Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have a virus though not sure what it is


  • This topic is locked This topic is locked
19 replies to this topic

#1 Bright10A

Bright10A

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:11 AM

Posted 01 December 2014 - 08:30 PM

I have a virus on my PC that I have actually gotten before. I removed it but I recently got it again :( What this virus does is crash Windows processes on my PC such as Windows Defender, Windows Explorer, and others as well. The virus also gives me blue screens on my PC sometimes which is very annoying. Whenever one of these Windows processes crash, I usually get an error message like this:

 

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_7ef5bd66c4334ff0383c84883ca24d874e1892_cab_079289e0\WER8983.tmp.appcompat.txt

 

Sometimes the error message will be different, for example instead of svchost.exe sometimes it will say dllhost.exe. Anyway I have no idea how to get rid of this virus and have tried with things such as Malwarebytes and AdwCleaner. Any help with this would be much appreciated.

 

 
My DDS Log:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 11.25.2
Run by Max Wren at 17:20:26 on 2014-12-01
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8157.5129 [GMT -8:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\SysWOW64\ANIWConnService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\SysWOW64\XSrvSetup.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
mRun: [D-Link D-Link RangeBooster N DWA-140] C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{040A3ED8-11A7-4C53-A7B4-DD71596687C9} : NameServer = 192.168.1.254
TCP: Interfaces\{370A14E5-2EFB-4986-9223-4190BE0051EC} : DHCPNameServer = 7.254.254.254
TCP: Interfaces\{5D0ED30A-1C8F-41B1-AFEF-8116942110DD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}\2375942554930393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}\84F6D656D275966696 : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
x64-Run: [VIAxHCUtl] C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Autodesk\Autodesk Player Plugin\npAdPlayerPlugin_FF.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Max Wren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
.
============= SERVICES / DRIVERS ===============
.
R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2013-8-6 15872]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2010-12-14 22240]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-8 361984]
R2 ANIWConnService;ANIWConn Service;C:\Windows\System32\ANIWConnService.exe --> C:\Windows\System32\ANIWConnService.exe [?]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-7 1148744]
R2 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2010-12-14 72304]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-4 1871160]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-3 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-3 19819848]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-3-1 105448]
R2 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-5-18 127488]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2014-8-29 27768]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-5-5 46136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-12-16 25816]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-27 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-11-11 38216]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2014-9-4 39592]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-9-4 160424]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2014-8-9 31232]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2014-8-29 690864]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\System32\drivers\ViaHub3.sys [2014-8-29 225792]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\System32\drivers\xhcdrv.sys [2014-8-29 295424]
S1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2014-8-29 22240]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2010-12-14 68136]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-4 968504]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-5-6 401920]
S3 AODDriver4.0;AODDriver4.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-4-10 49152]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-9 142640]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-5-9 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2014-8-29 30528]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-8-29 160256]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-4 63704]
S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-11-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2009-11-20 177152]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2013-6-9 1900400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-17 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-14 347680]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-23 56832]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-8-9 758224]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-16 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-01 08:57:58 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF7DAC3E-061B-4081-BB6D-9AD1D6158428}\mpengine.dll
2014-12-01 07:02:39 -------- d-sh--w- C:\Users\Max Wren\AppData\Local\EmieBrowserModeList
2014-11-26 07:47:03 4443312 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-11-23 05:19:56 -------- d-----w- C:\Users\Max Wren\AppData\Roaming\OpenOffice
2014-11-23 05:19:11 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2014-11-22 22:04:15 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-11-13 02:17:58 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-13 02:15:48 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-11-13 02:15:48 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-11-13 02:15:22 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-13 02:15:22 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-11-12 01:29:45 38216 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-11-12 01:29:45 32584 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-11-10 07:21:58 -------- d-----w- C:\garrysmod
2014-11-09 21:18:38 -------- d-----w- C:\Users\Max Wren\AppData\Roaming\Disney Interactive
2014-11-09 20:51:09 -------- d-----w- C:\Program Files (x86)\Disney Interactive
2014-11-06 03:00:27 -------- d-----w- C:\Users\Max Wren\AppData\Roaming\java
2014-11-06 02:47:32 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2014-12-02 01:11:19 25640 ----a-w- C:\Windows\gdrv.sys
2014-12-01 08:48:16 119296 ----a-w- C:\Windows\SysWow64\zlib.dll
2014-11-29 21:17:40 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-26 07:47:07 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 07:47:07 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-26 04:37:41 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-11-26 04:37:41 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-11-26 02:34:55 348928 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-11-24 22:43:04 76152 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-11-24 22:04:56 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-11-06 17:06:52 2197680 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-11-06 17:06:52 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-11-06 17:06:33 2800296 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-11-06 17:06:33 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-16 16:54:03 1876296 ----a-w- C:\Windows\System32\nvdispco6434448.dll
2014-10-16 16:54:03 1539272 ----a-w- C:\Windows\System32\nvdispgenco6434448.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 19:23:02 35144 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-01 18:11:26 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-01 18:11:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 18:11:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-30 05:32:42 901632 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
2014-09-30 05:32:36 419840 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:44 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-17 04:51:20 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-09-17 04:51:20 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-09-17 04:51:20 1538880 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-09-13 21:53:36 6890696 ----a-w- C:\Windows\System32\nvcpl.dll
2014-09-13 21:53:36 3529872 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-09-13 21:53:34 934216 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-09-13 21:53:34 62608 ----a-w- C:\Windows\System32\nvshext.dll
2014-09-13 21:53:34 385168 ----a-w- C:\Windows\System32\nvmctray.dll
2014-09-11 15:37:55 3961833 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-09-11 06:57:10 78848 ----a-w- C:\Windows\SysWow64\rzvirtualdev.dll
2014-09-11 06:57:08 155136 ----a-w- C:\Windows\SysWow64\rztouchdll.dll
2014-09-11 06:57:02 117248 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
.
============= FINISH: 17:21:30.74 ===============
 


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:11 AM

Posted 06 December 2014 - 08:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/558317 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Bright10A

Bright10A
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:11 AM

Posted 10 December 2014 - 08:11 PM

I do not have the original CD for my copy of Windows available.

 

New DDS Log:

 

 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 11.25.2
Run by Max Wren at 17:09:40 on 2014-12-10
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8157.5318 [GMT -8:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\SysWOW64\ANIWConnService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\SysWOW64\XSrvSetup.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Max Wren\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
mRun: [D-Link D-Link RangeBooster N DWA-140] C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{040A3ED8-11A7-4C53-A7B4-DD71596687C9} : NameServer = 192.168.1.254
TCP: Interfaces\{370A14E5-2EFB-4986-9223-4190BE0051EC} : DHCPNameServer = 7.254.254.254
TCP: Interfaces\{5D0ED30A-1C8F-41B1-AFEF-8116942110DD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}\2375942554930393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}\84F6D656D275966696 : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
x64-Run: [VIAxHCUtl] C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Autodesk\Autodesk Player Plugin\npAdPlayerPlugin_FF.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Max Wren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
.
============= SERVICES / DRIVERS ===============
.
R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2013-8-6 15872]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2010-12-14 22240]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-8 361984]
R2 ANIWConnService;ANIWConn Service;C:\Windows\System32\ANIWConnService.exe --> C:\Windows\System32\ANIWConnService.exe [?]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-7 1148744]
R2 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2010-12-14 72304]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-4 1871160]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-3 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-3 19819848]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-3-1 105448]
R2 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-5-18 127488]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2014-8-29 27768]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-5-5 46136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-12-16 25816]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-27 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-11-11 38216]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2014-9-4 39592]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-9-4 160424]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2014-8-9 31232]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2014-8-29 690864]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\System32\drivers\ViaHub3.sys [2014-8-29 225792]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\System32\drivers\xhcdrv.sys [2014-8-29 295424]
S1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2014-8-29 22240]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2010-12-14 68136]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-4 968504]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-5-6 401920]
S3 AODDriver4.0;AODDriver4.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-4-10 49152]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-9 142640]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-5-9 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2014-8-29 30528]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-8-29 160256]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-4 129752]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-4 63704]
S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-11-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2009-11-20 177152]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2013-6-9 1900400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-17 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-14 347680]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-23 56832]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-8-9 758224]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-16 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-07 19:25:20 -------- d-sh--w- C:\found.000
2014-12-06 12:49:25 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3FD300E-3C6F-4F54-BF01-4490170D6B61}\mpengine.dll
2014-12-01 07:02:39 -------- d-sh--w- C:\Users\Max Wren\AppData\Local\EmieBrowserModeList
2014-11-23 05:19:56 -------- d-----w- C:\Users\Max Wren\AppData\Roaming\OpenOffice
2014-11-23 05:19:11 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2014-11-22 22:04:15 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-11-13 02:17:58 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-11-13 02:15:48 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-11-13 02:15:48 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-11-13 02:15:22 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-13 02:15:22 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-11-12 01:29:45 38216 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-11-12 01:29:45 32584 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
.
==================== Find3M  ====================
.
2014-12-11 00:53:43 119296 ----a-w- C:\Windows\SysWow64\zlib.dll
2014-12-11 00:53:41 25640 ----a-w- C:\Windows\gdrv.sys
2014-12-10 00:47:07 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 00:47:07 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-02 05:08:33 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-26 04:37:41 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-11-26 04:37:41 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-11-26 02:34:55 348928 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-11-24 22:43:04 76152 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-11-24 22:04:56 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-11-06 17:06:52 2197680 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-11-06 17:06:52 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-11-06 17:06:33 2800296 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-11-06 17:06:33 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:47:18 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-16 16:54:03 1876296 ----a-w- C:\Windows\System32\nvdispco6434448.dll
2014-10-16 16:54:03 1539272 ----a-w- C:\Windows\System32\nvdispgenco6434448.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 19:23:02 35144 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-01 18:11:26 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-01 18:11:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 18:11:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-30 05:32:42 901632 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
2014-09-30 05:32:36 419840 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:44 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-17 04:51:20 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-09-17 04:51:20 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-09-17 04:51:20 1538880 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-09-13 21:53:36 6890696 ----a-w- C:\Windows\System32\nvcpl.dll
2014-09-13 21:53:36 3529872 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-09-13 21:53:34 934216 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-09-13 21:53:34 62608 ----a-w- C:\Windows\System32\nvshext.dll
2014-09-13 21:53:34 385168 ----a-w- C:\Windows\System32\nvmctray.dll
.
============= FINISH: 17:10:32.74 ===============


#4 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:03:11 AM

Posted 13 December 2014 - 07:40 PM

:welcome:

 

Sorry for the delay but it gets a bit crazy around here most times

 

Download Malwarebytes' Anti-Malware  to your desktop. 
 
