myradioplayer.dll

[roman89]

can someone please help remove this vampire from my pc, my bloods brained

[roman89]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015

Ran by Roman at 2015-06-18 20:47:11

Running from C:\Users\Roman\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-1674824579-1137781311-3632366173-500 - Administrator - Disabled)

Guest (S-1-5-21-1674824579-1137781311-3632366173-501 - Limited - Disabled)

jenna_000 (S-1-5-21-1674824579-1137781311-3632366173-1002 - Limited - Enabled) => C:\Users\jenna_000

Roman (S-1-5-21-1674824579-1137781311-3632366173-1001 - Administrator - Enabled) => C:\Users\Roman

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)

AIM for Windows (HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\AIM) (Version:  - AOL Inc.)

Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)

AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)

AVG 2015 (Version: 15.0.4365 - AVG Technologies) Hidden

AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Bulk Image Downloader v4.83.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version:  - Antibody Software)

Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)

Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)

Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)

Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION

Dropbox (HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)

EaseUS Data Recovery Wizard 7.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.5_is1) (Version:  - EaseUS)

GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

Intel® Chipset Device Software (x32 Version: 10.0.14 - Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)

Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)

iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)

Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}) (Version: 4.0.1651.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)

MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)

NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)

NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)

Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Potplayer (HKLM-x32\...\PotPlayer) (Version:  - Daum Kakao Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30143 - Realtek Semiconductor Corp.)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)

SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden

Sonic Radar II (HKLM\...\{203BCA8D-BC00-4DD5-85DF-2F84DB803B57}) (Version: 2.0.801 - ASUSTeKcomputer.Inc)

Sound Blaster Z-Series (HKLM-x32\...\{E48EE8B8-1CD6-4F60-AB93-7C398DAAE08E}) (Version: 1.00.21 - Creative Technology Limited)

Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)

Spotify (HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.79 - NCH Software)

Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)

Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)

Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)

Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)

WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)

WD Security (HKLM-x32\...\{0AC340BC-4A62-4D1F-86DB-35C1C3CB66CF}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.)

WD SmartWare (HKLM\...\{F6FE3205-7737-4772-9017-C7ACD8A5561C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)

WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)

Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)

WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

WJ III Compuscore and Profiles Program 2.1 (HKLM-x32\...\WJ III Compuscore and Profiles Program 2.1) (Version:  - )

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-1674824579-1137781311-3632366173-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1674824579-1137781311-3632366173-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1674824579-1137781311-3632366173-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1674824579-1137781311-3632366173-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roman\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

 

==================== Restore Points =========================

 

30-05-2015 22:03:02 Scheduled Checkpoint

04-06-2015 11:20:46 Installed iTunes

09-06-2015 13:41:59 Windows Update

18-06-2015 00:04:58 Scheduled Checkpoint

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0551326B-8BDB-45B9-9818-1F5A37E2A098} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)

Task: {08910681-D5E3-4587-8320-847894E523BB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)

Task: {16CE8C23-E282-4C43-BCD2-1092A8BA904E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)

Task: {326CDF55-E7E9-42B1-A75E-A052F8B77F59} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks

Task: {34CEAA64-D4C9-4C03-BFB4-5374856A0C99} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)

Task: {3B55F10B-9D7F-4B97-AEB9-11467C59E530} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-19] (Google Inc.)

Task: {5CE4498C-394F-4AAB-B6F2-4FD7C0FB1FA1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe

Task: {6908D595-57C6-430E-9CD5-CE36F63266FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-19] (Google Inc.)

Task: {75BA381E-9A9E-484A-9532-E2DB7CF0CC4E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)

Task: {7AD3D657-429D-4295-9E64-B9D5DBBCA7E3} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)

Task: {8E95E4DE-819D-4EF0-A040-D92F3FCA9042} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-09] (Microsoft Corporation)

Task: {A76436FA-D183-4BCF-938A-755085FF9AAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {AC03029B-9901-433A-B7A7-21C6AD389078} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {AC2DBBC1-DBF5-4A19-ADC5-61F35F036C00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {C2C5D572-7364-4282-BD8F-B28C42798780} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {D069AED5-B242-436F-9A39-02D8FDA6C48F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {EF8C1978-625C-4CA4-B913-1729F016252B} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-15] (Microsoft Corporation)

Task: C:\Windows\Tasks\0215piUpdateInfo.job => C:\ProgramData\Avg_Update_0215pi\0215pi_AVG-Secure-Search-Update.exe

Task: C:\Windows\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (Whitelisted) ==============

 

2014-07-11 08:58 - 2014-05-19 21:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2014-07-11 08:55 - 2014-01-27 23:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe

2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll

2014-07-11 08:55 - 2015-06-18 19:31 - 00035328 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll

2014-07-11 08:55 - 2014-01-27 23:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll

2015-03-14 11:03 - 2015-06-18 19:31 - 41287224 _____ () C:\Users\Roman\AppData\Roaming\Spotify\libcef.dll

2015-03-14 11:03 - 2015-06-18 19:31 - 01488440 _____ () C:\Users\Roman\AppData\Roaming\Spotify\libglesv2.dll

2015-03-14 11:03 - 2015-06-18 19:31 - 00079928 _____ () C:\Users\Roman\AppData\Roaming\Spotify\libegl.dll

