152-30AE52F12C63} - \Dealply No Task File <==== ATTENTION
Task: {D5677C97-2C4A-4B03-834F-241DA7D140A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D8921C81-F208-47C9-AF6E-8F8105029A55} - System32\Tasks\Opera scheduled Autoupdate 1399705257 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software)
 
==================== Loaded Modules (whitelisted) ==============
 
2013-06-28 16:08 - 2015-02-06 05:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-02 17:26 - 2015-02-14 23:27 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-12 17:29 - 2014-08-12 17:28 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-09-18 17:23 - 2014-09-18 17:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-15 04:51 - 2014-10-15 04:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 17:23 - 2014-09-18 17:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-15 04:51 - 2014-10-15 04:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-09-11 18:20 - 2014-08-25 20:06 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2015-02-12 03:13 - 2015-02-12 03:13 - 00552056 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\opera_crashreporter.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-12 17:29 - 2014-08-12 17:28 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-02-05 21:00 - 2014-08-25 20:06 - 01654296 _____ () C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
2015-02-12 03:13 - 2015-02-12 03:13 - 01408632 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\libglesv2.dll
2015-02-12 03:13 - 2015-02-12 03:13 - 00219256 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\libegl.dll
2015-02-12 03:13 - 2015-02-12 03:13 - 09510520 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3181306586-3482173347-3556528193-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3181306586-3482173347-3556528193-500 - Administrator - Disabled)
Guest (S-1-5-21-3181306586-3482173347-3556528193-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3181306586-3482173347-3556528193-1003 - Limited - Enabled)
Owner (S-1-5-21-3181306586-3482173347-3556528193-1000 - Administrator - Enabled) => C:\Users\Owner
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/16/2015 04:37:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/16/2015 04:18:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/15/2015 04:51:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/15/2015 04:50:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (02/15/2015 04:50:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (02/15/2015 04:50:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (02/15/2015 01:06:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/14/2015 11:30:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/14/2015 05:26:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/13/2015 05:03:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bf4.exe version 1.4.2.23831 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 7e0
 
Start Time: 01d0475a57f24d86
 
Termination Time: 130
 
Application Path: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
 
Report Id:
 
 
System errors:
=============
Error: (02/16/2015 06:29:54 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
 
Error: (02/16/2015 06:29:54 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
 
Error: (02/16/2015 05:09:52 PM) (Source: Schannel) (EventID: 4116) (User: Owner-PC)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is autoupdate.geo.opera.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (02/16/2015 05:09:52 PM) (Source: Schannel) (EventID: 4120) (User: Owner-PC)
Description: The following fatal alert was generated: 43. The internal error state is 552.
 
Error: (02/16/2015 05:09:46 PM) (Source: Schannel) (EventID: 4116) (User: Owner-PC)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is autoupdate.geo.opera.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (02/16/2015 05:09:46 PM) (Source: Schannel) (EventID: 4120) (User: Owner-PC)
Description: The following fatal alert was generated: 43. The internal error state is 552.
 
Error: (02/16/2015 05:09:41 PM) (Source: Schannel) (EventID: 4116) (User: Owner-PC)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is autoupdate.geo.opera.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (02/16/2015 05:09:41 PM) (Source: Schannel) (EventID: 4120) (User: Owner-PC)
Description: The following fatal alert was generated: 43. The internal error state is 552.
 
Error: (02/16/2015 04:28:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 for x64-based Systems (KB971033).
 
Error: (02/15/2015 08:48:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 for x64-based Systems (KB971033).
 
 
Microsoft Office Sessions:
=========================
Error: (02/16/2015 04:37:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/16/2015 04:18:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/15/2015 04:51:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/15/2015 04:50:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (02/15/2015 04:50:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (02/15/2015 04:50:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (02/15/2015 01:06:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/14/2015 11:30:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/14/2015 05:26:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (02/13/2015 05:03:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.4.2.238317e001d0475a57f24d86130C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 19%
Total physical RAM: 16327.34 MB
Available physical RAM: 13081.27 MB
Total Pagefile: 32652.87 MB
Available Pagefile: 29043.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:136.61 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9F813465)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Thank you. 