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAM203_zps0a230260.jpg
     
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Threat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked<----------
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished click on VIEW DETAILED LOG
  • When it opens click on COPY TO CLIPBOARD
  • Then paste the log back into this thread for review
  • Exit Malwarebytes
  •  
     
    ==========================================================
     
    Then run this other scanner that will show us more than DDS will
     
     

    Please download Farbar Recovery Scan Tool and save it to your DESKTOP
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
    FRST_zps5d956a1a.jpg
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Just keep the defaults as in the picture checkmarked
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #5 Bright10A

    Bright10A
    • Topic Starter

    • Members
    • 51 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:11 AM

    Posted 14 December 2014 - 12:13 AM

    Hi I ran the programs as you instructed.

     

    Malwarebytes Log:

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Scan Date: 12/13/2014
    Scan Time: 8:55:06 PM
    Logfile: 
    Administrator: Yes
     
    Version: 2.00.4.1028
    Malware Database: v2014.12.14.02
    Rootkit Database: v2014.12.08.03
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
     
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Max Wren
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 408928
    Time Elapsed: 11 min, 10 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registry Keys: 0
    (No malicious items detected)
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 0
    (No malicious items detected)
     
    Files: 0
    (No malicious items detected)
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)
     
     
    Farbar Recovery Scan Log:
     
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
    Ran by Max Wren (administrator) on SASUKEUCHIHA-PC on 13-12-2014 21:09:43
    Running from C:\Users\Max Wren\Downloads
    Loaded Profile: Max Wren (Available profiles: Max Wren & Mcx1-MAXWREN-PC)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    () C:\Windows\SysWOW64\ANIWConnService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    () C:\Windows\SysWOW64\XSrvSetup.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
    (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    (VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
    (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    (Wireless Service) C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    (D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google) C:\Users\Max Wren\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA)
    HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monito
    HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-18] ()
    HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
    HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-09-29] (Razer Inc.)
    HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)
    HKLM-x32\...\Run: [D-Link D-Link RangeBooster N DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Run: [Google Update] => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
    HKU\S-1-5-18\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
    BootExecute: 
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {12DC6175-B360-2C25-BF0E-2B6E49ADC9F3} URL = http://www.bing.com/search?q={searchTerms}&pc=Z152&form=ZGAIDF&install_date=20110903&iesrc={referrer:source}
    SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {184920D7-ECF1-46bf-8E2F-3383170E70A1} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
    SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {43081D27-946D-4BC1-BA35-59FA0477A7B0} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
    BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{040A3ED8-11A7-4C53-A7B4-DD71596687C9}: [NameServer] 192.168.1.254
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
    FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
    FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @autodesk.com/Autodesk Player Plugin,version=1.1.0.1 -> C:\Program Files (x86)\Autodesk\Autodesk Player Plugin\npAdPlayerPlugin_FF.dll (Autodesk)
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
    FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
    FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
    FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
    FF Plugin-x32: @fileplanet.com/fpdlm -> C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @talk.google.com/O1DPlugin -> C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max Wren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Users\Max Wren\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Max Wren\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF Extension: Adblock Plus - C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-24]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-11]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-11]
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-20]
    FF HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
     
    Chrome: 
    =======
    CHR HomePage: Default -> https://www.google.com/
    CHR StartupUrls: Default -> "https://www.google.com/"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Angry Birds) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-05-11]
    CHR Extension: (Google Docs) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-11]
    CHR Extension: (Google Drive) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-11]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
    CHR Extension: (WOT) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-11]
    CHR Extension: (YouTube) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-11]
    CHR Extension: (Adblock Plus) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-05-11]
    CHR Extension: (Google Search) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-11]
    CHR Extension: (Google Wallet) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
    CHR Extension: (Gmail) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-11]
    CHR Profile: C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (YouTube) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-10]
    CHR Extension: (Google Search) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-10]
    CHR Extension: (General Crawler) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2012-08-10]
    CHR Extension: (Skype Click to Call) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-10]
    CHR Extension: (Gmail) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-10]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-12-13] (SUPERAntiSpyware.com) [File not signed]
    S3 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-08] (Advanced Micro Devices, Inc.) [File not signed]
    R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [151552 2009-07-07] () [File not signed]
    S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-10] () [File not signed]
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-05-18] (Microsoft Corporation) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
    S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-18] ()
    R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-25] (Electronic Arts)
    S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-24] ()
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
    R2 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [127488 2012-05-18] (Microsoft Corporation) [File not signed]
    S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
    R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
    S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [X]
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
    S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
    R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
    R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-12-31] ()
    S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
    S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
    S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-08-29] ()
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-12-31] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-13] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [987648 2009-08-05] (Ralink Technology Corp.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
    R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-04] (Razer Inc)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
    R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
    S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
    R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
    R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-13 21:09 - 2014-12-13 21:10 - 00031001 _____ () C:\Users\Max Wren\Downloads\FRST.txt
    2014-12-13 21:08 - 2014-12-13 21:09 - 00000000 ____D () C:\FRST
    2014-12-13 21:07 - 2014-12-13 21:08 - 02119168 _____ (Farbar) C:\Users\Max Wren\Downloads\FRST64.exe
    2014-12-11 21:01 - 2014-12-11 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
    2014-12-11 21:01 - 2014-12-11 21:01 - 00000000 ____D () C:\ProgramData\Auslogics
    2014-12-11 21:01 - 2014-12-11 21:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics
    2014-12-11 20:53 - 2014-12-11 20:53 - 06739960 _____ (Auslogics Labs Pty Ltd ) C:\Users\Max Wren\Downloads\disk-defrag-setup.exe
    2014-12-07 11:25 - 2014-12-07 11:25 - 00000000 __SHD () C:\found.000
    2014-12-06 11:27 - 2014-12-06 11:27 - 04890736 _____ (Piriform Ltd) C:\Users\Max Wren\Downloads\spsetup126.exe
    2014-12-06 11:25 - 2014-12-06 11:25 - 00401920 _____ (Farbar) C:\Users\Max Wren\Downloads\MiniToolBox (1).exe
    2014-12-06 00:18 - 2014-12-06 00:19 - 02347384 _____ (ESET) C:\Users\Max Wren\Downloads\esetsmartinstaller_enu (2).exe
    2014-12-06 00:09 - 2014-12-06 00:10 - 01707646 _____ (Thisisu) C:\Users\Max Wren\Downloads\JRT (2).exe
    2014-12-06 00:03 - 2014-12-06 00:03 - 00000055 _____ () C:\AdwCleanerDebug.txt
    2014-12-06 00:01 - 2014-12-06 00:01 - 02153472 _____ () C:\Users\Max Wren\Downloads\AdwCleaner (2).exe
    2014-12-05 23:38 - 2014-12-05 23:39 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max Wren\Downloads\tdsskiller (2).exe
    2014-12-05 21:28 - 2014-12-05 21:28 - 00003110 _____ () C:\Windows\System32\Tasks\{2D525CC8-7A01-41BB-896A-E609DAC78322}
    2014-12-05 21:27 - 2014-12-05 21:27 - 44835432 _____ (Skype Technologies S.A.) C:\Users\Max Wren\Downloads\SkypeSetupFull.exe
    2014-12-01 19:12 - 2014-12-01 19:12 - 00015156 _____ () C:\Users\Max Wren\Downloads\ComboFix12_1.txt
    2014-12-01 17:20 - 2014-12-01 17:20 - 00688992 ____R (Swearware) C:\Users\Max Wren\Downloads\dds (1).com
    2014-12-01 00:51 - 2014-12-01 00:51 - 01707646 _____ (Thisisu) C:\Users\Max Wren\Downloads\JRT (1).exe
    2014-12-01 00:47 - 2014-12-06 00:06 - 00003134 _____ () C:\Windows\PFRO.log
    2014-11-30 23:29 - 2014-11-30 23:29 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max Wren\Downloads\tdsskiller (1).exe
    2014-11-30 23:29 - 2014-11-30 23:29 - 02148864 _____ () C:\Users\Max Wren\Downloads\AdwCleaner (1).exe
    2014-11-30 23:02 - 2014-11-30 23:02 - 00000000 __SHD () C:\Users\Max Wren\AppData\Local\EmieBrowserModeList
    2014-11-28 17:31 - 2014-11-28 17:31 - 00003112 _____ () C:\Windows\System32\Tasks\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC}
    2014-11-23 18:33 - 2014-11-23 18:36 - 273827152 _____ (Ubisoft) C:\Users\Max Wren\Downloads\farcry3_1.05.exe
    2014-11-23 18:21 - 2014-12-05 23:56 - 00035254 _____ () C:\Windows\DirectX.log
    2014-11-23 17:55 - 2014-11-23 17:55 - 65561373 _____ () C:\Users\Max Wren\Downloads\B - Ziggy's Mod 3.12 Hardcore-63-3-12.zip
    2014-11-22 21:19 - 2014-11-22 21:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
    2014-11-22 21:19 - 2014-11-22 21:19 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\OpenOffice
    2014-11-22 21:19 - 2014-11-22 21:19 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
    2014-11-22 21:10 - 2014-11-22 21:15 - 140852175 _____ () C:\Users\Max Wren\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
    2014-11-22 16:00 - 2014-11-22 16:00 - 00675988 _____ () C:\Users\Max Wren\Downloads\Minecraft (2).exe
    2014-11-22 14:04 - 2014-11-22 14:04 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2014-11-22 14:02 - 2014-11-22 14:03 - 92658088 _____ (Oracle Corporation) C:\Users\Max Wren\Downloads\jre-8u25-windows-x64.exe
    2014-11-22 13:32 - 2014-11-22 13:32 - 00004371 _____ () C:\Users\Max Wren\Downloads\EWIs High SkyrimPrefs and inis v09-59810-V09.rar
    2014-11-22 13:13 - 2014-12-13 13:40 - 00006048 _____ () C:\Windows\setupact.log
    2014-11-22 13:13 - 2014-11-22 13:13 - 00000000 _____ () C:\Windows\setuperr.log
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-13 21:04 - 2010-12-13 19:44 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA.job
    2014-12-13 20:59 - 2010-12-31 12:06 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\Skype
    2014-12-13 20:52 - 2014-07-04 09:18 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-13 20:47 - 2012-06-08 21:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-13 20:27 - 2012-02-28 20:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-13 17:44 - 2014-10-10 22:37 - 01493422 _____ () C:\Windows\WindowsUpdate.log
    2014-12-13 17:04 - 2010-12-13 19:44 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core.job
    2014-12-13 16:29 - 2012-11-02 16:11 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\.minecraft
    2014-12-13 13:47 - 2009-07-13 20:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-13 13:47 - 2009-07-13 20:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-13 13:41 - 2013-08-06 10:29 - 00003284 _____ () C:\Windows\SysWOW64\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}
    2014-12-13 13:41 - 2013-08-06 10:29 - 00003284 _____ () C:\Users\Max Wren\AppData\Roaming\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}
    2014-12-13 13:40 - 2014-08-29 03:31 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
    2014-12-13 13:40 - 2014-08-22 20:56 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
    2014-12-13 13:40 - 2012-02-28 20:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-13 13:40 - 2010-12-14 15:11 - 00000073 _____ () C:\service.log
    2014-12-13 13:40 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-12 23:28 - 2014-09-07 21:45 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\CrashDumps
    2014-12-11 21:15 - 2010-12-14 21:00 - 00000000 ____D () C:\Users\Max Wren\Tech
    2014-12-11 20:17 - 2014-07-04 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-11 20:17 - 2014-07-04 08:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-10 17:05 - 2014-10-23 16:41 - 00052345 _____ () C:\Users\Max Wren\Downloads\Result.txt
    2014-12-09 17:28 - 2010-12-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-12-09 16:47 - 2012-06-08 21:24 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-09 16:47 - 2012-04-04 18:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-09 16:47 - 2011-05-15 14:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-06 11:28 - 2014-10-22 15:49 - 00000000 ____D () C:\Program Files\Speccy
    2014-12-06 10:54 - 2013-07-14 19:04 - 00000000 ____D () C:\Users\Max Wren\Documents\Telltale Games
    2014-12-06 01:24 - 2011-06-10 15:43 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2014-12-06 00:43 - 2010-12-13 19:13 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
    2014-12-06 00:43 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-12-06 00:35 - 2013-06-09 12:20 - 00000000 ____D () C:\Program Files (x86)\Origin
    2014-12-06 00:35 - 2011-10-18 19:46 - 00000000 ____D () C:\ProgramData\Origin
    2014-12-06 00:05 - 2014-03-16 15:11 - 00000000 ____D () C:\AdwCleaner
    2014-12-05 22:35 - 2009-07-13 21:08 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-12-01 00:47 - 2014-08-29 03:18 - 00000000 ____D () C:\Program Files\Google
    2014-12-01 00:47 - 2012-02-28 20:29 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-11-30 23:01 - 2010-12-13 19:44 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\Google
    2014-11-25 20:37 - 2013-09-20 21:09 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
    2014-11-25 20:37 - 2011-01-06 20:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
    2014-11-25 18:34 - 2011-10-01 19:17 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
    2014-11-24 14:43 - 2013-09-20 21:08 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2014-11-24 14:04 - 2010-12-13 19:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-11-23 18:03 - 2010-12-13 19:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-11-23 11:51 - 2009-07-13 21:13 - 00006736 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-11-23 11:45 - 2009-07-13 20:45 - 05057016 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-11-22 22:30 - 2011-12-15 16:52 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\Skyrim
    2014-11-22 22:25 - 2014-08-23 22:24 - 00002261 _____ () C:\Users\Mcx1-MAXWREN-PC\Desktop\Skyrim (SKSE).lnk
    2014-11-22 21:40 - 2010-12-13 19:06 - 00116928 _____ () C:\Users\Max Wren\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-11-22 21:19 - 2010-12-14 21:16 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
    2014-11-22 14:03 - 2011-08-26 12:57 - 00000000 ____D () C:\Program Files\Java
    2014-11-21 06:14 - 2014-07-04 08:50 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-11-21 06:14 - 2014-07-04 08:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-11-21 06:14 - 2010-12-16 19:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-11-14 22:22 - 2012-02-28 20:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-11-14 22:22 - 2012-02-28 20:29 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-11-14 16:59 - 2010-12-13 19:44 - 00003900 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA
    2014-11-14 16:59 - 2010-12-13 19:44 - 00003504 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core
    2014-11-13 00:54 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
    2014-11-13 00:28 - 2012-07-22 17:29 - 00000000 ____D () C:\Users\Max Wren\Documents\BioWare
     