2015-03-14 11:03 - 2015-03-14 11:03 - 09305656 _____ () C:\Users\Roman\AppData\Roaming\Spotify\pdf.dll

2014-03-20 14:43 - 2014-03-20 14:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2015-06-09 22:37 - 2015-06-05 14:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll

2015-06-09 22:37 - 2015-06-05 14:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll

2015-06-09 22:37 - 2015-06-05 14:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2014-02-04 17:47 - 2014-02-04 17:47 - 23782856 _____ () C:\Users\Roman\AppData\Local\AOL\AIM\libcef.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\Users\jenna_000\OneDrive:ms-properties

AlternateDataStreams: C:\Users\Roman\SkyDrive:ms-properties

 

==================== Safe Mode (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\Pictures\black-windows_542931.jpg

DNS Servers: 192.168.1.1

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{9424C5D9-6769-44E5-A3BA-776FE73FC520}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{BE175B5F-1DAA-4E55-9C39-C1A5AA4E3785}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{93625D60-A3E5-41C1-8511-C56229DC1DBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

FirewallRules: [{180E6062-910D-4016-B0D5-0BC02A090A1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

FirewallRules: [{E8E7C30F-50B2-42F4-9C2F-95D4693D9BA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{4F5F6B93-0F20-4EF0-9878-9674FEE84CF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{BE1761B4-E664-4C46-B6E9-21FC010A0745}C:\users\roman\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roman\appdata\roaming\spotify\spotify.exe

FirewallRules: [uDP Query User{7B6B16C1-B2EC-4A6D-BF6D-4E75633CC0B7}C:\users\roman\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roman\appdata\roaming\spotify\spotify.exe

FirewallRules: [{F4F03C3A-6817-4AA5-9F0E-39A51E79E94F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{B92A8CE9-8F92-4FEF-96BD-B65A3FBBD256}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{E5D01257-34CE-4EF0-8600-F4301F49B5E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe

FirewallRules: [{E53DA163-C19A-4445-8FA1-F295CCBDE874}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe

FirewallRules: [{94E5C743-4CF7-4364-A197-8277730BD4A7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe

FirewallRules: [{8CEB29BC-94AF-420B-B4B8-CB276621E396}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe

FirewallRules: [{E6F4EC25-852E-44E2-84A7-708942D4F68B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{E8F49660-B349-4CF8-A232-8D2F84AFA648}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{D839E869-2EF8-4DAB-A48C-8C41D57ADBDD}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe

FirewallRules: [{A1CF20FB-0296-4839-AF87-1221ACD86BBE}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe

FirewallRules: [{CC249B4F-BD96-47FE-B013-093AF79512E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe

FirewallRules: [{CD5AC62D-56D8-4782-BD64-2753AA03AEDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe

FirewallRules: [{9538AA45-1F6F-4815-8408-F04A7328D33A}] => (Allow) C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{0C06663E-5E9C-42EA-BF20-D5189415BFE0}] => (Allow) C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{C0DA4761-8E2F-4AE2-BD72-7B986073B938}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{9F97A809-4B88-4E47-9AB0-62DE6FE063E3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{4772DA5C-0926-4CF1-84B1-914D1AB1A376}] => (Allow) C:\Users\Roman\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [TCP Query User{367354A5-0377-465B-89EC-844D33A923B7}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe

FirewallRules: [uDP Query User{A52DA90F-4EBE-4D85-9071-5B74037A6641}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe

FirewallRules: [TCP Query User{61427621-BC00-4C3D-9E01-BC315FDA443A}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe

FirewallRules: [uDP Query User{15261E1F-5001-4EE9-8887-ED135A264840}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe

FirewallRules: [TCP Query User{4D7215CD-562E-460D-B48E-818DF35674B2}C:\users\jenna_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jenna_000\appdata\roaming\spotify\spotify.exe

FirewallRules: [uDP Query User{DF6B4289-78A7-4477-8EC0-98E1C2A4F07A}C:\users\jenna_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jenna_000\appdata\roaming\spotify\spotify.exe

FirewallRules: [{70F80D48-368E-4BE8-8DD0-13E1E9E6E5E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{81B3AEC3-D0C4-4169-8CE8-67D720CD05A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{8AC68173-70A5-4F23-B12A-C04E8134B053}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{E91592A4-A8B0-4621-9CB3-C926E74FEF2F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{27F243A1-9DAC-4C1E-94F3-DE823E660569}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe

FirewallRules: [{D93E85F4-D973-49D8-8EBE-47CDF0078AFC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe

FirewallRules: [TCP Query User{753C4BD7-5651-44B6-AA0E-9E57733C48F5}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe

FirewallRules: [uDP Query User{E0503562-DD27-4339-9518-D87D61B051D9}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe

FirewallRules: [{17EE1164-A24B-4337-847F-67A3B72F40D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{A5E53295-ABEE-4782-8E26-B31A40651BD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{F0F9B2AA-EC65-4820-91C2-29E91B425ED8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C437979E-BBEE-4E33-99C8-D27CE1C8549A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{0B593F1E-F05F-450A-8A45-605571066918}C:\users\jenna_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jenna_000\appdata\roaming\spotify\spotify.exe