 

Please consider the following, and proceed with the instructions below.
 

goGMWSt.gifMultiple Anti-Virus Software Installed
 
------------------------------
 
It is inadvisable to have more than one Anti-Virus installed on your computer at the same time. Doing so may:

  • Cause conflicts, negatively impacting the effectiveness of each Anti-Virus installed. 
  • Trigger false-positives.
  • Trigger false-negatives, where neither programme detects malware. 
  • Cause system instability/performance issues. Your system may lock up or slow down due to both software attempting to access the same file at the same time. 
Please uninstall AVG 2014 using the instructions below.

 
STEP 1
6JO0hXH.png Revo Uninstaller

  • Please download and install Revo Uninstaller.
  • Double-Click Revo Uninstaller to run the programme. 
  • From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.
    • AVG 2014
    • AVG Security Toolbar 
  • Double-Click the programme. 
  • When prompted if you want to uninstall click Yes.
  • Ensure the Moderate option is selected and click Next.
  • The programme uninstaller will run. If prompted again click Yes.
  • Work your way through the uninstaller, ensuring you read each page thoroughly.
  • Note: If you are offered the choice to install additional software, ensure you decline
  • Once the built-in uninstaller is finished click Next.
  • Once the programme has searched for leftovers click Next.
  • Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.
  • When prompted click Yes, followed by Next.
  • Click Select all, followed by Delete.
  • When prompted click Yes, followed by Next.
  • Upon completion, click Finish.
  • In your next reply, confirm you were successful in uninstalling all programmes listed above. 
     

STEP 2
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Create a System Restore Point. For instructions, please refer to the following link (W7).
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 3
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 
 
STEP 4
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================

STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did the programmes uninstall successfully?
  • JRT.txt
  • AdwCleaner[s0].txt
  • FRST.txt
  • Addition.txt
Link to post
Share on other sites

1.yes unistalled.

 

2. # AdwCleaner v4.110 - Logfile created 16/02/2015 at 19:48:52

# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : vToolbarUpdater18.1.9
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Folder Deleted : C:\Program Files\002
Folder Deleted : C:\Users\Owner\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Owner\AppData\LocalLow\AVG Secure Search
 
***** [ Scheduled tasks ] *****
 
Task Deleted : Dealply
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\115C6526B05609952AB1C87ACA053FEB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A93AE7EBC5B6D65D835F3062297F148
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B3AC1089BC9C1C5A9750316017EA5D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF767AE36C8829547ACD71A4249A42B9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B86779929E3507352B061D4EF922EBA6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FC6BF115B02E27354AAFD44E1670EE11
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\526AB318AF0B8D84B9579557C9882C91
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
 
-\\ Mozilla Firefox v
 
 
-\\ Opera v27.0.1689.69
 
 
*************************
 
AdwCleaner[R0].txt - [7365 bytes] - [16/02/2015 19:44:23]
AdwCleaner[R1].txt - [7424 bytes] - [16/02/2015 19:48:06]
AdwCleaner[s0].txt - [7353 bytes] - [16/02/2015 19:48:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7412  bytes] ##########
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.2 (02.02.2015:1)

OS: Windows 7 Home Premium x64

Ran by Owner on Mon 16/02/2015 at 19:40:20.68

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\Windows\prefetch\TOOLBARUPDATER.EXE-678CD7F9.pf

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 16/02/2015 at 19:43:14.55

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015

Ran by Owner (administrator) on OWNER-PC on 16-02-2015 19:58:00

Running from C:\Users\Owner\Downloads

Loaded Profiles: Owner (Available profiles: Owner)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Opera)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool:

CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

 

Opera: 

=======

OPR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-12-17]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-10-02] (EasyAntiCheat Ltd)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-06] (NVIDIA Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-06] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-06] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-24] (Electronic Arts)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-14] ()

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-14] ()

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [47112 2014-08-19] (Kaspersky Lab ZAO)

R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)

R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [843448 2014-12-13] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-16] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-06] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-06] (NVIDIA Corporation)

S3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2013-11-15] (Razer Inc)

S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)

S3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [30888 2013-11-15] (Razer Inc)

S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]

U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

S3 RTL8192cu; system32\DRIVERS\rtwlanu.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-16 19:52 - 2015-02-16 19:52 - 02112512 _____ () C:\Users\Owner\Downloads\AdwCleaner (1).exe

2015-02-16 19:46 - 2015-02-16 19:46 - 00007365 _____ () C:\Users\Owner\Desktop\AdwCleaner[R0].txt

2015-02-16 19:44 - 2015-02-16 19:48 - 00000000 ____D () C:\AdwCleaner

2015-02-16 19:43 - 2015-02-16 19:44 - 02112512 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe

2015-02-16 19:43 - 2015-02-16 19:43 - 00001301 _____ () C:\Users\Owner\Desktop\JRT.txt

2015-02-16 19:39 - 2015-02-16 19:39 - 01388274 _____ (Thisisu) C:\Users\Owner\Downloads\JRT.exe

2015-02-16 18:50 - 2015-02-16 18:50 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Downloads\tdsskiller.exe

2015-02-16 18:48 - 2015-02-16 19:58 - 00016508 _____ () C:\Users\Owner\Downloads\FRST.txt

2015-02-16 18:48 - 2015-02-16 18:49 - 00024853 _____ () C:\Users\Owner\Downloads\Addition.txt

2015-02-16 18:47 - 2015-02-16 19:58 - 00000000 ____D () C:\FRST

2015-02-16 18:47 - 2015-02-16 18:47 - 02085888 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe

2015-02-16 18:31 - 2015-02-16 18:31 - 00002334 _____ () C:\Users\Owner\Desktop\Safe Money.lnk

2015-02-16 18:30 - 2015-02-16 18:30 - 00002132 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk

2015-02-16 18:30 - 2015-02-16 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security

2015-02-16 18:30 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll

2015-02-16 18:29 - 2015-02-16 19:50 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2015-02-16 18:29 - 2015-02-16 18:29 - 00000000 ____D () C:\Windows\ELAMBKUP

2015-02-16 18:29 - 2015-02-16 18:29 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab

2015-02-16 18:29 - 2014-12-13 18:21 - 00843448 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys

2015-02-16 18:29 - 2014-11-28 18:19 - 00151240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys

2015-02-16 18:29 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys

2015-02-16 18:12 - 2015-02-16 18:22 - 196612224 _____ (Kaspersky Lab) C:\Users\Owner\Downloads\kis15.0.2.361en.exe

2015-02-16 17:35 - 2015-02-16 17:35 - 00009486 _____ () C:\Users\Owner\Desktop\hijackthis.log

2015-02-16 17:27 - 2015-02-16 17:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HijackThis.exe

2015-02-14 23:29 - 2015-02-16 19:49 - 00022088 _____ () C:\Windows\PFRO.log

2015-02-14 23:23 - 2015-02-14 23:23 - 01533584 _____ () C:\Users\Owner\Downloads\battlelog-web-plugins_2.6.2_157 (1).exe

2015-02-14 23:23 - 2015-02-14 23:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\ESN

2015-02-14 23:14 - 2015-02-14 23:14 - 00018473 _____ () C:\Windows\DirectX.log

2015-02-14 17:24 - 2015-02-14 17:24 - 842945520 _____ () C:\Windows\MEMORY.DMP

2015-02-14 17:24 - 2015-02-14 17:24 - 00262144 _____ () C:\Windows\Minidump\021415-23836-01.dmp

2015-02-13 16:53 - 2015-02-15 18:39 - 00000000 ____D () C:\Users\Owner\AppData\Local\NVIDIA

2015-02-13 16:53 - 2015-02-13 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-02-13 16:53 - 2015-02-06 07:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2015-02-13 16:53 - 2015-02-06 07:01 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2015-02-13 16:53 - 2015-02-06 07:01 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2015-02-13 16:53 - 2015-02-06 07:01 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2015-02-13 16:52 - 2015-02-06 03:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2015-02-13 16:51 - 2015-02-13 16:51 - 00000000 ____D () C:\NVIDIA

2015-02-13 16:51 - 2015-02-06 07:01 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2015-02-13 16:51 - 2015-02-06 07:01 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2015-02-13 16:51 - 2015-02-06 07:01 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2015-02-13 16:45 - 2015-02-13 16:49 - 309136440 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\347.52-desktop-win8-win7-winvista-64bit-international-whql.exe

2015-02-13 16:41 - 2015-02-13 16:41 - 01005568 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\dotNetFx45_Full_setup.exe

2015-02-13 16:40 - 2015-02-13 16:40 - 07186992 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\vcredist_x64 (2).exe

2015-02-13 16:40 - 2015-02-13 16:40 - 00000000 ___HD () C:\Windows\msdownld.tmp

2015-02-13 16:40 - 2015-02-13 16:40 - 00000000 ____D () C:\Windows\SysWOW64\directx

2015-02-13 16:39 - 2015-02-13 16:39 - 00292184 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\dxwebsetup.exe