    Some content of TEMP:
    ====================
    C:\Users\Max Wren\AppData\Local\Temp\Quarantine.exe
    C:\Users\Max Wren\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Max Wren\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-12-05 17:18
     
    ==================== End Of Log ============================

     

     

    Farbar Addition Log:

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2014
    Ran by Max Wren at 2014-12-13 21:10:21
    Running from C:\Users\Max Wren\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
    AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
    Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
    Amazon Music (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Amazon Amazon Music) (Version: 3.6.0.671 - Amazon Services LLC)
    AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
    ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version:  - )
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Verifier x64 External Package (Version: 8.59.8400 - Microsoft) Hidden
    Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
    Assassin's Creed Revelations Bonus Content (HKLM-x32\...\Assassin's Creed Revelations Bonus Content) (Version:  - Ubisoft)
    ATI AVIVO64 Codecs (Version: 11.6.0.50527 - ATI Technologies Inc.) Hidden
    Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.1.0.0 - Auslogics Labs Pty Ltd)
    Autodesk Player Plugin (HKLM-x32\...\Autodesk Player Plugin) (Version: 1.1.0.1 - Autodesk)
    AutoGreen B12.1220.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
    AutoGreen B12.1220.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Video Converter 7 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Video Editor 5 (HKLM-x32\...\AVS Video Editor_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version:  - Online Media Technologies Ltd.)
    AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
    Bandicam (HKLM-x32\...\Bandicam) (Version:  - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
    Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
    BioShock 2 (x32 Version: 1.0.0003.131 - Take-Two Interactive Software) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.) <==== ATTENTION
    BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
    Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
    Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
    CamStudio version 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
    CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
    Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
    Dead Rising 3 (HKLM-x32\...\Steam App 265550) (Version:  - Capcom Game Studio Vancouver)
    Defiance (HKLM-x32\...\Steam App 224600) (Version:  - Trion Worlds, Inc.)
    Digital Photo Navigator 1.5 (HKLM-x32\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version:  - )
    Disney Infinity 2.0 (HKLM-x32\...\{AD3C5D08-A89D-4E05-A0D2-CD24C6F689EE}) (Version: 1.96.2618 - Disney Interactive)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
    D-Link RangeBooster N DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version:  - D-Link)
    Download Manager 2.3.10 (HKLM-x32\...\Download Manager) (Version: 2.3.10 - IGN Entertainment, Inc.)
    Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
    Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
    Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    EasySaver B9.1214.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
    Everio MediaBrowser (HKLM-x32\...\{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}) (Version: 2.01.202 - PIXELA)
    Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0958 - Ezvid, inc.)
    Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
    Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
    Five Nights at Freddy's (HKLM-x32\...\Steam App 319510) (Version:  - Scott Cawthon)
    Five Nights at Freddy's DEMO (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Five Nights at Freddy's DEMO) (Version:  - )
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    GameStop App (HKLM-x32\...\GameStop App) (Version: 4.00 - GameStop)
    GameStop App (x32 Version: 4.00 - GameStop) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
    HP Deskjet 2510 series Help (HKLM-x32\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard)
    HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
    HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
    HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
    ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
    join.me (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\JoinMe) (Version: 1.10.1.253 - LogMeIn, Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Just Cause 2: Multiplayer - Dedicated Server (HKLM-x32\...\Steam App 261140) (Version:  - )
    Kits Configuration Installer (x32 Version: 8.59.8400 - Microsoft) Hidden
    K-Lite Codec Pack 9.5.5 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.5 - )
    Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version:  - )
    League of Legends (x32 Version: 1.3 - Riot Games) Hidden
    LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
    Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
    NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
    Need For Speed: Rivals (HKLM-x32\...\Need For Speed: Rivals) (Version:  - GameStop)
    Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
    Nero 9 Essentials (HKLM-x32\...\{653f0326-8ae0-4741-94c8-ec5cb4524739}) (Version:  - Nero AG)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
    NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
    NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
    ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
    OnLive (HKLM-x32\...\OnLive) (Version:  - OnLive)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.9 - Pando Networks Inc.)
    Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
    Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.8.2 - PowerUp Software)
    Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.42.0 - Razer Inc.)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22533 - Razer Inc.)
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
    Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    SDK Debuggers (x32 Version: 8.59.8400 - Microsoft Corporation) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1150 - SUPERAntiSpyware.com)
    Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
    System Requirements Lab CYRI (HKLM-x32\...\{2DF5765E-5386-4540-9383-DBC9A0A596F9}) (Version: 6.0.15.0 - Husdawg, LLC)
    The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\{12C85315-0989-4C28-8956-33458F464DD6}) (Version: 1.00.0000 - Atari)
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
    The Talos Principle Public Test (HKLM-x32\...\Steam App 330710) (Version:  - Croteam)
    The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
    The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
    The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
    Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
    Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
    Unity Web Player (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
    Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
    Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
    Who Is On My Wifi version 3.0.2 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.2 - IO3O LLC)
    WinASO Registry Optimizer 4.8.6 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version:  - X.M.Y International LLC)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Software Development Kit (HKLM-x32\...\{843e5a96-1ee3-4275-a965-14feac1cc02e}) (Version: 8.59.8400 - Microsoft Corporation)
    WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
    WizTree v1.05 (HKLM-x32\...\WizTree_is1) (Version:  - Antibody Software)
    WPT Redistributables (x32 Version: 8.59.8400 - Microsoft) Hidden
    WPTx64 (x32 Version: 8.59.8400 - Microsoft) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
     