FirewallRules: [uDP Query User{5285BF6D-4F33-451E-816E-10C8DE343203}C:\users\jenna_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jenna_000\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{7BA63DAF-B2F9-4900-A8FF-3B24104B644E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [uDP Query User{FEC79398-A5C8-42A5-9ECD-0C66FB1B9DCA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [{6DE21222-F280-417F-8A2C-A56719D7803E}] => (Allow) C:\Users\Roman\AppData\Local\Temp\nsm7E7C.tmp\CnetInstaller-75587055.exe

FirewallRules: [{F78F645E-FD0A-41A2-BF7F-C630AF2E9DB5}] => (Allow) C:\Users\Roman\AppData\Local\Temp\nsm7E7C.tmp\CnetInstaller-75587055.exe

FirewallRules: [{6C6D0851-CC26-4458-97B0-403186830F08}] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe

FirewallRules: [{742A940F-80A0-4D9D-8674-DE24F2618E6E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{3776C8EF-940E-480E-AB3E-2A182586A220}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{80224036-E0C1-456C-9C45-A9D09FB82FDF}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe

FirewallRules: [{1BCC70FB-76B5-406F-A68B-BC4A08523C43}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe

FirewallRules: [{69B42F21-9C38-4712-AE2C-0A3EFF083A8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{5DC51E46-F2E2-4B27-BB7B-C34E145473D4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{7551974B-0E2D-4960-BDB0-2434EC7B72E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{9321239E-1F64-4BE3-9EB5-F0128A81188F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{C5F4DFE7-2147-445F-876B-08067D4423ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe

FirewallRules: [{E2769668-FAF0-4743-A63A-0CA63C95C12E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe

FirewallRules: [{D84D176A-D6BC-4B57-A8DC-C85DBE9667DC}] => (Allow) F:\Steam\Steam.exe

FirewallRules: [{CD03F7D5-4D2B-45DA-BBA7-2A9ED0DBAF8B}] => (Allow) F:\Steam\Steam.exe

FirewallRules: [TCP Query User{D48EF2B2-DF7F-43B4-8314-F9EC9CE57858}C:\users\roman\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\roman\appdata\roaming\spotify\spotify.exe

FirewallRules: [uDP Query User{2410B9FA-1149-4FA3-A4F5-00DAA5717632}C:\users\roman\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\roman\appdata\roaming\spotify\spotify.exe

FirewallRules: [{06174B5A-382B-4986-B07A-E5B2BB5FC060}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{0F1B33D8-BFC5-4588-B069-E0E2222985E3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{F9614D1B-F026-4279-9C57-FC90973E3D42}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{F5759837-600B-4C73-9597-5FB538281735}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{BFD346D3-78B9-4BB9-8E41-12B80865B996}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{64B1CBC5-D43D-4FA8-8441-7F8EEB8EAD63}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{1A9D2481-C39E-4A23-8D8D-A3B95AB1FA1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{28F21CB3-9B36-4F68-BA14-1513AACEC4BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Faulty Device Manager Devices =============

 

Name: High Definition Audio Device

Description: High Definition Audio Device

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: HdAudAddService

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: NVIDIA High Definition Audio

Description: NVIDIA High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: NVHDA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (06/18/2015 07:41:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )

Description: The volume System was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

 

Error: (06/18/2015 07:31:52 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x1ccc

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x23b0

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:49 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x2030

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x2364

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x19d0

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x1564

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x2334

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x22c0

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

Error: (06/18/2015 07:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Faulting module name: nvstreamsvc.exe, version: 3.1.1000.0, time stamp: 0x542e024e

Exception code: 0xc0000409

Fault offset: 0x000000000019aaf0

Faulting process id: 0x2270

Faulting application start time: 0xnvstreamsvc.exe0

Faulting application path: nvstreamsvc.exe1

Faulting module path: nvstreamsvc.exe2

Report Id: nvstreamsvc.exe3

Faulting package full name: nvstreamsvc.exe4

Faulting package-relative application ID: nvstreamsvc.exe5

 

 

System errors:

=============

Error: (06/18/2015 07:31:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Network Connection Broker service terminated with the following error: 

%%4294967295

 

Error: (06/18/2015 07:31:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Network Connection Broker service terminated with the following error: 

%%4294967295

 

Error: (06/18/2015 07:30:59 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 1:35:41 AM on ‎6/‎18/‎2015 was unexpected.

 

Error: (06/18/2015 07:30:48 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)

Description: 32212256844795416886446320

 

Error: (06/17/2015 09:00:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Network Connection Broker service terminated with the following error: 

%%4294967295

 

Error: (06/17/2015 09:00:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Network Connection Broker service terminated with the following error: 

%%4294967295

 

Error: (06/17/2015 08:55:41 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 1:40:00 PM on ‎6/‎16/‎2015 was unexpected.