2015-02-13 16:34 - 2015-02-13 16:35 - 45099266 _____ () C:\Users\Owner\Downloads\DirectX_11_Technology_Update_US (1).zip

2015-02-13 16:32 - 2015-02-13 16:32 - 00000000 ____D () C:\Users\Owner\Downloads\DirectX_11_Technology_Update_US

2015-02-13 16:30 - 2015-02-13 16:31 - 45099266 _____ () C:\Users\Owner\Downloads\DirectX_11_Technology_Update_US.zip

2015-02-13 16:16 - 2015-02-13 16:16 - 07186992 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\vcredist_x64 (1).exe

2015-02-13 16:11 - 2015-02-13 16:11 - 07186992 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\vcredist_x64.exe

2015-02-12 16:51 - 2015-01-23 14:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-02-12 16:51 - 2015-01-23 14:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-02-12 16:51 - 2015-01-23 13:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-02-12 16:51 - 2015-01-23 13:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-02-11 19:33 - 2015-02-11 19:35 - 67350808 _____ (Logitech Inc.) C:\Users\Owner\Downloads\LGS_8.57.145_x64_Logitech.exe

2015-02-11 19:31 - 2015-02-11 19:33 - 63059552 _____ (Logitech Inc.) C:\Users\Owner\Downloads\LGS_8.57.145_x86_Logitech.exe

2015-02-11 19:11 - 2015-02-04 13:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-02-11 19:11 - 2015-02-04 13:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-02-11 19:11 - 2015-02-04 13:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-02-11 19:11 - 2015-02-04 13:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-02-11 19:11 - 2015-02-04 13:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-02-11 19:11 - 2015-02-04 13:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-02-11 19:11 - 2015-02-04 13:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-02-11 19:11 - 2015-01-28 09:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2015-02-11 19:11 - 2015-01-14 15:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-02-11 19:11 - 2015-01-14 15:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-02-11 19:11 - 2015-01-12 13:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-02-11 19:11 - 2015-01-12 13:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-02-11 19:11 - 2015-01-12 13:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-02-11 19:11 - 2015-01-12 12:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-02-11 19:11 - 2015-01-12 12:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-02-11 19:11 - 2015-01-12 12:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-02-11 19:11 - 2015-01-12 12:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-02-11 19:11 - 2015-01-12 12:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-02-11 19:11 - 2015-01-12 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-02-11 19:11 - 2015-01-12 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-02-11 19:11 - 2015-01-12 12:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-02-11 19:11 - 2015-01-12 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-02-11 19:11 - 2015-01-12 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-02-11 19:11 - 2015-01-12 12:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-02-11 19:11 - 2015-01-12 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-02-11 19:11 - 2015-01-12 12:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-02-11 19:11 - 2015-01-12 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-02-11 19:11 - 2015-01-12 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-02-11 19:11 - 2015-01-12 12:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-02-11 19:11 - 2015-01-12 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-02-11 19:11 - 2015-01-12 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-02-11 19:11 - 2015-01-12 12:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-02-11 19:11 - 2015-01-12 12:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-02-11 19:11 - 2015-01-12 12:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-02-11 19:11 - 2015-01-12 12:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-02-11 19:11 - 2015-01-12 12:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-02-11 19:11 - 2015-01-12 12:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-02-11 19:11 - 2015-01-12 11:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-02-11 19:11 - 2015-01-12 11:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-02-11 19:11 - 2015-01-12 11:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-02-11 19:11 - 2015-01-12 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-02-11 19:11 - 2015-01-12 11:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-02-11 19:11 - 2015-01-12 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-02-11 19:11 - 2015-01-12 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-02-11 19:11 - 2015-01-12 11:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-02-11 19:11 - 2015-01-12 11:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-02-11 19:11 - 2015-01-12 11:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-02-11 19:11 - 2015-01-12 11:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-02-11 19:11 - 2015-01-12 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-02-11 19:11 - 2015-01-12 11:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-02-11 19:11 - 2015-01-12 11:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-02-11 19:11 - 2015-01-12 11:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-02-11 19:11 - 2015-01-12 11:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-02-11 19:11 - 2015-01-12 11:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-02-11 19:11 - 2015-01-12 11:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-02-11 19:11 - 2015-01-12 11:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-02-11 19:11 - 2015-01-12 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-02-11 19:11 - 2015-01-12 11:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-02-11 19:11 - 2015-01-12 10:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-02-11 19:11 - 2015-01-12 10:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-02-11 19:11 - 2015-01-10 16:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-02-11 19:11 - 2015-01-10 16:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-02-11 19:11 - 2015-01-10 16:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-02-11 19:11 - 2015-01-10 16:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-02-11 19:11 - 2015-01-10 16:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-02-11 19:11 - 2015-01-10 16:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-02-11 19:11 - 2015-01-10 16:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-02-11 19:11 - 2015-01-10 16:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-02-11 19:11 - 2015-01-10 16:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-02-11 19:11 - 2015-01-10 16:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-02-11 19:11 - 2015-01-10 16:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-02-11 19:11 - 2015-01-10 16:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-02-11 19:11 - 2015-01-10 16:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-02-11 19:11 - 2015-01-10 16:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-02-11 19:09 - 2015-01-15 18:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-02-11 19:09 - 2015-01-15 18:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-02-11 19:09 - 2015-01-15 18:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-02-11 19:09 - 2015-01-15 18:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-02-11 19:09 - 2015-01-15 18:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-02-11 19:09 - 2015-01-15 18:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-02-11 19:09 - 2015-01-15 18:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-02-11 19:09 - 2015-01-15 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-02-11 19:09 - 2015-01-15 18:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-02-11 19:09 - 2015-01-15 18:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-02-11 19:09 - 2015-01-15 18:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-02-11 19:09 - 2015-01-15 17:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-02-11 19:09 - 2015-01-15 17:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-02-11 19:09 - 2015-01-15 17:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-02-11 19:09 - 2015-01-15 17:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-02-11 19:09 - 2015-01-15 17:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-02-11 19:09 - 2015-01-15 17:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-02-11 19:09 - 2015-01-15 14:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2015-02-11 19:09 - 2015-01-14 16:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-02-11 19:09 - 2015-01-14 16:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-02-11 19:09 - 2015-01-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-02-11 19:09 - 2015-01-14 16:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-02-11 19:09 - 2015-01-14 15:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-02-11 19:09 - 2015-01-14 15:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-02-11 19:09 - 2015-01-14 15:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-02-11 19:09 - 2015-01-13 13:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2015-02-11 19:09 - 2015-01-13 12:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2015-02-11 19:09 - 2015-01-09 12:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-02-11 19:09 - 2014-12-12 15:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-02-11 19:09 - 2014-12-12 15:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-02-11 19:09 - 2014-12-08 13:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll

2015-02-11 19:09 - 2014-12-08 12:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

2015-02-11 19:09 - 2014-11-26 13:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2015-02-11 19:09 - 2014-11-26 13:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2015-02-11 19:09 - 2014-10-04 12:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-02-11 19:09 - 2014-10-04 11:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-02-11 19:09 - 2014-10-04 11:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2015-02-11 19:09 - 2014-07-07 12:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-02-11 19:09 - 2014-07-07 12:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-02-11 19:09 - 2014-07-07 11:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-02-11 19:09 - 2014-07-07 11:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-02-11 15:32 - 2015-02-11 15:32 - 01533584 _____ () C:\Users\Owner\Downloads\battlelog-web-plugins_2.6.2_157.exe

2015-02-11 15:27 - 2015-02-06 07:01 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2015-02-11 15:26 - 2015-02-06 07:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2015-02-11 15:26 - 2015-02-06 07:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2015-02-10 22:39 - 2015-02-16 18:21 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F6417A24-7102-47A2-A9A0-861C30ACA1A6}

2015-02-10 22:32 - 2015-02-12 03:02 - 00000000 ____D () C:\Windows\system32\MRT

2015-02-10 22:32 - 2015-02-12 03:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-02-10 10:48 - 2015-02-16 19:50 - 00005268 _____ () C:\Windows\setupact.log

2015-02-10 10:48 - 2015-02-10 10:48 - 00000000 _____ () C:\Windows\setuperr.log

2015-02-09 15:20 - 2015-02-09 15:20 - 00000000 ____D () C:\Program Files (x86)\LG Electronics

2015-01-30 12:54 - 2015-01-30 12:54 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk

2015-01-30 12:54 - 2015-01-30 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2015-01-30 12:53 - 2015-01-30 12:54 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2015-01-30 12:53 - 2015-01-30 12:54 - 00000000 ____D () C:\Program Files\iTunes

2015-01-30 12:53 - 2015-01-30 12:54 - 00000000 ____D () C:\Program Files (x86)\iTunes