    ==================== Restore Points  =========================
     
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 18:34 - 2014-08-06 07:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {08D04C5D-9094-4965-BF5F-C41C59B5D891} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {1919730D-0459-488E-A17F-3250ABCA32E6} - System32\Tasks\{3F15966D-4E41-4C06-A985-E954618C02C2} => pcalua.exe -a D:\EN_Fallout_3_DLC.EXE -d D:\
    Task: {1F6C4B3E-1DA5-403E-8619-88BB663CB672} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
    Task: {39C90007-CD6D-4F67-8368-85FCA008499D} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-MAXWREN-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: {3B539F2F-4BB8-43DC-8C5B-5428902B7D06} - System32\Tasks\{0AE2E2C7-9DFD-4AC6-87B3-196B0CE2941B} => pcalua.exe -a "C:\Program Files (x86)\Xfire\uninst.exe"
    Task: {3F23E68D-83B1-4C83-9FB9-9DE1EFD86C2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {4464552E-7C98-472D-8792-AD3D0CAA2E17} - System32\Tasks\{2D525CC8-7A01-41BB-896A-E609DAC78322} => Chrome.exe http://ui.skype.com/ui/0/7.0.0.100/en/go/help.faq.installer?LastError=1603
    Task: {47A439F7-DA01-428E-B95F-84722C90E9E8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
    Task: {5172FD06-BCD4-4CC7-8CBE-FA12D5D47FBD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
    Task: {58BD0D90-0D6A-4F70-BE91-EA9549F56D50} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
    Task: {596A1910-AE19-4ECD-B917-B7296E7DCEAC} - System32\Tasks\{A9CB67EF-216C-4403-B736-0E478B83AC7C} => pcalua.exe -a D:\SETUP.EXE -d D:\
    Task: {65D6EFC2-A4CA-4314-A943-DCEA9BA89FEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {6A18B040-1722-4741-8FA2-DAD8940CAFA2} - System32\Tasks\{3E13224D-0D6C-48C2-B8B7-F7D742ED4854} => c:\program files (x86)\opera\opera.exe
    Task: {6DFFF9FF-C2B3-4CBA-8852-2EBFA24A9818} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {6F980861-6139-4979-9534-9B971B495528} - System32\Tasks\{0F1F8CA1-0C6B-45AB-BE45-F550923021D5} => pcalua.exe -a "C:\Users\Max Wren\Desktop\classic_doom_3.1.3.1.exe" -d "C:\Users\Max Wren\Desktop"
    Task: {72D9F205-EF10-471F-B7F6-2703B9660E6E} - System32\Tasks\{E1B5CFA7-A915-4C58-A772-7A66CC9858B5} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/en/go/help.faq.installer?LastError=1603
    Task: {772967AF-83BE-4457-A129-72BADB5190C4} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
    Task: {7FE99B9B-8C6B-4C6C-9686-1F12FA61CBD1} - System32\Tasks\{F1CD42A5-8C3F-42BC-B016-74B0E6D40304} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon Demo\EAUninstall.exe"
    Task: {80928C2C-E941-4BD7-A737-4FF7CA962813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {878FD3C7-DE25-4742-B383-0E3B9B5B4247} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
    Task: {90668024-36E8-4F2F-B7D0-09A0BF121F91} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1291033962-1462433758-1048692052-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
    Task: {A749E729-2886-4A4D-B3E9-F587AF9F47EB} - System32\Tasks\{025A6C8D-E174-4CA2-B185-B685CE19B1DB} => pcalua.exe -a D:\SETUP.EXE -d D:\
    Task: {B3A9B670-6EC5-4E62-8372-BA6C0C8C5A02} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe
    Task: {BA8B1C84-611B-43B9-9D95-ADB85A39AD98} - System32\Tasks\{1BE47801-F50E-4F04-A009-5CB91F07D3CC} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
    Task: {C094112F-1384-4E89-ACCE-79491ADFC8A2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1291033962-1462433758-1048692052-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
    Task: {C453D996-CDE8-418C-B899-9D70E869C816} - System32\Tasks\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1603
    Task: {CA71D6A4-A8F8-49AC-B1F7-8C51616E869E} - System32\Tasks\{B76B5E2E-E639-4DF1-94A2-9655B4DC2EA2} => pcalua.exe -a D:\EN_Fallout_3_DLC.EXE -d D:\
    Task: {D1A85142-77BD-4B39-A83E-AB9BE210BE26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {E26A010F-53E0-4649-96C0-B11DEE48267F} - System32\Tasks\{6E94EEA5-0CAF-4FD2-B07C-AA11D0395C85} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/22350
    Task: {E45E0EAC-6BAF-45EB-A283-CA7FD5DDDE9D} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core.job => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA.job => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-01-03 13:12 - 2014-09-13 13:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2011-09-08 13:42 - 2011-09-08 13:42 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
    2013-08-06 10:24 - 2009-07-07 19:10 - 00151552 _____ () C:\Windows\SysWOW64\ANIWConnService.exe
    2010-12-14 15:15 - 2010-01-18 18:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
    2013-09-20 21:08 - 2014-11-24 14:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2012-10-03 14:34 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
    2014-05-12 01:49 - 2014-05-12 01:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
    2014-08-29 03:22 - 2012-11-13 23:22 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
    2014-08-29 03:22 - 2012-11-13 23:22 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
    2011-09-08 13:42 - 2011-09-08 13:42 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-08-06 10:23 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIOApi.dll
    2013-08-06 10:23 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIOApi.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
    2014-12-09 16:47 - 2014-12-09 16:47 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Camera Monitor SD.lnk => C:\Windows\pss\Camera Monitor SD.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameStop Now.lnk => C:\Windows\pss\GameStop Now.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Impulse Now.lnk => C:\Windows\pss\Impulse Now.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 2510 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 2510 series.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
    MSCONFIG\startupreg: Advanced SystemCare 4 => "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe"
    MSCONFIG\startupreg: Advanced SystemCare 5 => "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
    MSCONFIG\startupreg: Amazon Music => "C:\Users\Max Wren\AppData\Local\Amazon Music\Amazon Music Helper.exe"
    MSCONFIG\startupreg: AmazonGSDownloaderTray => C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
    MSCONFIG\startupreg: Application Restart #0 => C:\Users\Max Wren\AppData\Local\Google\Chrome\Application\chrome.exe  --flag-switches-begin --enable-print-preview --flag-switches-end --restore-last-session -- https://battlelog.battlefield.com/sso/Ciyvab0tregdVsBtboIpeChe4G6uzC1v5_-SIxmvSLJSyaAjwM50HSEWfT4XT5Cs3_Pmat7WI_3IzWO9EcNcoXQ4uJDMir0xszJfh5i_74hsDRT0pEUS_6uxCJJMXdn6
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"
    MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
    MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: Google Update => "C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
    MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    MSCONFIG\startupreg: Spotify => "C:\Users\Max Wren\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Max Wren\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-1291033962-1462433758-1048692052-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-1291033962-1462433758-1048692052-1006 - Limited - Enabled)
    Guest (S-1-5-21-1291033962-1462433758-1048692052-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1291033962-1462433758-1048692052-1002 - Limited - Enabled)
    Max Wren (S-1-5-21-1291033962-1462433758-1048692052-1001 - Administrator - Enabled) => C:\Users\Max Wren
    Mcx1-MAXWREN-PC (S-1-5-21-1291033962-1462433758-1048692052-1022 - Limited - Enabled) => C:\Users\Mcx1-MAXWREN-PC
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Realtek PCIe GBE Family Controller
    Description: Realtek PCIe GBE Family Controller
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: RTL8167
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (12/12/2014 11:28:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x000007fedf4b88e5
    Faulting process id: 0xc84
    Faulting application start time: 0xExplorer.EXE0
    Faulting application path: Explorer.EXE1
    Faulting module path: Explorer.EXE2
    Report Id: Explorer.EXE3
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: nvtray.exe, version: 7.17.13.4411, time stamp: 0x5414b512
    Faulting module name: NvUI.dll, version: 8.17.13.4411, time stamp: 0x5414a4de
    Exception code: 0xc000001d
    Fault offset: 0x00000000000746e6
    Faulting process id: 0x884
    Faulting application start time: 0xnvtray.exe0
    Faulting application path: nvtray.exe1
    Faulting module path: nvtray.exe2
    Report Id: nvtray.exe3
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: nvtray.exe, version: 7.17.13.4411, time stamp: 0x5414b512
    Faulting module name: NvUI.dll, version: 8.17.13.4411, time stamp: 0x5414a4de
    Exception code: 0xc000001d
    Fault offset: 0x00000000000746e6
    Faulting process id: 0x1038
    Faulting application start time: 0xnvtray.exe0
    Faulting application path: nvtray.exe1
    Faulting module path: nvtray.exe2
    Report Id: nvtray.exe3
     
    Error: (12/11/2014 09:01:18 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
    Error: (12/11/2014 09:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: nvtray.exe, version: 7.17.13.4411, time stamp: 0x5414b512
    Faulting module name: NvUI.dll, version: 8.17.13.4411, time stamp: 0x5414a4de
    Exception code: 0xc000001d
    Fault offset: 0x00000000000746e6
    Faulting process id: 0x338
    Faulting application start time: 0xnvtray.exe0
    Faulting application path: nvtray.exe1
    Faulting module path: nvtray.exe2
    Report Id: nvtray.exe3
     
    Error: (12/11/2014 09:01:17 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
    Error: (12/11/2014 09:01:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: nvtray.exe, version: 7.17.13.4411, time stamp: 0x5414b512
    Faulting module name: NvUI.dll, version: 8.17.13.4411, time stamp: 0x5414a4de
    Exception code: 0xc000001d
    Fault offset: 0x00000000000746e6
    Faulting process id: 0xe04
    Faulting application start time: 0xnvtray.exe0
    Faulting application path: nvtray.exe1
    Faulting module path: nvtray.exe2
    Report Id: nvtray.exe3
     
    Error: (12/11/2014 08:54:56 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
     
    System errors:
    =============
    Error: (12/13/2014 01:41:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (12/13/2014 01:41:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (12/13/2014 01:41:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (12/13/2014 01:41:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (12/13/2014 01:41:09 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (12/13/2014 01:41:09 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (12/13/2014 01:40:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (12/13/2014 01:40:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (12/13/2014 01:40:58 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (12/13/2014 01:40:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).
     
     
    Microsoft Office Sessions:
    =========================
    Error: (12/12/2014 11:28:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c0000005000007fedf4b88e5c8401d0166ee52b0f95C:\Windows\Explorer.EXEunknowna82f02c1-8299-11e4-b24c-bc6244f48ace
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: nvtray.exe7.17.13.44115414b512NvUI.dll8.17.13.44115414a4dec000001d00000000000746e688401d015d0cdda2f03C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\NvUI.dll0c82e07d-81c4-11e4-91a4-f4ebd4d110bb
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: nvtray.exe7.17.13.44115414b512NvUI.dll8.17.13.44115414a4dec000001d00000000000746e6103801d015d0cea682b1C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\NvUI.dll0c82925c-81c4-11e4-91a4-f4ebd4d110bb
     
    Error: (12/11/2014 09:01:18 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
    Error: (12/11/2014 09:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: nvtray.exe7.17.13.44115414b512NvUI.dll8.17.13.44115414a4dec000001d00000000000746e633801d015c8aa39d617C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\NvUI.dlle8067c39-81bb-11e4-91a4-f4ebd4d110bb
     
    Error: (12/11/2014 09:01:17 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
    Error: (12/11/2014 09:01:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: nvtray.exe7.17.13.44115414b512NvUI.dll8.17.13.44115414a4dec000001d00000000000746e6e0401d015c8a93a3ca9C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\NvUI.dlle772c58f-81bb-11e4-91a4-f4ebd4d110bb
     
    Error: (12/11/2014 08:54:56 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2014-08-06 08:53:29.390
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-06 08:53:29.103
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-06 08:53:28.814
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-06 08:53:28.525
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-02 19:23:44.646
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-02 19:23:44.356
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:22.581
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:22.308
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:22.036
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:21.764
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD FX™-8320 Eight-Core Processor 
    Percentage of memory in use: 40%
    Total physical RAM: 8156.66 MB
    Available physical RAM: 4891.22 MB
    Total Pagefile: 16311.49 MB
    Available Pagefile: 12068.9 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:465.66 GB) (Free:79.37 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8E1228C6)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================


    #6 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:03:11 AM

    Posted 14 December 2014 - 06:19 AM

    Good Morning,

     

    Your FRST log does not look bad, just a few things to fix, Malwarebytes found nothing so thats good

     

    I see you have CCleaner installed, just a word of warning, its a decent program but can cause problems especially running the registry cleaners so I would stay away from cleaning the registry

     

    You have FRST installed in your downloads folder, I am attaching a Fixlist file, download it to your download folder where you have FRST or the fix wont work, after you download it open up FRST64 and click on Fix, it will reboot your system and when it boots back up you will see a file named Fixlog in your downloads folder, post it please

    Attached Files


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #7 Bright10A

    Bright10A
    • Topic Starter

    • Members
    • 51 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:11 AM

    Posted 14 December 2014 - 05:52 PM

    Hi, I did as you instructed, here's the log:

     

    Fixlog:

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-12-2014
    Ran by Max Wren at 2014-12-14 14:47:08 Run:1
    Running from C:\Users\Max Wren\Downloads
    Loaded Profile: Max Wren (Available profiles: Max Wren & Mcx1-MAXWREN-PC)
    Boot Mode: Normal
    ==============================================
     
    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    CHR Extension: (General Crawler) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2012-08-10]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
    CMD: ipconfig /flushdns
    Hosts:
    EmptyTemp:
    End
    *****************
     
    Processes closed successfully.
    C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
    C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
    "HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
    C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel => Moved successfully.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => Key deleted successfully.
     
