Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Some websites return 127.0.0.1 when pinged, can't access them


  • This topic is locked This topic is locked
27 replies to this topic

#1 Czaarek99

Czaarek99

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 09 January 2015 - 02:52 PM

Moderator edit: Merged topics due to attach text in one and DDS in the other

Roger

Attached Files


Edited by Czaarek99, 10 January 2015 - 02:02 AM.


BC AdBot (Login to Remove)

 


#2 Czaarek99

Czaarek99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 09 January 2015 - 02:53 PM

Lately I have been running into the issue that some sites sometimes don't work. It is completely random, yesterday I had problems with facebook, today with bukkit.org and later with spigotmc.com

It doesn't seem to make sense.

 

I also changed modem and changed router and called my ISP, still no difference.

 

So when I visit a website it just gives me Website not Available. If I visit the pages through a proxy it works fine though. And I doubt I have been blocked by all these random sites.

 

Here is my log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.65.2
Run by Czarek at 20:47:16 on 2015-01-09
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.46.1033.18.16326.11655 [GMT 1:00]
.
AV: AVG Internet Security 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe
C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Windows\SysWOW64\ExMgr.exe
C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\puush\puush.exe
C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Windows\system\ATLOISAService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mDefault_Page_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [puush] C:\Program Files (x86)\puush\puush.exe
uRun: [f.lux] "C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Spotify] "C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{E488F474-AE52-48BB-9FEA-928CAEEBD228} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F3FBAA2E-6279-4A26-8872-B7AC4B8C6086} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [PheobusEX] C:\Windows\syswow64\ExMgr.exe Envoke
x64-Run: [GamecomSound] "C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe" /h /d
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-7-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-10-5 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-18 31512]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-5-28 672104]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-5-28 28008]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-11-12 20464]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Users\Czarek\Desktop\wipe\EEK\bin\a2ddax64.sys [2015-1-7 26176]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-18 153368]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-12-8 260888]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-8-28 243480]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-10-10 274200]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2015-1-7 20160]
R1 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-12-4 93400]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-8-23 936728]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2014-8-23 954648]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-9-9 1360016]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [2014-8-23 389944]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-12-18 1486664]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-14 1149760]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-5-28 16232]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-3-11 260360]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-4-3 154584]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-12-4 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-12-4 969016]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-14 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-14 19821376]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-14 409800]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-1-7 5426448]
R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-8-31 179200]