 

Error: (06/17/2015 08:55:30 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)

Description: 32212256844795416886446320

 

Error: (06/16/2015 02:00:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Network Connection Broker service terminated with the following error: 

%%4294967295

 

Error: (06/16/2015 01:22:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Network Connection Broker service terminated with the following error: 

%%4294967295

 

 

Microsoft Office:

=========================

Error: (06/18/2015 07:41:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )

Description: SystemThe parameter is incorrect. (0x80070057)

 

Error: (06/18/2015 07:31:52 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf01ccc01d0aa1ef4593b61C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe321bf793-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf023b001d0aa1ef39d801cC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe315f78ef-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:49 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf0203001d0aa1ef2e08c43C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe30a3bdaa-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:48 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf0236401d0aa1ef22482deC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe2fe6c9d3-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf019d001d0aa1ef1680438C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe2f2ae77a-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf0156401d0aa1ef0a9d7cfC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe2e6ce21e-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf0233401d0aa1eefe4a605C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe2da7894a-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf022c001d0aa1eef267997C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe2ce9f923-1612-11e5-82e9-6805ca26bfd0

 

Error: (06/18/2015 07:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: nvstreamsvc.exe3.1.1000.0542e024envstreamsvc.exe3.1.1000.0542e024ec0000409000000000019aaf0227001d0aa1eee69d3e3C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe2c2cde37-1612-11e5-82e9-6805ca26bfd0

 

 

CodeIntegrity Errors:

===================================

  Date: 2015-04-12 19:29:25.557

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:25.498

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:25.439

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:25.250

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:25.060

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:24.870

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:24.670

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:24.481

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:24.424

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-04-12 19:29:24.233

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i7-4790K CPU @ 4.00GHz

Percentage of memory in use: 21%

Total physical RAM: 16326.96 MB

Available physical RAM: 12827.99 MB

Total Pagefile: 18758.96 MB

Available Pagefile: 14123.8 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:117.04 GB) (Free:33.13 GB) NTFS

Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:20.48 GB) NTFS

Drive f: (Roman Data) (Fixed) (Total:300 GB) (Free:241.82 GB) NTFS

Drive g: (Jennifer Data) (Fixed) (Total:165.76 GB) (Free:165.64 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: 826BDC9E)

Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=117 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AE08AAD0)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

 

========================================================

Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2BD2C32A)

Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)

 

==================== End of log ============================

[roman89]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015

Ran by Roman (administrator) on ROMAN on 18-06-2015 20:46:53

Running from C:\Users\Roman\Downloads

Loaded Profiles: Roman (Available Profiles: Roman & jenna_000)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe

(Spotify Ltd) C:\Users\Roman\AppData\Roaming\Spotify\Spotify.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe

(Spotify Ltd) C:\Users\Roman\AppData\Roaming\Spotify\SpotifyCrashService.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

(Spotify Ltd) C:\Users\Roman\AppData\Roaming\Spotify\Spotify.exe

(Spotify Ltd) C:\Users\Roman\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Spotify Ltd) C:\Users\Roman\AppData\Roaming\Spotify\Spotify.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Apple Inc.) C:\Program Files\iTunes\iTunes.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(AOL Inc.) C:\Users\Roman\AppData\Local\AOL\AIM\aim.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)

HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3196272 2015-02-12] (Western Digital Technologies, Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)

HKLM-x32\...\Run: [sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [735744 2013-02-27] (Creative Technology Ltd)

HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\Run: [spotify Web Helper] => C:\Users\Roman\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-18] (Spotify Ltd)

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\Run: [spotify] => C:\Users\Roman\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-18] (Spotify Ltd)

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\Run: [uTorrent] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-11] (BitTorrent Inc.)

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\Run: [steam] => F:\Steam\steam.exe [2888384 2015-05-14] (Valve Corporation)

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\MountPoints2: {2da9c34b-cde9-11e4-82a8-6805ca26bfd0} - "H:\WD Drive Unlock.exe" autoplay=true

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\...\MountPoints2: {a0384c0e-e00f-11e4-82af-6805ca26bfd0} - "H:\VerizonSWUpgradeAssistantLauncher.exe" 

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2014-07-24]

ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan)

Startup: C:\Users\jenna_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-02-01]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Anya_y123.rar(1).lnk [2015-04-18]

ShortcutTarget: Anya_y123.rar(1).lnk -> C:\ProgramData\{65b6592a-654f-0d91-65b6-6592a65464a9}\Anya_y123.rar(1).exe (No File)

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKU\S-1-5-21-1674824579-1137781311-3632366173-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/

SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 

SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 

SearchScopes: HKU\S-1-5-21-1674824579-1137781311-3632366173-1001 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)

BHO: SalePlus -> {4f514ad4-e678-4131-976f-de0c5b50bfdb} -> C:\Program Files (x86)\SalePlus\2aVLPzpiNBzxrn.x64.dll No File

BHO: bestadblocker -> {5088d474-b44a-41bc-803f-935e953756f0} -> C:\Program Files (x86)\bestadblocker\shhlyYFC6Aybvz.x64.dll No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)

Winsock: Catalog9 01 C:\Windows\SysWOW64\myradioplayer.dll [357624 2015-01-01] (myradioplayer)

Winsock: Catalog9 02 C:\Windows\SysWOW64\myradioplayer.dll [357624 2015-01-01] (myradioplayer)

Winsock: Catalog9 03 C:\Windows\SysWOW64\myradioplayer.dll [357624 2015-01-01] (myradioplayer)

Winsock: Catalog9 04 C:\Windows\SysWOW64\myradioplayer.dll [357624 2015-01-01] (myradioplayer)

Winsock: Catalog9 15 C:\Windows\SysWOW64\myradioplayer.dll [357624 2015-01-01] (myradioplayer)