    =========  ipconfig /flushdns =========
     
     
    Windows IP Configuration
     
    Successfully flushed the DNS Resolver Cache.
     
    ========= End of CMD: =========
     
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 432.8 MB temporary data.
     
     
    The system needed a reboot. 
     
    ==== End of Fixlog ====


    #8 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:03:11 AM

    Posted 14 December 2014 - 07:00 PM

    Great, go ahead and run a new scan with FRST, be sure to checkmark Additions and post both logs please


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #9 Bright10A

    Bright10A
    • Topic Starter

    • Members
    • 51 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:11 AM

    Posted 14 December 2014 - 08:01 PM

    FRST Log:

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
    Ran by Max Wren (administrator) on SASUKEUCHIHA-PC on 14-12-2014 16:59:06
    Running from C:\Users\Max Wren\Downloads
    Loaded Profile: Max Wren (Available profiles: Max Wren & Mcx1-MAXWREN-PC)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    () C:\Windows\SysWOW64\ANIWConnService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    () C:\Windows\SysWOW64\XSrvSetup.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
    (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    (VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
    (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    (Wireless Service) C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    (D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google) C:\Users\Max Wren\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA)
    HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monito
    HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-18] ()
    HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
    HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-09-29] (Razer Inc.)
    HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)
    HKLM-x32\...\Run: [D-Link D-Link RangeBooster N DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Run: [Google Update] => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
    HKU\S-1-5-18\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
    BootExecute: 
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {12DC6175-B360-2C25-BF0E-2B6E49ADC9F3} URL = http://www.bing.com/search?q={searchTerms}&pc=Z152&form=ZGAIDF&install_date=20110903&iesrc={referrer:source}
    SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {184920D7-ECF1-46bf-8E2F-3383170E70A1} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
    SearchScopes: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001 -> {43081D27-946D-4BC1-BA35-59FA0477A7B0} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
    BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{040A3ED8-11A7-4C53-A7B4-DD71596687C9}: [NameServer] 192.168.1.254
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
    FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
    FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @autodesk.com/Autodesk Player Plugin,version=1.1.0.1 -> C:\Program Files (x86)\Autodesk\Autodesk Player Plugin\npAdPlayerPlugin_FF.dll (Autodesk)
    FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
    FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
    FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
    FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
    FF Plugin-x32: @fileplanet.com/fpdlm -> C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @talk.google.com/O1DPlugin -> C:\Users\Max Wren\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max Wren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKU\S-1-5-21-1291033962-1462433758-1048692052-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Users\Max Wren\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Max Wren\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF Extension: Adblock Plus - C:\Users\Max Wren\AppData\Roaming\Mozilla\Firefox\Profiles\7evw1m3g.default-1408922747848\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-24]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-11]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-11]
    FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
    FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-20]
    FF HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
     