R3 ATLOISAService;ATLOISAService;C:\Windows\system\ATLOISAService.exe [2014-11-11 512000]
R3 cbfs3;EldoS Callback File System driver v3;C:\Windows\System32\drivers\cbfs3.sys [2014-10-22 352144]
R3 CmHdAudAddService;C-Media Function Driver for High Definition Audio Service;C:\Windows\System32\drivers\CMHDAudioV64.sys [2014-11-11 67584]
R3 e1dexpress;Intel® PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2014-8-4 487704]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2014-12-14 98464]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-8-23 171632]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-11-12 383984]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-11-12 795120]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-12-4 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-12-4 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-12-4 63704]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-14 20800]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-12-14 38216]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2014-5-19 39080]
R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2014-5-19 155816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2014-11-3 34136]
S3 ATLMonitorService;ATLMonitorService;C:\Windows\system\MonitorService.exe [2014-11-11 650752]
S3 cleanhlp;cleanhlp;C:\Users\Czarek\Desktop\wipe\EEK\bin\cleanhlp64.sys [2015-1-7 57024]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 iumsvc;Intel® Update Manager;C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-2-28 174368]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 rspLLL;rspLLL;C:\Windows\System32\drivers\rspLLL64.sys [2014-11-11 25504]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-4 1255736]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2014-7-15 116296]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1
.
=============== Created Last 30 ================
.
2015-01-09 19:09:55 -------- d-----w- C:\Program Files (x86)\ESET
2015-01-09 14:47:23 -------- d-----w- C:\Users\Czarek\AppData\Roaming\Avg_Update_1014av
2015-01-09 14:47:18 -------- d-----w- C:\ProgramData\Avg_Update_1014av
2015-01-09 14:39:49 -------- d-----w- C:\Users\Czarek\AppData\Roaming\AVG2015
2015-01-09 14:39:29 -------- d-----w- C:\Users\Czarek\AppData\Roaming\TuneUp Software
2015-01-09 14:39:20 -------- d--h--w- C:\$AVG
2015-01-09 14:39:20 -------- d-----w- C:\ProgramData\AVG2015
2015-01-09 14:39:11 -------- d-----w- C:\Program Files (x86)\AVG
2015-01-09 14:36:17 -------- d--h--w- C:\ProgramData\Common Files
2015-01-09 14:36:17 -------- d-----w- C:\Users\Czarek\AppData\Local\MFAData
2015-01-09 14:36:17 -------- d-----w- C:\Users\Czarek\AppData\Local\Avg2015
2015-01-09 14:36:17 -------- d-----w- C:\ProgramData\MFAData
2015-01-09 14:35:12 -------- d-s---w- C:\Windows\SysWow64\Microsoft
2015-01-09 14:32:02 -------- d-----w- C:\Users\Czarek\.IdeaIC14
2015-01-09 05:54:37 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B9831BA8-EB90-4446-93E8-7686C586CDB9}\mpengine.dll
2015-01-07 21:30:06 -------- d-----w- C:\ProgramData\GlarySoft
2015-01-07 21:29:13 20160 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2015-01-07 21:29:12 -------- d-----w- C:\Users\Czarek\AppData\Roaming\GlarySoft
2015-01-07 21:29:12 -------- d-----w- C:\Users\Czarek\AppData\Roaming\DiskDefrag
2015-01-07 21:29:09 -------- d-----w- C:\Program Files (x86)\Glary Utilities 5
2015-01-07 18:07:59 -------- d-----w- C:\AdwCleaner
2015-01-07 18:06:00 -------- d-----w- C:\Windows\ERUNT
2015-01-04 14:14:38 -------- d-----w- C:\Users\Czarek\AppData\Local\ElevatedDiagnostics
2015-01-03 19:42:03 -------- d-----w- C:\Windows\SysWow64\vbox
2015-01-03 19:42:03 -------- d-----w- C:\Windows\System32\vbox
2015-01-03 18:00:50 -------- d-----w- C:\Program Files\HashTab Shell Extension
2014-12-28 15:10:57 97614 ----a-w- C:\ProgramData\1419779436.bdinstall.bin
2014-12-28 15:10:36 37823 ----a-w- C:\ProgramData\1419779435.bdinstall.bin
2014-12-18 14:11:54 -------- d-----w- C:\Users\Czarek\AppData\Roaming\NVIDIA
2014-12-18 11:09:21 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-18 11:09:21 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-12-16 19:22:12 -------- d-----w- C:\Users\Czarek\AppData\Roaming\TaiG