2015-01-30 12:53 - 2015-01-30 12:53 - 00000000 ____D () C:\Program Files\iPod

2015-01-30 12:51 - 2015-01-30 12:51 - 00000000 ____D () C:\Program Files\Bonjour

2015-01-30 12:51 - 2015-01-30 12:51 - 00000000 ____D () C:\Program Files (x86)\Bonjour

2015-01-28 09:58 - 2015-01-29 23:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-28 09:58 - 2015-01-29 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-16 19:57 - 2009-07-14 14:45 - 00028896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-16 19:57 - 2009-07-14 14:45 - 00028896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-16 19:56 - 2009-07-14 15:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-02-16 19:54 - 2013-06-28 15:21 - 01989301 _____ () C:\Windows\WindowsUpdate.log

2015-02-16 19:51 - 2013-08-03 15:59 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-02-16 19:50 - 2014-03-27 11:21 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-02-16 19:49 - 2013-09-11 18:19 - 00000000 ____D () C:\ProgramData\AVG2014

2015-02-16 19:49 - 2013-09-11 18:14 - 00000000 ____D () C:\ProgramData\MFAData

2015-02-16 19:49 - 2013-06-28 16:09 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-02-16 19:49 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-15 20:41 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-02-15 20:25 - 2014-03-21 15:12 - 00000000 ____D () C:\ProgramData\Origin

2015-02-15 19:26 - 2014-03-14 17:27 - 00000024 _____ () C:\Users\Owner\random.dat

2015-02-15 19:15 - 2014-03-14 17:27 - 00000024 _____ () C:\Users\Owner\jagexappletviewer.preferences

2015-02-15 19:14 - 2014-03-14 17:27 - 00000044 _____ () C:\Users\Owner\jagex_cl_runescape_LIVE.dat

2015-02-15 18:43 - 2014-10-10 14:22 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2015-02-15 18:38 - 2014-03-21 15:12 - 00000000 ____D () C:\Program Files (x86)\Origin

2015-02-14 23:29 - 2014-04-22 06:43 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins

2015-02-14 23:27 - 2014-07-02 17:26 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe

2015-02-14 23:27 - 2013-08-03 17:02 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0

2015-02-14 23:14 - 2014-10-10 14:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2015-02-14 17:24 - 2013-09-17 17:40 - 00000000 ____D () C:\Windows\Minidump

2015-02-13 16:56 - 2014-03-11 20:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\NVIDIA Corporation

2015-02-13 16:56 - 2013-06-28 16:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2015-02-13 16:53 - 2013-06-28 16:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2015-02-13 16:53 - 2013-06-28 16:07 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2015-02-13 16:21 - 2014-08-02 23:28 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps

2015-02-13 10:28 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache

2015-02-12 03:13 - 2014-09-13 16:19 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399705257

2015-02-12 03:13 - 2014-05-10 17:00 - 00000000 ____D () C:\Program Files (x86)\Opera

2015-02-12 03:08 - 2009-07-14 14:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-02-12 03:06 - 2014-12-11 02:03 - 00000000 ____D () C:\Windows\system32\appraiser

2015-02-12 03:06 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

2015-02-12 03:04 - 2014-04-22 06:42 - 00000000 ____D () C:\ProgramData\Package Cache

2015-02-11 19:37 - 2014-03-03 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2015-02-11 19:37 - 2014-03-03 17:32 - 00000000 ____D () C:\Program Files\Logitech Gaming Software

2015-02-10 22:30 - 2013-06-28 16:08 - 00000000 ____D () C:\temp

2015-02-10 22:28 - 2014-03-04 17:26 - 00000000 ____D () C:\Users\Owner\Downloads\downloaded

2015-02-10 22:28 - 2013-09-19 00:14 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc

2015-02-10 22:26 - 2013-08-03 17:06 - 00000000 ____D () C:\ProgramData\Ubisoft

2015-02-10 22:26 - 2013-06-28 15:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2015-02-10 22:26 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-02-10 22:17 - 2014-05-31 12:12 - 00000000 ____D () C:\ProgramData\Skype

2015-02-10 22:16 - 2014-07-09 15:01 - 00000000 ____D () C:\Program Files (x86)\Google

2015-02-10 22:15 - 2013-09-15 15:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google