    Chrome: 
    =======
    CHR HomePage: Default -> https://www.google.com/
    CHR StartupUrls: Default -> "https://www.google.com/"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Angry Birds) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-05-11]
    CHR Extension: (Google Docs) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-11]
    CHR Extension: (Google Drive) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-11]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
    CHR Extension: (WOT) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-11]
    CHR Extension: (YouTube) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-11]
    CHR Extension: (Adblock Plus) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-05-11]
    CHR Extension: (Google Search) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-11]
    CHR Extension: (Google Wallet) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
    CHR Extension: (Gmail) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-11]
    CHR Profile: C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (YouTube) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-10]
    CHR Extension: (Google Search) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-10]
    CHR Extension: (Skype Click to Call) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-10]
    CHR Extension: (Gmail) - C:\Users\Max Wren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-10]
    CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-12-13] (SUPERAntiSpyware.com) [File not signed]
    S3 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-08] (Advanced Micro Devices, Inc.) [File not signed]
    R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [151552 2009-07-07] () [File not signed]
    S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-04-10] () [File not signed]
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-05-18] (Microsoft Corporation) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
    S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-18] ()
    R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-25] (Electronic Arts)
    S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-24] ()
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
    R2 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [127488 2012-05-18] (Microsoft Corporation) [File not signed]
    S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
    R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
    S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [X]
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
    S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
    R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
    R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-12-31] ()
    S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
    S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
    S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-08-29] ()
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-12-31] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-13] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [987648 2009-08-05] (Ralink Technology Corp.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
    R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-04] (Razer Inc)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
    R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
    S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
    R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
    R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-14 16:46 - 2014-12-14 16:46 - 03469871 _____ (LIGHTNING UK!) C:\Users\Max Wren\Downloads\SetupImgBurn_2.5.8.0 (1).exe
    2014-12-14 16:45 - 2014-12-14 16:45 - 03469871 _____ (LIGHTNING UK!) C:\Users\Max Wren\Downloads\SetupImgBurn_2.5.8.0.exe
    2014-12-14 16:26 - 2014-12-14 16:26 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\Nero_AG
    2014-12-14 16:25 - 2014-12-14 16:25 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
    2014-12-14 16:22 - 2014-12-14 16:24 - 00000000 ____D () C:\Program Files (x86)\Nero
    2014-12-14 16:22 - 2014-12-14 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
    2014-12-14 16:17 - 2014-12-14 16:19 - 200029040 _____ (Nero AG) C:\Users\Max Wren\Downloads\Nero_MediaHome-16.0.01600_free.exe
    2014-12-14 16:00 - 2014-12-14 16:00 - 01857112 _____ () C:\Users\Max Wren\Downloads\memtest86-iso (1).zip
    2014-12-14 16:00 - 2014-12-14 16:00 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-12-14 15:57 - 2014-12-14 15:58 - 01857112 _____ () C:\Users\Max Wren\Downloads\memtest86-iso.zip
    2014-12-13 21:10 - 2014-12-13 21:10 - 00057059 _____ () C:\Users\Max Wren\Downloads\Addition.txt
    2014-12-13 21:09 - 2014-12-14 16:59 - 00030021 _____ () C:\Users\Max Wren\Downloads\FRST.txt
    2014-12-13 21:08 - 2014-12-14 16:59 - 00000000 ____D () C:\FRST
    2014-12-13 21:07 - 2014-12-13 21:08 - 02119168 _____ (Farbar) C:\Users\Max Wren\Downloads\FRST64.exe
    2014-12-11 21:01 - 2014-12-11 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
    2014-12-11 21:01 - 2014-12-11 21:01 - 00000000 ____D () C:\ProgramData\Auslogics
    2014-12-11 21:01 - 2014-12-11 21:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics
    2014-12-11 20:53 - 2014-12-11 20:53 - 06739960 _____ (Auslogics Labs Pty Ltd ) C:\Users\Max Wren\Downloads\disk-defrag-setup.exe
    2014-12-07 11:25 - 2014-12-07 11:25 - 00000000 __SHD () C:\found.000
    2014-12-06 11:27 - 2014-12-06 11:27 - 04890736 _____ (Piriform Ltd) C:\Users\Max Wren\Downloads\spsetup126.exe
    2014-12-06 11:25 - 2014-12-06 11:25 - 00401920 _____ (Farbar) C:\Users\Max Wren\Downloads\MiniToolBox (1).exe
    2014-12-06 00:18 - 2014-12-06 00:19 - 02347384 _____ (ESET) C:\Users\Max Wren\Downloads\esetsmartinstaller_enu (2).exe
    2014-12-06 00:09 - 2014-12-06 00:10 - 01707646 _____ (Thisisu) C:\Users\Max Wren\Downloads\JRT (2).exe
    2014-12-06 00:03 - 2014-12-06 00:03 - 00000055 _____ () C:\AdwCleanerDebug.txt
    2014-12-06 00:01 - 2014-12-06 00:01 - 02153472 _____ () C:\Users\Max Wren\Downloads\AdwCleaner (2).exe
    2014-12-05 23:38 - 2014-12-05 23:39 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max Wren\Downloads\tdsskiller (2).exe
    2014-12-05 21:28 - 2014-12-05 21:28 - 00003110 _____ () C:\Windows\System32\Tasks\{2D525CC8-7A01-41BB-896A-E609DAC78322}
    2014-12-05 21:27 - 2014-12-05 21:27 - 44835432 _____ (Skype Technologies S.A.) C:\Users\Max Wren\Downloads\SkypeSetupFull.exe
    2014-12-01 19:12 - 2014-12-01 19:12 - 00015156 _____ () C:\Users\Max Wren\Downloads\ComboFix12_1.txt
    2014-12-01 17:20 - 2014-12-01 17:20 - 00688992 ____R (Swearware) C:\Users\Max Wren\Downloads\dds (1).com
    2014-12-01 00:51 - 2014-12-01 00:51 - 01707646 _____ (Thisisu) C:\Users\Max Wren\Downloads\JRT (1).exe
    2014-12-01 00:47 - 2014-12-06 00:06 - 00003134 _____ () C:\Windows\PFRO.log
    2014-11-30 23:29 - 2014-11-30 23:29 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max Wren\Downloads\tdsskiller (1).exe
    2014-11-30 23:29 - 2014-11-30 23:29 - 02148864 _____ () C:\Users\Max Wren\Downloads\AdwCleaner (1).exe
    2014-11-30 23:02 - 2014-11-30 23:02 - 00000000 __SHD () C:\Users\Max Wren\AppData\Local\EmieBrowserModeList
    2014-11-28 17:31 - 2014-11-28 17:31 - 00003112 _____ () C:\Windows\System32\Tasks\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC}
    2014-11-23 18:33 - 2014-11-23 18:36 - 273827152 _____ (Ubisoft) C:\Users\Max Wren\Downloads\farcry3_1.05.exe
    2014-11-23 18:21 - 2014-12-05 23:56 - 00035254 _____ () C:\Windows\DirectX.log
    2014-11-23 17:55 - 2014-11-23 17:55 - 65561373 _____ () C:\Users\Max Wren\Downloads\B - Ziggy's Mod 3.12 Hardcore-63-3-12.zip
    2014-11-22 21:19 - 2014-11-22 21:19 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
    2014-11-22 21:19 - 2014-11-22 21:19 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\OpenOffice
    2014-11-22 21:19 - 2014-11-22 21:19 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
    2014-11-22 21:10 - 2014-11-22 21:15 - 140852175 _____ () C:\Users\Max Wren\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe
    2014-11-22 16:00 - 2014-11-22 16:00 - 00675988 _____ () C:\Users\Max Wren\Downloads\Minecraft (2).exe
    2014-11-22 14:04 - 2014-11-22 14:04 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2014-11-22 14:02 - 2014-11-22 14:03 - 92658088 _____ (Oracle Corporation) C:\Users\Max Wren\Downloads\jre-8u25-windows-x64.exe
    2014-11-22 13:32 - 2014-11-22 13:32 - 00004371 _____ () C:\Users\Max Wren\Downloads\EWIs High SkyrimPrefs and inis v09-59810-V09.rar
    2014-11-22 13:13 - 2014-12-14 14:48 - 00006888 _____ () C:\Windows\setupact.log
    2014-11-22 13:13 - 2014-11-22 13:13 - 00000000 _____ () C:\Windows\setuperr.log
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-14 16:49 - 2010-12-14 21:00 - 00000000 ____D () C:\Users\Max Wren\Tech
    2014-12-14 16:47 - 2012-06-08 21:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-14 16:27 - 2012-02-28 20:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-14 16:26 - 2012-01-14 17:31 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\Nero
    2014-12-14 16:25 - 2010-12-14 15:40 - 00000000 ____D () C:\ProgramData\Nero
    2014-12-14 16:25 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Cursors
    2014-12-14 16:21 - 2014-10-10 22:37 - 01538826 _____ () C:\Windows\WindowsUpdate.log
    2014-12-14 16:04 - 2010-12-13 19:44 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA.job
    2014-12-14 16:00 - 2012-10-03 14:34 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
    2014-12-14 14:56 - 2009-07-13 20:45 - 00024784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-14 14:56 - 2009-07-13 20:45 - 00024784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-14 14:49 - 2013-08-06 10:29 - 00003284 _____ () C:\Windows\SysWOW64\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}
    2014-12-14 14:49 - 2013-08-06 10:29 - 00003284 _____ () C:\Users\Max Wren\AppData\Roaming\ANIWZCS{5D0ED30A-1C8F-41B1-AFEF-8116942110DD}
    2014-12-14 14:48 - 2014-08-29 03:31 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
    2014-12-14 14:48 - 2013-06-08 11:49 - 00000008 __RSH () C:\ProgramData\ntuser.pol
    2014-12-14 14:48 - 2012-02-28 20:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-14 14:48 - 2010-12-14 15:11 - 00000073 _____ () C:\service.log
    2014-12-14 14:48 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-14 14:47 - 2009-07-13 19:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
    2014-12-14 14:04 - 2014-08-22 20:56 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
    2014-12-14 00:52 - 2010-12-31 12:06 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\Skype
    2014-12-13 21:50 - 2012-04-05 15:37 - 00000000 ____D () C:\Windows\Minidump
    2014-12-13 21:50 - 2010-12-13 18:17 - 00305135 ____N () C:\Windows\Minidump\121314-18049-01.dmp
    2014-12-13 21:16 - 2012-11-02 16:11 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\.minecraft
    2014-12-13 20:52 - 2014-07-04 09:18 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-13 17:04 - 2010-12-13 19:44 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core.job
    2014-12-12 23:28 - 2014-09-07 21:45 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\CrashDumps
    2014-12-11 20:17 - 2014-07-04 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-11 20:17 - 2014-07-04 08:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-10 17:05 - 2014-10-23 16:41 - 00052345 _____ () C:\Users\Max Wren\Downloads\Result.txt
    2014-12-09 17:28 - 2010-12-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-12-09 16:47 - 2012-06-08 21:24 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-09 16:47 - 2012-04-04 18:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-09 16:47 - 2011-05-15 14:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-06 11:28 - 2014-10-22 15:49 - 00000000 ____D () C:\Program Files\Speccy
    2014-12-06 10:54 - 2013-07-14 19:04 - 00000000 ____D () C:\Users\Max Wren\Documents\Telltale Games
    2014-12-06 01:24 - 2011-06-10 15:43 - 00000000 ____D () C:\Users\Max Wren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2014-12-06 00:43 - 2010-12-13 19:13 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
    2014-12-06 00:43 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-12-06 00:35 - 2013-06-09 12:20 - 00000000 ____D () C:\Program Files (x86)\Origin
    2014-12-06 00:35 - 2011-10-18 19:46 - 00000000 ____D () C:\ProgramData\Origin
    2014-12-06 00:05 - 2014-03-16 15:11 - 00000000 ____D () C:\AdwCleaner
    2014-12-05 22:35 - 2009-07-13 21:08 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-12-01 00:47 - 2014-08-29 03:18 - 00000000 ____D () C:\Program Files\Google
    2014-12-01 00:47 - 2012-02-28 20:29 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-11-30 23:01 - 2010-12-13 19:44 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\Google
    2014-11-25 20:37 - 2013-09-20 21:09 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
    2014-11-25 20:37 - 2011-01-06 20:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
    2014-11-25 18:34 - 2011-10-01 19:17 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
    2014-11-24 14:43 - 2013-09-20 21:08 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2014-11-24 14:04 - 2010-12-13 19:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-11-23 18:03 - 2010-12-13 19:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-11-23 11:51 - 2009-07-13 21:13 - 00006736 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-11-23 11:45 - 2009-07-13 20:45 - 05057016 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-11-22 22:30 - 2011-12-15 16:52 - 00000000 ____D () C:\Users\Max Wren\AppData\Local\Skyrim
    2014-11-22 22:25 - 2014-08-23 22:24 - 00002261 _____ () C:\Users\Mcx1-MAXWREN-PC\Desktop\Skyrim (SKSE).lnk
    2014-11-22 21:40 - 2010-12-13 19:06 - 00116928 _____ () C:\Users\Max Wren\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-11-22 21:19 - 2010-12-14 21:16 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
    2014-11-22 14:03 - 2011-08-26 12:57 - 00000000 ____D () C:\Program Files\Java
    2014-11-21 06:14 - 2014-07-04 08:50 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-11-21 06:14 - 2014-07-04 08:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-11-21 06:14 - 2010-12-16 19:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-11-14 22:22 - 2012-02-28 20:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-11-14 22:22 - 2012-02-28 20:29 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-11-14 16:59 - 2010-12-13 19:44 - 00003900 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA
    2014-11-14 16:59 - 2010-12-13 19:44 - 00003504 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-12-05 17:18
     
    ==================== End Of Log ============================
     
     
    Addition Log:
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2014
    Ran by Max Wren at 2014-12-14 16:59:44
    Running from C:\Users\Max Wren\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
    AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
    Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
    Amazon Music (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Amazon Amazon Music) (Version: 3.6.0.671 - Amazon Services LLC)
    AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
    ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version:  - )
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Verifier x64 External Package (Version: 8.59.8400 - Microsoft) Hidden
    Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
    Assassin's Creed Revelations Bonus Content (HKLM-x32\...\Assassin's Creed Revelations Bonus Content) (Version:  - Ubisoft)
    ATI AVIVO64 Codecs (Version: 11.6.0.50527 - ATI Technologies Inc.) Hidden
    Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.1.0.0 - Auslogics Labs Pty Ltd)
    Autodesk Player Plugin (HKLM-x32\...\Autodesk Player Plugin) (Version: 1.1.0.1 - Autodesk)
    AutoGreen B12.1220.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
    AutoGreen B12.1220.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Video Converter 7 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Video Editor 5 (HKLM-x32\...\AVS Video Editor_is1) (Version:  - Online Media Technologies Ltd.)
    AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version:  - Online Media Technologies Ltd.)
    AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
    Bandicam (HKLM-x32\...\Bandicam) (Version:  - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
    Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
    BioShock 2 (x32 Version: 1.0.0003.131 - Take-Two Interactive Software) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.) <==== ATTENTION
    BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
    Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
    Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
    CamStudio version 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
    CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
    Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
    Dead Rising 3 (HKLM-x32\...\Steam App 265550) (Version:  - Capcom Game Studio Vancouver)
    Defiance (HKLM-x32\...\Steam App 224600) (Version:  - Trion Worlds, Inc.)
    Digital Photo Navigator 1.5 (HKLM-x32\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version:  - )
    Disney Infinity 2.0 (HKLM-x32\...\{AD3C5D08-A89D-4E05-A0D2-CD24C6F689EE}) (Version: 1.96.2618 - Disney Interactive)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
    D-Link RangeBooster N DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version:  - D-Link)
    Download Manager 2.3.10 (HKLM-x32\...\Download Manager) (Version: 2.3.10 - IGN Entertainment, Inc.)
    Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
    Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
    Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    EasySaver B9.1214.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
    Everio MediaBrowser (HKLM-x32\...\{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}) (Version: 2.01.202 - PIXELA)
    Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0958 - Ezvid, inc.)
    Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
    Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
    Five Nights at Freddy's (HKLM-x32\...\Steam App 319510) (Version:  - Scott Cawthon)
    Five Nights at Freddy's DEMO (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\Five Nights at Freddy's DEMO) (Version:  - )
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    GameStop App (HKLM-x32\...\GameStop App) (Version: 4.00 - GameStop)
    GameStop App (x32 Version: 4.00 - GameStop) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
    HP Deskjet 2510 series Help (HKLM-x32\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard)
    HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
    HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
    HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
    ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
    join.me (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\JoinMe) (Version: 1.10.1.253 - LogMeIn, Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Just Cause 2: Multiplayer - Dedicated Server (HKLM-x32\...\Steam App 261140) (Version:  - )
    Kits Configuration Installer (x32 Version: 8.59.8400 - Microsoft) Hidden
    K-Lite Codec Pack 9.5.5 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.5 - )
    Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version:  - )
    League of Legends (x32 Version: 1.3 - Riot Games) Hidden
    LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
    Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
    NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
    Need For Speed: Rivals (HKLM-x32\...\Need For Speed: Rivals) (Version:  - GameStop)
    Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
    Nero 9 Essentials (HKLM-x32\...\{653f0326-8ae0-4741-94c8-ec5cb4524739}) (Version:  - Nero AG)
    Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
    Nero MediaHome Free (HKLM-x32\...\{546A5C77-41C1-4702-8F72-5921CDF67A3C}) (Version: 16.0.01600 - Nero AG)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
    NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
    NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
    ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
    OnLive (HKLM-x32\...\OnLive) (Version:  - OnLive)
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.9 - Pando Networks Inc.)
    Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
    Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.8.2 - PowerUp Software)
    Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
    Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.42.0 - Razer Inc.)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22533 - Razer Inc.)
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
    Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    SDK Debuggers (x32 Version: 8.59.8400 - Microsoft Corporation) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1150 - SUPERAntiSpyware.com)
    Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
    System Requirements Lab CYRI (HKLM-x32\...\{2DF5765E-5386-4540-9383-DBC9A0A596F9}) (Version: 6.0.15.0 - Husdawg, LLC)
    The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\{12C85315-0989-4C28-8956-33458F464DD6}) (Version: 1.00.0000 - Atari)
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
    The Talos Principle Public Test (HKLM-x32\...\Steam App 330710) (Version:  - Croteam)
    The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
    The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
    The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
    Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
    Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
    Unity Web Player (HKU\S-1-5-21-1291033962-1462433758-1048692052-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
    Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
    Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
    Who Is On My Wifi version 3.0.2 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.2 - IO3O LLC)
    WinASO Registry Optimizer 4.8.6 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version:  - X.M.Y International LLC)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Software Development Kit (HKLM-x32\...\{843e5a96-1ee3-4275-a965-14feac1cc02e}) (Version: 8.59.8400 - Microsoft Corporation)
    WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
    WizTree v1.05 (HKLM-x32\...\WizTree_is1) (Version:  - Antibody Software)
    WPT Redistributables (x32 Version: 8.59.8400 - Microsoft) Hidden
    WPTx64 (x32 Version: 8.59.8400 - Microsoft) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1291033962-1462433758-1048692052-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Max Wren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
     