2014-12-14 10:47:55 98464 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys
2014-12-14 10:47:55 -------- d-----w- C:\Program Files\Virtual Audio Cable
2014-12-14 10:45:48 -------- d-----w- C:\Users\Czarek\AppData\Roaming\REAPER
2014-12-14 10:45:43 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software
2014-12-14 10:45:40 -------- d-----w- C:\Program Files\REAPER (x64)
2014-12-14 10:45:33 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
2014-12-14 09:10:45 -------- d-----w- C:\Users\Czarek\AppData\Local\NVIDIA Corporation
2014-12-14 09:10:38 -------- d-----w- C:\Users\Czarek\AppData\Local\NVIDIA
2014-12-14 09:02:20 2800296 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-12-14 09:02:20 2197680 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-12-14 09:02:20 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-12-14 09:02:20 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-12-14 09:00:50 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-12-14 09:00:40 -------- d-----w- C:\NVIDIA
2014-12-14 08:59:21 190464 ----a-w- C:\Windows\PAExec.exe
2014-12-13 06:54:49 -------- d-----r- C:\Program Files (x86)\Skype
2014-12-12 17:07:06 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-12-12 17:06:56 -------- d-----w- C:\Program Files\iPod
2014-12-12 17:06:55 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-12 17:06:55 -------- d-----w- C:\Program Files\iTunes
2014-12-12 17:06:55 -------- d-----w- C:\Program Files (x86)\iTunes
2014-12-12 17:06:40 -------- d-----w- C:\Program Files\Bonjour
2014-12-12 17:06:40 -------- d-----w- C:\Program Files (x86)\Bonjour
2014-12-11 05:59:21 -------- d-----w- C:\Windows\System32\appraiser
.
==================== Find3M  ====================
.
2015-01-09 19:44:54 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-01-06 03:36:02 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-12 14:38:10 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-12 14:38:10 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-08 20:24:26 260888 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-12-04 20:07:28 199002 ----a-w- C:\ProgramData\1417723542.bdinstall.bin
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 05:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 05:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 05:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-18 20:42:04 203544 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2014-11-18 19:47:50 1691816 ----a-w- C:\Windows\System32\FM20.DLL
2014-11-17 22:18:52 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-11-17 22:18:52 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-11-17 22:18:52 1538880 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-11-12 21:56:45 6897352 ----a-w- C:\Windows\System32\nvcpl.dll
2014-11-12 21:56:45 3534152 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-11-12 21:56:42 934032 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-11-12 21:56:42 62608 ----a-w- C:\Windows\System32\nvshext.dll
2014-11-12 21:56:42 386368 ----a-w- C:\Windows\System32\nvmctray.dll
2014-11-12 21:56:42 2559808 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-11-12 20:46:11 615624 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-11-12 06:48:19 32832 ----a-w- C:\Windows\SysWow64\rnd_chunk.bin
2014-11-11 20:28:08 419840 ----a-w- C:\Windows\System32\wrap_oal.dll
2014-11-11 20:28:08 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2014-11-11 20:28:08 111616 ----a-w- C:\Windows\System32\OpenAL32.dll
2014-11-11 20:28:08 102400 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2014-11-11 10:29:54 4100776 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 02:05:21 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-18 01:33:13 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-10-15 07:14:14 357376 ----a-w- C:\Windows\System32\ssleay32.dll
2014-10-15 07:14:14 357376 ----a-w- C:\Windows\System32\libssl32.dll
2014-10-15 07:13:58 1651712 ----a-w- C:\Windows\System32\libeay32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-13 17:03:21 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
.
============= FINISH: 20:47:29,28 ===============
 