Winsock: Catalog9-x64 01 C:\Windows\system32\myradioplayer64.dll [464120 2015-01-01] (myradioplayer)

Winsock: Catalog9-x64 02 C:\Windows\system32\myradioplayer64.dll [464120 2015-01-01] (myradioplayer)

Winsock: Catalog9-x64 03 C:\Windows\system32\myradioplayer64.dll [464120 2015-01-01] (myradioplayer)

Winsock: Catalog9-x64 04 C:\Windows\system32\myradioplayer64.dll [464120 2015-01-01] (myradioplayer)

Winsock: Catalog9-x64 15 C:\Windows\system32\myradioplayer64.dll [464120 2015-01-01] (myradioplayer)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\ss419g2j.default

FF DefaultSearchEngine: WebSearch

FF DefaultSearchEngine,S: WebSearch

FF DefaultSearchUrl: hxxp://websearch.goodforsearch.info/?pid=3540&r=2015/04/18&hid=11007300390771939322&lg=EN&cc=US&unqvl=86&l=1&q=

FF SearchEngineOrder.1: WebSearch

FF SearchEngineOrder.1,S: WebSearch

FF SelectedSearchEngine: WebSearch

FF SelectedSearchEngine,S: WebSearch

FF Homepage: https://www.google.com/?gws_rd=ssl

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-19] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-19] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

FF user.js: detected! => C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\ss419g2j.default\user.js [2014-09-03]

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

 

Chrome: 

=======

CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19]

CHR Extension: (Google Docs) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-19]

CHR Extension: (Google Drive) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-19]

CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-19]

CHR Extension: (Google Search) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-19]

CHR Extension: (Google Sheets) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-19]

CHR Extension: (Google Wallet) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-19]

CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-07-11] (Creative Labs) [File not signed]

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-11] (Creative Labs) [File not signed]

R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]

R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112640 2013-05-22] (Creative Technology Ltd)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)

R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] ()

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [293856 2015-05-04] (AVG Technologies CZ, s.r.o.)

R3 cthda; C:\Windows\system32\drivers\cthda.sys [1060632 2013-05-22] (Creative Technology Ltd)

R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [33560 2013-05-22] (Creative Technology Ltd)

R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-13] (Intel Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-18] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()

R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)

S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-18 20:46 - 2015-06-18 20:46 - 02109952 _____ (Farbar) C:\Users\Roman\Downloads\FRST64.exe

2015-06-18 20:46 - 2015-06-18 20:46 - 00024468 _____ C:\Users\Roman\Downloads\FRST.txt

2015-06-18 20:46 - 2015-06-18 20:46 - 00000000 ____D C:\FRST

2015-06-12 22:35 - 2015-06-12 22:35 - 00031957 _____ C:\Users\jenna_000\Downloads\[kat.cr]der.samurai.2014.1080p.x264.ac3.engsubs.aumtatsat.torrent

2015-06-11 14:47 - 2015-06-11 14:47 - 00000340 _____ C:\Windows\Tasks\0615avUpdateInfo.job

2015-06-11 14:47 - 2015-06-11 14:47 - 00000000 ____D C:\ProgramData\Avg_Update_0615av

2015-06-09 13:40 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-06-09 13:40 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-06-09 13:40 - 2015-05-25 09:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll

2015-06-09 13:40 - 2015-05-25 09:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2015-06-09 13:40 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-06-09 13:40 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-06-09 13:40 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-06-09 13:40 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-06-09 13:40 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-06-09 13:40 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-06-09 13:40 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-06-09 13:40 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-06-09 13:40 - 2015-05-22 22:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2015-06-09 13:40 - 2015-05-22 22:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2015-06-09 13:40 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-06-09 13:40 - 2015-05-22 22:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-06-09 13:40 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-06-09 13:40 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-06-09 13:40 - 2015-05-22 22:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll

2015-06-09 13:40 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-06-09 13:40 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-06-09 13:40 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-06-09 13:40 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-06-09 13:40 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-06-09 13:40 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-06-09 13:40 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-06-09 13:40 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-06-09 13:40 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-06-09 13:40 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-06-09 13:40 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-06-09 13:40 - 2015-05-22 14:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2015-06-09 13:40 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-06-09 13:40 - 2015-05-22 14:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2015-06-09 13:40 - 2015-05-22 14:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-06-09 13:40 - 2015-05-22 14:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-06-09 13:40 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-06-09 13:40 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-06-09 13:40 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-06-09 13:40 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-06-09 13:40 - 2015-05-22 13:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll

2015-06-09 13:40 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-06-09 13:40 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-06-09 13:40 - 2015-05-22 09:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-06-09 13:40 - 2015-05-21 12:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-06-09 13:40 - 2015-05-21 09:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-06-09 13:40 - 2015-05-21 09:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-06-09 13:40 - 2015-05-21 09:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-06-09 13:40 - 2015-05-21 09:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-06-09 13:40 - 2015-05-21 09:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-06-09 13:40 - 2015-05-21 09:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-06-09 13:40 - 2015-04-24 22:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2015-06-09 13:40 - 2015-04-24 22:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2015-06-09 13:40 - 2015-04-16 18:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-06-09 13:40 - 2015-04-16 02:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS

2015-06-09 13:40 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll

2015-06-09 13:40 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll

2015-06-09 13:40 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll

2015-06-09 13:40 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll

2015-06-09 13:40 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll

2015-06-09 13:40 - 2015-04-08 18:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml

2015-06-09 13:40 - 2015-04-01 18:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll

2015-06-09 13:40 - 2015-04-01 18:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

2015-06-09 13:40 - 2015-04-01 00:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2015-06-09 13:40 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2015-06-09 13:40 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2015-06-09 13:40 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2015-06-09 13:40 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2015-06-09 13:40 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2015-06-09 13:40 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2015-06-09 13:40 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2015-06-09 13:40 - 2015-03-31 22:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2015-06-09 13:40 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2015-06-09 13:40 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2015-06-09 13:40 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2015-06-09 13:40 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2015-06-09 13:40 - 2015-03-19 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll

2015-06-09 13:40 - 2015-03-19 23:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll

2015-06-09 13:40 - 2015-03-19 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll

2015-06-09 13:40 - 2015-03-19 22:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2015-06-09 13:40 - 2015-03-01 21:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll

2015-06-09 13:40 - 2015-03-01 21:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll

2015-06-07 14:34 - 2015-06-07 14:34 - 00066662 _____ C:\Users\Roman\Downloads\[kat.cr]oliver.koletzki.discography.2005.2014.mp3.win32.torrent

2015-06-07 14:23 - 2015-06-07 14:23 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2015-06-07 14:20 - 2015-06-07 14:22 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software

2015-06-07 14:20 - 2015-06-07 14:20 - 00001281 _____ C:\Users\Public\Desktop\NCH Suite.lnk

2015-06-07 14:20 - 2015-06-07 14:20 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter.lnk

2015-06-07 14:20 - 2015-06-07 14:20 - 00001149 _____ C:\Users\Public\Desktop\Switch Sound File Converter.lnk

2015-06-07 14:20 - 2015-06-07 14:20 - 00000000 ____D C:\ProgramData\NCH Software

2015-06-07 14:20 - 2015-06-07 14:20 - 00000000 ____D C:\Program Files (x86)\NCH Software

2015-06-07 14:19 - 2015-06-07 14:21 - 00000000 ____D C:\Users\Roman\AppData\Roaming\NCH Software

2015-06-07 14:19 - 2015-06-07 14:19 - 00656448 _____ (NCH Software) C:\Users\Roman\Downloads\switchsetup.exe

2015-06-07 14:10 - 2015-06-07 14:24 - 00000000 ____D C:\Users\Roman\AppData\Roaming\MusicBee

2015-06-07 14:10 - 2015-06-07 14:10 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee

2015-06-07 14:10 - 2015-06-07 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee

2015-06-07 14:10 - 2015-06-07 14:10 - 00000000 ____D C:\Program Files (x86)\MusicBee

2015-06-07 14:05 - 2015-06-07 14:05 - 15481103 _____ C:\Users\Roman\Downloads\MusicBeeSetup_2_4.zip

2015-06-07 13:59 - 2015-06-07 13:59 - 00012810 _____ C:\Users\Roman\Downloads\[kat.cr]hvob.trialog.2015.flac.torrent

2015-06-06 09:36 - 2015-06-06 09:36 - 00012795 _____ C:\Users\jenna_000\Downloads\Payment Receipt - PayPal.html

2015-06-06 09:35 - 2015-06-06 09:32 - 00012795 _____ C:\Users\jenna_000\Desktop\Payment Receipt - PayPal.html

2015-06-06 09:32 - 2015-06-06 09:32 - 00012795 _____ C:\Users\jenna_000\Desktop\Medical Insurance Payment Receipt - PayPal.html

2015-06-06 09:32 - 2015-06-06 09:32 - 00000000 ____D C:\Users\jenna_000\Desktop\Medical Insurance Payment Receipt - PayPal_files

2015-06-04 21:40 - 2015-06-04 21:40 - 00013400 _____ C:\Users\Roman\Downloads\[kat.cr]malwarebytes.anti.malware.premium.2.0.4.1028.final.keys.atom.torrent

2015-06-04 21:13 - 2015-06-04 21:13 - 00000000 ____D C:\Users\Roman\AppData\Local\GWX

2015-06-04 11:21 - 2015-06-04 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2015-06-04 11:21 - 2015-06-04 11:21 - 00000000 ____D C:\Program Files\iTunes

2015-06-04 11:21 - 2015-06-04 11:21 - 00000000 ____D C:\Program Files\iPod

2015-06-04 11:21 - 2015-06-04 11:21 - 00000000 ____D C:\Program Files (x86)\iTunes

2015-06-04 11:21 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2015-06-04 11:19 - 2015-06-04 11:19 - 152362800 _____ (Apple Inc.) C:\Users\jenna_000\Downloads\iTunes6464Setup.exe

2015-06-03 08:38 - 2015-06-03 08:38 - 00000000 ____D C:\Users\jenna_000\AppData\Local\GWX

2015-06-02 08:51 - 2015-06-02 08:51 - 00000000 ____D C:\Users\Roman\AppData\Local\Avg

2015-06-02 08:51 - 2015-06-02 08:51 - 00000000 ____D C:\Users\jenna_000\AppData\Local\Avg

2015-06-02 08:51 - 2015-06-02 08:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software