    ==================== Restore Points  =========================
     
    15-12-2014 00:22:18 Installed Nero MediaHome Free.
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 18:34 - 2014-12-14 14:47 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {08D04C5D-9094-4965-BF5F-C41C59B5D891} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {10467E59-91A3-4287-9306-481379708C73} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
    Task: {1919730D-0459-488E-A17F-3250ABCA32E6} - System32\Tasks\{3F15966D-4E41-4C06-A985-E954618C02C2} => pcalua.exe -a D:\EN_Fallout_3_DLC.EXE -d D:\
    Task: {1F6C4B3E-1DA5-403E-8619-88BB663CB672} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
    Task: {39C90007-CD6D-4F67-8368-85FCA008499D} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-MAXWREN-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
    Task: {3B539F2F-4BB8-43DC-8C5B-5428902B7D06} - System32\Tasks\{0AE2E2C7-9DFD-4AC6-87B3-196B0CE2941B} => pcalua.exe -a "C:\Program Files (x86)\Xfire\uninst.exe"
    Task: {3F23E68D-83B1-4C83-9FB9-9DE1EFD86C2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {4464552E-7C98-472D-8792-AD3D0CAA2E17} - System32\Tasks\{2D525CC8-7A01-41BB-896A-E609DAC78322} => Chrome.exe http://ui.skype.com/ui/0/7.0.0.100/en/go/help.faq.installer?LastError=1603
    Task: {47A439F7-DA01-428E-B95F-84722C90E9E8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
    Task: {5172FD06-BCD4-4CC7-8CBE-FA12D5D47FBD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
    Task: {58BD0D90-0D6A-4F70-BE91-EA9549F56D50} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
    Task: {596A1910-AE19-4ECD-B917-B7296E7DCEAC} - System32\Tasks\{A9CB67EF-216C-4403-B736-0E478B83AC7C} => pcalua.exe -a D:\SETUP.EXE -d D:\
    Task: {65D6EFC2-A4CA-4314-A943-DCEA9BA89FEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {6A18B040-1722-4741-8FA2-DAD8940CAFA2} - System32\Tasks\{3E13224D-0D6C-48C2-B8B7-F7D742ED4854} => c:\program files (x86)\opera\opera.exe
    Task: {6DFFF9FF-C2B3-4CBA-8852-2EBFA24A9818} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {6F980861-6139-4979-9534-9B971B495528} - System32\Tasks\{0F1F8CA1-0C6B-45AB-BE45-F550923021D5} => pcalua.exe -a "C:\Users\Max Wren\Desktop\classic_doom_3.1.3.1.exe" -d "C:\Users\Max Wren\Desktop"
    Task: {72D9F205-EF10-471F-B7F6-2703B9660E6E} - System32\Tasks\{E1B5CFA7-A915-4C58-A772-7A66CC9858B5} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/en/go/help.faq.installer?LastError=1603
    Task: {772967AF-83BE-4457-A129-72BADB5190C4} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
    Task: {7FE99B9B-8C6B-4C6C-9686-1F12FA61CBD1} - System32\Tasks\{F1CD42A5-8C3F-42BC-B016-74B0E6D40304} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon Demo\EAUninstall.exe"
    Task: {80928C2C-E941-4BD7-A737-4FF7CA962813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {878FD3C7-DE25-4742-B383-0E3B9B5B4247} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
    Task: {90668024-36E8-4F2F-B7D0-09A0BF121F91} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1291033962-1462433758-1048692052-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
    Task: {A749E729-2886-4A4D-B3E9-F587AF9F47EB} - System32\Tasks\{025A6C8D-E174-4CA2-B185-B685CE19B1DB} => pcalua.exe -a D:\SETUP.EXE -d D:\
    Task: {B3A9B670-6EC5-4E62-8372-BA6C0C8C5A02} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe
    Task: {BA8B1C84-611B-43B9-9D95-ADB85A39AD98} - System32\Tasks\{1BE47801-F50E-4F04-A009-5CB91F07D3CC} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
    Task: {C094112F-1384-4E89-ACCE-79491ADFC8A2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1291033962-1462433758-1048692052-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
    Task: {C453D996-CDE8-418C-B899-9D70E869C816} - System32\Tasks\{5115ECB2-3E9F-4B49-8B9C-F91C542362AC} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/en/go/help.faq.installer?LastError=1603
    Task: {CA71D6A4-A8F8-49AC-B1F7-8C51616E869E} - System32\Tasks\{B76B5E2E-E639-4DF1-94A2-9655B4DC2EA2} => pcalua.exe -a D:\EN_Fallout_3_DLC.EXE -d D:\
    Task: {D1A85142-77BD-4B39-A83E-AB9BE210BE26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
    Task: {E26A010F-53E0-4649-96C0-B11DEE48267F} - System32\Tasks\{6E94EEA5-0CAF-4FD2-B07C-AA11D0395C85} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/22350
    Task: {E45E0EAC-6BAF-45EB-A283-CA7FD5DDDE9D} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001Core.job => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1291033962-1462433758-1048692052-1001UA.job => C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2011-09-08 13:42 - 2011-09-08 13:42 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
    2014-01-03 13:12 - 2014-09-13 13:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2013-08-06 10:24 - 2009-07-07 19:10 - 00151552 _____ () C:\Windows\SysWOW64\ANIWConnService.exe
    2010-12-14 15:15 - 2010-01-18 18:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
    2013-09-20 21:08 - 2014-11-24 14:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2012-10-03 14:34 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
    2014-05-12 01:49 - 2014-05-12 01:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
    2014-08-29 03:22 - 2012-11-13 23:22 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
    2014-08-29 03:22 - 2012-11-13 23:22 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
    2011-09-08 13:42 - 2011-09-08 13:42 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-08-06 10:23 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIOApi.dll
    2013-08-06 10:23 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIOApi.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
    2014-12-09 16:28 - 2014-12-05 17:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Camera Monitor SD.lnk => C:\Windows\pss\Camera Monitor SD.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameStop Now.lnk => C:\Windows\pss\GameStop Now.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Impulse Now.lnk => C:\Windows\pss\Impulse Now.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 2510 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 2510 series.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Max Wren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
    MSCONFIG\startupreg: Advanced SystemCare 4 => "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe"
    MSCONFIG\startupreg: Advanced SystemCare 5 => "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
    MSCONFIG\startupreg: Amazon Music => "C:\Users\Max Wren\AppData\Local\Amazon Music\Amazon Music Helper.exe"
    MSCONFIG\startupreg: AmazonGSDownloaderTray => C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
    MSCONFIG\startupreg: Application Restart #0 => C:\Users\Max Wren\AppData\Local\Google\Chrome\Application\chrome.exe  --flag-switches-begin --enable-print-preview --flag-switches-end --restore-last-session -- https://battlelog.battlefield.com/sso/Ciyvab0tregdVsBtboIpeChe4G6uzC1v5_-SIxmvSLJSyaAjwM50HSEWfT4XT5Cs3_Pmat7WI_3IzWO9EcNcoXQ4uJDMir0xszJfh5i_74hsDRT0pEUS_6uxCJJMXdn6
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: BitTorrent => "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"
    MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
    MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: Google Update => "C:\Users\Max Wren\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
    MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    MSCONFIG\startupreg: Spotify => "C:\Users\Max Wren\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Max Wren\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-1291033962-1462433758-1048692052-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-1291033962-1462433758-1048692052-1006 - Limited - Enabled)
    Guest (S-1-5-21-1291033962-1462433758-1048692052-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1291033962-1462433758-1048692052-1002 - Limited - Enabled)
    Max Wren (S-1-5-21-1291033962-1462433758-1048692052-1001 - Administrator - Enabled) => C:\Users\Max Wren
    Mcx1-MAXWREN-PC (S-1-5-21-1291033962-1462433758-1048692052-1022 - Limited - Enabled) => C:\Users\Mcx1-MAXWREN-PC
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Realtek PCIe GBE Family Controller
    Description: Realtek PCIe GBE Family Controller
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: RTL8167
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
     
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
     
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
     
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
     
    Error: (12/12/2014 11:28:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x000007fedf4b88e5
    Faulting process id: 0xc84
    Faulting application start time: 0xExplorer.EXE0
    Faulting application path: Explorer.EXE1
    Faulting module path: Explorer.EXE2
    Report Id: Explorer.EXE3
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: nvtray.exe, version: 7.17.13.4411, time stamp: 0x5414b512
    Faulting module name: NvUI.dll, version: 8.17.13.4411, time stamp: 0x5414a4de
    Exception code: 0xc000001d
    Fault offset: 0x00000000000746e6
    Faulting process id: 0x884
    Faulting application start time: 0xnvtray.exe0
    Faulting application path: nvtray.exe1
    Faulting module path: nvtray.exe2
    Report Id: nvtray.exe3
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: nvtray.exe, version: 7.17.13.4411, time stamp: 0x5414b512
    Faulting module name: NvUI.dll, version: 8.17.13.4411, time stamp: 0x5414a4de
    Exception code: 0xc000001d
    Fault offset: 0x00000000000746e6
    Faulting process id: 0x1038
    Faulting application start time: 0xnvtray.exe0
    Faulting application path: nvtray.exe1
    Faulting module path: nvtray.exe2
    Report Id: nvtray.exe3
     
    Error: (12/11/2014 09:01:18 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file  for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program NVIDIA Settings because of this error.
     