2015-02-06 07:01 - 2013-09-09 18:48 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2015-02-06 07:01 - 2013-09-09 18:48 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2015-02-06 07:01 - 2013-09-09 18:48 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2015-02-06 07:01 - 2013-06-28 16:08 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2015-02-06 07:01 - 2013-06-28 16:08 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2015-02-06 07:01 - 2013-06-28 16:08 - 00027441 _____ () C:\Windows\system32\nvinfo.pb

2015-02-06 07:01 - 2013-06-28 16:07 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2015-02-06 05:07 - 2013-06-28 16:08 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2015-02-06 05:07 - 2013-06-28 16:08 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2015-02-06 05:07 - 2013-06-28 16:08 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2015-02-06 05:07 - 2013-06-28 16:08 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2015-02-06 05:07 - 2013-06-28 16:08 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2015-02-06 05:06 - 2013-06-28 16:08 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2015-02-05 22:50 - 2013-06-28 16:08 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin

2015-01-30 19:32 - 2014-10-14 14:34 - 00000000 ____D () C:\ProgramData\Oracle

2015-01-30 19:30 - 2014-11-11 12:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2015-01-30 19:30 - 2014-11-11 12:47 - 00000000 ____D () C:\Program Files (x86)\Java

2015-01-30 12:53 - 2014-06-15 18:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2015-01-30 12:53 - 2014-06-15 18:03 - 00000000 ____D () C:\Program Files\Common Files\Apple

2015-01-30 01:38 - 2013-09-09 18:52 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2015-01-29 23:04 - 2014-07-09 15:26 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe

 

==================== Files in the root of some directories =======

 

2014-08-02 21:42 - 2014-08-02 21:47 - 0034816 _____ () C:\Users\Owner\AppData\Roaming\RZR_0010d4fe43d3baceb98a499d228b.db

 

Files to move or delete:

====================

C:\Users\Owner\jagex_cl_runescape_LIVE.dat

C:\Users\Owner\jagex_cl_runescape_LIVE1.dat

C:\Users\Owner\random.dat

 

 

Some content of TEMP:

====================

C:\Users\Owner\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Owner\AppData\Local\Temp\nvStInst.exe

C:\Users\Owner\AppData\Local\Temp\Quarantine.exe

C:\Users\Owner\AppData\Local\Temp\sonarinst.exe

C:\Users\Owner\AppData\Local\Temp\sqlite3.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-02-13 10:21

 

==================== End Of Log ============================

 

 

 

 

 

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015

Ran by Owner at 2015-02-16 19:58:23

Running from C:\Users\Owner\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}

AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)

Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)

File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)

Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)

Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden

LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)

Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3181306586-3482173347-3556528193-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)

NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)

Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)

Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)

RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)

Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)

SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3181306586-3482173347-3556528193-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

 

==================== Restore Points  =========================

 

12-02-2015 03:00:14 Windows Update

12-02-2015 23:57:49 Windows Update

13-02-2015 16:11:29 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

13-02-2015 16:40:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

14-02-2015 03:00:11 Windows Update

14-02-2015 23:13:13 Installed DirectX

15-02-2015 03:00:11 Windows Update

15-02-2015 10:50:22 Windows Update

15-02-2015 20:48:12 Windows Update

16-02-2015 16:28:27 Windows Update

16-02-2015 19:38:38 Removed AVG 2014

16-02-2015 19:39:56 Removed AVG 2014

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {070DF1C9-6B39-4414-A138-6E1B0003A29A} - System32\Tasks\{14B0C3FF-AB69-483A-9396-1E94670F3BDD} => C:\Program Files (x86)\Telstra Turbo Connection Manager\Telstra Turbo Connection Manager.exe

Task: {29094C7C-DAAC-4A83-8B8C-65A86D327CC7} - System32\Tasks\{19D82375-5E0E-4253-AD01-0B8CB7F2F6F1} => pcalua.exe -a "C:\Program Files (x86)\Spy Cleaner Gold\Spy Cleaner Gold.exe" -d C:\Users\Owner\Desktop

Task: {354768C8-DB5F-4B59-9A3E-96287E9B5DA1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-22] (Piriform Ltd)

Task: {61C92C66-8891-45C3-8B6A-0691A6C4F2DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {D5677C97-2C4A-4B03-834F-241DA7D140A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {D8921C81-F208-47C9-AF6E-8F8105029A55} - System32\Tasks\Opera scheduled Autoupdate 1399705257 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software)

 

==================== Loaded Modules (whitelisted) ==============

 

2013-06-28 16:08 - 2015-02-06 05:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-07-02 17:26 - 2015-02-14 23:27 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe

2014-09-18 17:23 - 2014-09-18 17:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2014-10-15 04:51 - 2014-10-15 04:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2014-09-18 17:23 - 2014-09-18 17:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2014-10-15 04:51 - 2014-10-15 04:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2015-02-12 03:13 - 2015-02-12 03:13 - 00552056 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\opera_crashreporter.exe

2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2015-02-12 03:13 - 2015-02-12 03:13 - 01408632 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\libglesv2.dll

2015-02-12 03:13 - 2015-02-12 03:13 - 00219256 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\libegl.dll

2015-02-12 03:13 - 2015-02-12 03:13 - 09510520 _____ () C:\Program Files (x86)\Opera\27.0.1689.69\pdf.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) ===============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3181306586-3482173347-3556528193-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.0.1

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-3181306586-3482173347-3556528193-500 - Administrator - Disabled)

Guest (S-1-5-21-3181306586-3482173347-3556528193-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3181306586-3482173347-3556528193-1003 - Limited - Enabled)

Owner (S-1-5-21-3181306586-3482173347-3556528193-1000 - Administrator - Enabled) => C:\Users\Owner

 

==================== Faulty Device Manager Devices =============

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/16/2015 07:51:27 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/16/2015 07:48:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).

 

 

Microsoft Office Sessions:

=========================

Error: (02/16/2015 07:51:27 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i5-3570 CPU @ 3.40GHz

Percentage of memory in use: 19%

Total physical RAM: 16327.34 MB

Available physical RAM: 13172.84 MB

Total Pagefile: 32652.87 MB

Available Pagefile: 29344.95 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:465.66 GB) (Free:136.82 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9F813465)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

 

 

 

 

 

Link to post
Share on other sites

Good job. Those logs are clean. :)
 
Please do the following, and let me know if you have any outstanding issues or concerns afterwards. 
 
STEP 1
A5RLVbX.png CCleaner

  • Open CCleaner.
  • Click Cookies. In the left column, scroll through the list and check for sites you regularly visit/recognise.
  • Click these sites followed by -> to move the site into the right column.
  • Click Cleaner. Under Internet Explorer, ensure all but the last option is checked. 
  • Under System, ensure Empty Recycle Bin, Temporary Files and DNS Cache are checked. 
  • Click Applications. Under Opera, ensure the first six options are checked. 
  • Click Run Cleaner.
     

STEP 2
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • ESET Online Scan log
Link to post
Share on other sites

Hello, 
 
Apologies for the delay. 
Please work your way through the following.
 
STEP 1
iAdP9bf.png Malwarebytes Anti-Rootkit (MBAR)

  • Please download Malwarebytes Anti-Rootkit and save the file to your Desktop.
  • Double-Click MBAR.exe to run the installer.
  • Select a convenient location to extract the contents and click OK. Navigate to the location you selected.
  • Right-Click MBAR.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts to update the programme and scan your computer. 
  • Upon completion, click Cleanup and reboot your computer. 
  • After the reboot, rerun the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more. 
  • Upon completion, two logs (mbar-log.txt and system-log.txt) will be created. Copy the contents of both logs and paste in your next reply. Both logs can be found in the MBAR folder
     

STEP 2
mlEX1wH.png RogueKiller

  • Please download RogueKiller (x64) and save the file to your Desktop.
  • Close any running programmes.
  • Right-Click RogueKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Allow the Prescan to complete. Upon completion, a window will open. Click Accept.
  • A browser window may open. Close the browser window.
  • Click jpgUwzp.png. Upon completion, click phPvmc6.png.
  • Close the programme. Do not fix anything!
  • A log (RKreport.txt) will be open. Copy the contents of the log and paste in your next reply.
     

STEP 3
A50erAh.png Sophos Virus Removal Tool

  • Please download Sophos Virus Removal Tool and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click SophosVirusRemovalTool.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Next.
  • Select I accept the terms in this license agreement, then click Next twice.
  • Click Install.
  • Click Finish to launch the programme.
  • Once the virus database has been updated click Start scanning
  • If threats are found click Details, followed by View log file.
  • Copy the contents of the log and paste in your next reply.
  • Close the Notepad document, close the Threat Details screen, and click Start cleanup.
  • Click Exit to close the programme. 
  • Re-enable your anti-virus software. 
     

======================================================
 
STEP 4
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • mbar-log.txt
  • system-log.txt
  • RKreport.txt
  • Sophos Log
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.