2015-06-02 08:51 - 2015-06-02 08:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

2015-05-23 10:26 - 2015-05-23 10:26 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-05-22 21:06 - 2015-05-22 21:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-05-22 20:27 - 2015-05-22 21:47 - 00000000 ____D C:\Users\Roman\AppData\Roaming\BID

2015-05-22 20:27 - 2015-05-22 20:28 - 00000000 ____D C:\Program Files (x86)\Bulk Image Downloader

2015-05-22 20:27 - 2015-05-22 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Image Downloader

2015-05-22 20:05 - 2015-05-22 20:05 - 00378553 _____ C:\Users\Roman\Downloads\WD_SES_Driver_Setup_x64 (1).zip

2015-05-22 19:52 - 2015-05-22 19:52 - 06483534 _____ C:\Users\Roman\Downloads\WDDriveUtilitiesSetup_for_Windows_1_1_0_51.zip

2015-05-22 19:50 - 2015-05-22 19:50 - 00000000 ____D C:\Users\Roman\AppData\Local\Western Digital

2015-05-22 19:47 - 2015-06-18 19:31 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat

2015-05-22 19:44 - 2015-05-22 19:45 - 10036828 _____ C:\Users\Roman\Downloads\WDSecuritySetup_for_web_1.1.1.3.zip

2015-05-22 19:43 - 2015-05-22 19:53 - 00019224 _____ C:\Windows\DPINST.LOG

2015-05-22 19:43 - 2015-05-22 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital

2015-05-22 19:43 - 2015-05-22 19:43 - 00000000 ____D C:\Users\Roman\AppData\Local\Western_Digital_Technolog

2015-05-22 19:42 - 2015-05-22 20:05 - 00000000 ____D C:\Program Files\WDCSAM

2015-05-22 19:42 - 2015-05-22 19:53 - 00000000 ____D C:\Program Files (x86)\Western Digital

2015-05-22 19:42 - 2015-05-22 19:42 - 41331910 _____ C:\Users\Roman\Downloads\WD_SmartWare_Installer_2.4.10.17.zip

2015-05-22 19:42 - 2015-05-22 19:42 - 00000000 ____D C:\Program Files\Western Digital

2015-05-22 19:42 - 2015-05-22 19:42 - 00000000 ____D C:\Program Files\DIFX

2015-05-22 19:42 - 2015-05-22 19:42 - 00000000 ____D C:\Program Files\Common Files\Western Digital

2015-05-22 19:41 - 2015-05-22 19:41 - 00378553 _____ C:\Users\Roman\Downloads\WD_SES_Driver_Setup_x64.zip

2015-05-22 19:26 - 2015-05-22 19:26 - 00111867 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.282.20.years.old.girl.720p.mp4.torrent

2015-05-22 19:26 - 2015-05-22 19:26 - 00011441 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.18.years.old.episode.283.e283.xxx.hd.720p.torrent

2015-05-22 19:14 - 2015-05-22 19:14 - 00140424 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.20.years.old.episode.285.new.24.october.2014.720p.torrent

2015-05-22 19:04 - 2015-05-22 19:04 - 00011441 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.19.years.old.episode.286.e286.xxx.hd.720p.torrent

2015-05-22 19:03 - 2015-05-22 19:04 - 00135522 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.287.18.years.old.720p.mp4.torrent

2015-05-22 19:03 - 2015-05-22 19:03 - 00011521 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.18.years.old.episode.288.e288.xxx.hd.720p (1).torrent

2015-05-22 19:01 - 2015-05-22 19:01 - 00136567 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.289.20.years.old.girl.720p.mp4.torrent

2015-05-22 19:01 - 2015-05-22 19:01 - 00011521 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.18.years.old.episode.288.e288.xxx.hd.720p.torrent

2015-05-22 19:00 - 2015-05-22 19:00 - 00011421 _____ C:\Users\Roman\Downloads\[kat.cr]girlsdoporn.20.years.old.episode.290.e290.xxx.hd.720p.torrent

2015-05-22 18:42 - 2015-05-22 18:42 - 00017135 _____ C:\Users\Roman\Downloads\[Pornbay.org]GirlsDoPorn E302.18. Years Old XXX (1).torrent

2015-05-22 18:42 - 2015-05-22 18:42 - 00013684 _____ C:\Users\Roman\Downloads\[Pornbay.org][GirlsDoPorn] - E313 21 Years Old - [720p].torrent

2015-05-22 18:41 - 2015-05-22 18:41 - 00017135 _____ C:\Users\Roman\Downloads\[Pornbay.org]GirlsDoPorn E302.18. Years Old XXX.torrent

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-18 20:46 - 2014-07-25 01:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-06-18 20:36 - 2015-04-19 16:26 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-18 20:35 - 2014-07-25 18:53 - 00000000 ____D C:\Users\Roman\AppData\Roaming\uTorrent

2015-06-18 20:30 - 2015-04-19 15:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-18 20:02 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru

2015-06-18 19:52 - 2014-07-23 23:59 - 01549417 _____ C:\Windows\WindowsUpdate.log

2015-06-18 19:38 - 2014-07-24 00:05 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FA9BC521-786D-4092-B9EF-99326F267EF0}

2015-06-18 19:37 - 2013-09-30 15:53 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI

2015-06-18 19:36 - 2015-04-18 03:23 - 00000000 ____D C:\ProgramData\MFAData

2015-06-18 19:36 - 2014-07-24 00:41 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Spotify

2015-06-18 19:35 - 2014-07-24 00:04 - 00000000 ___DO C:\Users\Roman\SkyDrive

2015-06-18 19:34 - 2014-09-02 10:06 - 00000000 ____D C:\Users\jenna_000

2015-06-18 19:33 - 2014-07-11 08:56 - 00006464 _____ C:\Windows\SysWOW64\Gms.log

2015-06-18 19:31 - 2015-04-19 16:26 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-18 19:31 - 2014-10-31 20:42 - 00055144 _____ C:\Windows\setupact.log

2015-06-18 19:31 - 2014-07-24 00:41 - 00000000 ____D C:\Users\Roman\AppData\Local\Spotify

2015-06-18 19:30 - 2014-07-11 08:59 - 00000000 ____D C:\ProgramData\NVIDIA

2015-06-18 19:30 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-06-17 21:10 - 2014-07-26 09:33 - 00000000 ____D C:\Users\Roman\AppData\Roaming\vlc

2015-06-17 21:01 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness

2015-06-16 11:00 - 2014-09-27 12:26 - 00000000 ____D C:\Users\jenna_000\AppData\Roaming\Spotify

2015-06-16 11:00 - 2014-09-27 12:26 - 00000000 ____D C:\Users\jenna_000\AppData\Local\Spotify

2015-06-16 11:00 - 2014-09-02 10:11 - 00000000 __RDO C:\Users\jenna_000\OneDrive

2015-06-16 10:59 - 2013-08-22 09:25 - 00524288 ___SH C:\Windows\system32\config\BBI

2015-06-16 09:46 - 2014-09-05 17:06 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{272DB882-AAC7-4FA3-B570-FD75C7B915A4}

2015-06-15 22:53 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\ELAM

2015-06-12 23:03 - 2014-07-24 00:09 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1674824579-1137781311-3632366173-1001

2015-06-11 15:18 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache

2015-06-10 21:22 - 2014-09-02 10:15 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1674824579-1137781311-3632366173-1002

2015-06-10 20:32 - 2014-10-29 23:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2015-06-10 20:32 - 2014-10-29 22:48 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-06-09 21:58 - 2013-08-22 10:44 - 00482504 _____ C:\Windows\system32\FNTCACHE.DAT

2015-06-09 13:58 - 2015-04-14 15:25 - 00000000 ____D C:\Windows\system32\appraiser

2015-06-09 13:58 - 2015-03-11 16:21 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-06-09 13:58 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData

2015-06-09 13:58 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-06-09 13:48 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp

2015-06-09 13:48 - 2013-08-22 09:25 - 00000167 _____ C:\Windows\win.ini

2015-06-09 13:46 - 2015-01-16 11:46 - 18169520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2015-06-09 13:46 - 2014-07-25 19:24 - 00000000 ____D C:\Windows\system32\MRT

2015-06-09 13:46 - 2014-07-25 01:08 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-06-09 13:44 - 2014-07-25 19:24 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-06-07 14:10 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\LiveKernelReports

2015-06-05 08:44 - 2014-09-02 10:06 - 00000000 ____D C:\Users\jenna_000\AppData\Local\Packages

2015-06-04 22:31 - 2015-04-19 15:51 - 00013806 _____ C:\Windows\system32\avgrep.txt

2015-06-04 11:21 - 2014-09-27 15:43 - 00000000 ____D C:\Program Files\Common Files\Apple

2015-06-03 12:18 - 2014-07-27 22:02 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-06-03 12:18 - 2014-07-27 22:02 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-06-02 08:51 - 2015-04-18 03:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2015-05-23 10:45 - 2014-07-24 21:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-05-23 10:45 - 2013-09-30 15:26 - 00710038 _____ C:\Windows\PFRO.log

2015-05-23 10:26 - 2015-04-19 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-05-23 10:26 - 2015-04-19 15:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-05-22 19:42 - 2015-03-19 20:31 - 00000000 ____D C:\ProgramData\Western Digital

2015-05-22 19:42 - 2014-07-11 08:50 - 00000000 ____D C:\ProgramData\Package Cache

2015-05-22 19:37 - 2015-04-06 19:43 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-05-22 19:37 - 2015-04-06 19:43 - 00000000 ___SD C:\Windows\system32\GWX

 

==================== Files in the root of some directories =======

 

2014-07-11 08:53 - 2014-07-11 08:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

 

Some files in TEMP:

====================

C:\Users\Roman\AppData\Local\Temp\CoH2Trainer.CETack-x86.dll

C:\Users\Roman\AppData\Local\Temp\ExPromo.exe

C:\Users\Roman\AppData\Local\Temp\SpOrder.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-06-18 19:41

 

==================== End of log ============================

[roman89]

this winsock radioplayer keep showing up on my malwarebytes premium edition, i click remove it removes it and than next boot its there again

[AdvancedSetup]

Task: {5CE4498C-394F-4AAB-B6F2-4FD7C0FB1FA1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe

[AdvancedSetup]

This topic will now be closed due to evidence of cracked or pirated software on this system.

Piracy Policy