    Program: NVIDIA Settings
    File: 
     
    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.
     
    Additional Data
    Error value: 00000000
    Disk type: 0
     
     
    System errors:
    =============
    Error: (12/14/2014 02:49:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (12/14/2014 02:49:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (12/14/2014 02:49:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (12/14/2014 02:49:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (12/14/2014 02:49:06 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (12/14/2014 02:49:06 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (12/14/2014 02:48:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (12/14/2014 02:48:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (12/14/2014 02:48:55 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (12/14/2014 02:48:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).
     
     
    Microsoft Office Sessions:
    =========================
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max Wren\Downloads\esetsmartinstaller_enu.exe
     
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max Wren\Downloads\esetsmartinstaller_enu(1).exe
     
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max Wren\Downloads\esetsmartinstaller_enu (2).exe
     
    Error: (12/14/2014 02:45:12 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max Wren\Downloads\esetsmartinstaller_enu (1).exe
     
    Error: (12/12/2014 11:28:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c0000005000007fedf4b88e5c8401d0166ee52b0f95C:\Windows\Explorer.EXEunknowna82f02c1-8299-11e4-b24c-bc6244f48ace
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: nvtray.exe7.17.13.44115414b512NvUI.dll8.17.13.44115414a4dec000001d00000000000746e688401d015d0cdda2f03C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\NvUI.dll0c82e07d-81c4-11e4-91a4-f4ebd4d110bb
     
    Error: (12/11/2014 09:59:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: nvtray.exe7.17.13.44115414b512NvUI.dll8.17.13.44115414a4dec000001d00000000000746e6103801d015d0cea682b1C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\NvUI.dll0c82925c-81c4-11e4-91a4-f4ebd4d110bb
     
    Error: (12/11/2014 09:01:18 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: NVIDIA Settings000000000
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2014-08-06 08:53:29.390
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-06 08:53:29.103
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-06 08:53:28.814
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-06 08:53:28.525
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-02 19:23:44.646
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-08-02 19:23:44.356
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:22.581
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:22.308
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:22.036
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2014-07-04 19:16:21.764
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD FX™-8320 Eight-Core Processor 
    Percentage of memory in use: 35%
    Total physical RAM: 8156.66 MB
    Available physical RAM: 5232.23 MB
    Total Pagefile: 16311.49 MB
    Available Pagefile: 12701.03 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:465.66 GB) (Free:76.82 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8E1228C6)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================


    #10 Bright10A

    Bright10A
    • Topic Starter

    • Members
    • 51 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:11 AM

    Posted 15 December 2014 - 12:53 AM

    The other problem is though is that I am still getting the symptoms that indicate I have a virus.

     

     C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_2f32ce9389ee33c1b0ba1c1af5c2a8ced3423_cab_1a55c03a\smss.exe
      C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_2f32ce9389ee33c1b0ba1c1af5c2a8ced3423_cab_1a55c03a\WERBF7F.tmp.appcompat.txt
      C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_2f32ce9389ee33c1b0ba1c1af5c2a8ced3423_cab_1a55c03a\WERBF80.tmp.WERInternalMetadata.xml
      C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_WinD_2f32ce9389ee33c1b0ba1c1af5c2a8ced3423_cab_1a55c03a\WERBF90.tmp.hdmp
     
    Those error messages are what indicate something is still wrong.

    Edited by Bright10A, 15 December 2014 - 12:55 AM.


    #11 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:03:11 AM

    Posted 15 December 2014 - 05:32 AM

    Something is still wrong with you getting those messages but it may not be malware related. We can run a few more programs and take a deeper look

     

     

    Please download Malwarebytes Anti-Rootkit from Here
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

  • mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #12 Bright10A

    Bright10A
    • Topic Starter

    • Members
    • 51 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:11 AM

    Posted 16 December 2014 - 08:28 PM

    Hi I ran MBAR however it found nothing. However I may have found the cause of my PC issues, as I ran Memtest 86 which showed that my RAM is defective as I got 818 errors haha. So that may be the issue. Here are the logs anyway though

     

    Malwarebytes Anti-Rootkit BETA 1.08.2.1001
    www.malwarebytes.org
     
    Database version: v2014.12.16.05
     
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.17420
    Max Wren :: SASUKEUCHIHA-PC [administrator]
     
    12/16/2014 4:53:20 PM
    mbar-log-2014-12-16 (16-53-20).txt
     
    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
    Scan options disabled: 
    Objects scanned: 411218
    Time elapsed: 11 minute(s), 31 second(s)
     
    Memory Processes Detected: 0
    (No malicious items detected)
     
    Memory Modules Detected: 0
    (No malicious items detected)
     
    Registry Keys Detected: 0
    (No malicious items detected)
     
    Registry Values Detected: 0
    (No malicious items detected)
     
    Registry Data Items Detected: 0
    (No malicious items detected)
     
    Folders Detected: 0
    (No malicious items detected)
     
    Files Detected: 0
    (No malicious items detected)
     
    Physical Sectors Detected: 0
    (No malicious items detected)
     
    (end)
     
     
    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.08.2.1001
     
    © Malwarebytes Corporation 2011-2012
     
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
     
    Account is Administrative
     
    Internet Explorer version: 11.0.9600.17420
     
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 3.516000 GHz
    Memory total: 8552140800, free: 5322219520
     
    Downloaded database version: v2014.12.16.05
    Downloaded database version: v2014.12.14.01
    Downloaded database version: v2014.12.06.01
    =======================================
    Initializing...
    ------------ Kernel report ------------
         12/16/2014 16:53:09
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_AuthenticAMD.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\system32\drivers\pciide.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\system32\DRIVERS\jraid.sys
    \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\DRIVERS\disk.sys
    \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\ws2ifsl.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\anodlwfx.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\serial.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\AppleCharger.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\DRIVERS\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\xhcdrv.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\usbohci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\system32\DRIVERS\serenum.sys
    \SystemRoot\system32\DRIVERS\amdppm.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\tap0901t.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\DRIVERS\amdiox64.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\drivers\nvvad64v.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\DRIVERS\ViaHub3.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\viahduaa.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\DRIVERS\Dnetr28ux.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\system32\DRIVERS\usbscan.sys
    \SystemRoot\system32\DRIVERS\usbprint.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\rzendpt.sys
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\system32\DRIVERS\kbdhid.sys
    \SystemRoot\system32\DRIVERS\rzudd.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_dumpata.sys
    \SystemRoot\System32\Drivers\dump_atapi.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\System32\ATMFD.DLL
    \SystemRoot\system32\drivers\luafv.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
    \SystemRoot\system32\DRIVERS\atksgt.sys
    \SystemRoot\system32\DRIVERS\lirsgt.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\system32\drivers\tdtcp.sys
    \SystemRoot\System32\DRIVERS\tssecsrv.sys
    \SystemRoot\System32\Drivers\RDPWD.SYS
    \??\C:\Windows\gdrv.sys
    \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
    \SystemRoot\system32\DRIVERS\asyncmac.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\usp10.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\wininet.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\nsi.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\psapi.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\user32.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\msctf.dll
    \Windows\System32\imm32.dll
    \Windows\System32\ole32.dll
    \Windows\System32\lpk.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\shell32.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\devobj.dll
    \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    \Windows\System32\userenv.dll
    \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    \Windows\System32\profapi.dll
    \Windows\System32\msasn1.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End -----------
    Done!
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8007a0e790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IdeDeviceP2T1L0-4\
    Lower Device Object: 0xfffffa800781e060
    Lower Device Driver Name: \Driver\atapi\
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8007a0e790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8007a0e250, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8007a0e790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa800781e060, DeviceName: \Device\Ide\IdeDeviceP2T1L0-4\, DriverName: \Driver\atapi\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 8E1228C6
     
    Partition information:
     
        Partition 0 type is Primary (0x7)
        Partition is ACTIVE.
        Partition starts at LBA: 2048  Numsec = 204800
        Partition file system is NTFS
        Partition is bootable
     
        Partition 1 type is Primary (0x7)
        Partition is NOT ACTIVE.
        Partition starts at LBA: 206848  Numsec = 976564224
     
        Partition 2 type is Empty (0x0)
        Partition is NOT ACTIVE.
        Partition starts at LBA: 0  Numsec = 0
     
        Partition 3 type is Empty (0x0)
        Partition is NOT ACTIVE.
        Partition starts at LBA: 0  Numsec = 0
     
    Disk Size: 500107862016 bytes
    Sector size: 512 bytes
     
    Done!
    Scan finished
    =======================================
     
     
    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
    Removal finished
     

    Edited by Bright10A, 16 December 2014 - 08:28 PM.


    #13 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:03:11 AM

    Posted 16 December 2014 - 10:30 PM

    Thanks for letting me know.

     

    You can go to Crucial and have it scan your system and it will tell you what you need as far as memory, I used to be a system builder and i wouldn't buy memory from anyone else. If this is a laptop exchanging memory is a bit of a task but with a desktop you can change it out yourself fairly easily, but not all memory is the same, you have to use the one that is recommended for your system or it may not work

     

    http://www.crucial.com/

     

     
    Please download DelFix and save the file to your Desktop.
     
    DelFix_zps139e2ea1.jpg
     
  • Windows XP Double Click DelFix.exe to run the program. 
  • Windows Vista > Win 7 > Win 8 Right Click on DelFix.exe and select RUN AS ADMINISTRATOR 
  • Checkmark " Remove Disinfection Tools"
  • Click the Run button
  •  
    This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually
     
     
     
    ==========================================================
     
     
     
    How did I get infected in the first place ?    
    Read these links and find out how to prevent getting infected again.
  • Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
  •  
     
    Safe Surfn
    Ken

    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #14 Bright10A

    Bright10A
    • Topic Starter

    • Members
    • 51 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:11 AM

    Posted 16 December 2014 - 10:44 PM

    Thanks for the site but I already found some RAM on Amazon that I plan to upgrade to. I already checked my motherboard's specs to make sure it can support the RAM and it looks like it can.

     

    http://www.amazon.com/Corsair-Vengeance-Desktop-Memory-CMZ16GX3M2A1600C10/dp/B006EWUO22/ref=sr_1_1?ie=UTF8&qid=1418787808&sr=8-1&keywords=16gb+ram

     

    That's the RAM I wanna get and the motherboard I have is a Gigabyte 970A-D3P. Should be compatible right?



    #15 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:03:11 AM

    Posted 16 December 2014 - 11:05 PM

    Not sure, why dont you go ahead and run the free scan from Crucial and see how it lines up with the one at Amazon


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users