#3 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:40 AM

Posted 10 January 2015 - 11:00 AM

Hey my friend. :)

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#4 Czaarek99

Czaarek99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 10 January 2015 - 01:55 PM

Here you go :)

 

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2015
Ran by Czarek (administrator) on SWAGMASTER on 10-01-2015 19:53:49
Running from C:\Users\Czarek\Desktop
Loaded Profile: Czarek (Available profiles: Czarek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Windows\SysWOW64\ExMgr.exe
() C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
() C:\Program Files (x86)\puush\puush.exe
(Flux Software LLC) C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Intel® Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Cmedia Electronics Inc.) C:\Windows\system\ATLOISAService.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [PheobusEX] => C:\Windows\syswow64\ExMgr.exe [204800 2011-02-25] ()
HKLM\...\Run: [GamecomSound] => C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe [2384384 2013-11-20] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-08-04] ()
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [f.lux] => C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [Spotify] => C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iMacros for Firefox - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-12-18]
FF Extension: ReloadEvery - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-12-15]
FF Extension: Greasemonkey - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-12-15]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://i.imgur.com/35yYCKA.png
CHR Profile: C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-04]
CHR Extension: (Google Drive) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-04]
CHR Extension: (YouTube) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-04]
CHR Extension: (plugCubed) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli [2014-08-04]
CHR Extension: (Webpage Screenshot) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-08-04]
CHR Extension: (Google Search) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-04]
CHR Extension: (Google Play Music) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-12-22]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-09-07]
CHR Extension: (EditThisCookie) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-08-04]
CHR Extension: (AdBlock) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-04]
CHR Extension: (Summer Fields) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lioedaeelokfajcbbdbbljmcjadfbngf [2014-08-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Google Wallet) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-04]
CHR Extension: (Deezer) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2014-08-04]
CHR Extension: (Gmail) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-04]
CHR HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-03-21] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-10] (ASUSTeK Computer Inc.)
S3 ATLMonitorService; C:\Windows\system\MonitorService.exe [650752 2013-10-01] (Cmedia Electronics Inc) [File not signed]
R3 ATLOISAService; C:\Windows\system\ATLOISAService.exe [512000 2013-10-25] (Cmedia Electronics Inc.) [File not signed]
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-08-31] (Company) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 A2DDA; C:\USERS\CZAREK\DESKTOP\WIPE\EEK\BIN\a2ddax64.sys [26176 2015-01-04] (Emsisoft GmbH)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [34136 2014-05-27] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cleanhlp; C:\Users\Czarek\Desktop\wipe\EEK\bin\cleanhlp64.sys [57024 2015-01-04] (Emsisoft GmbH)
R3 CmHdAudAddService; C:\Windows\System32\DRIVERS\CMHDAudioV64.sys [67584 2013-07-17] (C-Media Electronics Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-07] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-07-15] (Oracle Corporation)
R3 cpuz137; \??\C:\Users\Czarek\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-10 19:53 - 2015-01-10 19:53 - 02124288 _____ (Farbar) C:\Users\Czarek\Desktop\FRST64.exe
2015-01-10 19:53 - 2015-01-10 19:53 - 00023642 _____ () C:\Users\Czarek\Desktop\FRST.txt
2015-01-10 19:53 - 2015-01-10 19:53 - 00000000 ____D () C:\FRST
2015-01-10 19:52 - 2015-01-10 19:52 - 00000000 _____ () C:\Users\Czarek\AppData\Local\{21E72835-82CA-4121-B3FC-5B0565BFCE4F}
2015-01-09 20:30 - 2015-01-09 20:30 - 00000061 _____ () C:\Users\Czarek\Desktop\sfader.txt
2015-01-09 20:09 - 2015-01-09 20:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-09 15:47 - 2015-01-09 15:47 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Avg_Update_1014av
2015-01-09 15:47 - 2015-01-09 15:47 - 00000000 ____D () C:\ProgramData\Avg_Update_1014av
2015-01-09 15:41 - 2015-01-09 15:41 - 00417568 _____ () C:\Windows\PFRO.log
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ___HD () C:\$AVG
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\TuneUp Software
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\AVG2015
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-09 15:36 - 2015-01-10 08:28 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-09 15:36 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Avg2015
2015-01-09 15:36 - 2015-01-09 15:36 - 00000000 ____D () C:\Users\Czarek\AppData\Local\MFAData
2015-01-09 15:32 - 2015-01-09 15:32 - 00000000 ____D () C:\Users\Czarek\.IdeaIC14
2015-01-09 15:31 - 2015-01-09 15:31 - 00001046 _____ () C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 14.0.2.lnk
2015-01-09 15:28 - 2015-01-09 15:30 - 583923250 _____ () C:\Users\Czarek\Desktop\intelli backup.zip
2015-01-08 19:48 - 2015-01-09 15:43 - 00000000 ____D () C:\Users\Czarek\Desktop\skyeffects backup
2015-01-08 06:57 - 2015-01-10 19:52 - 00001344 _____ () C:\Windows\setupact.log
2015-01-08 06:57 - 2015-01-08 06:57 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 22:30 - 2015-01-07 22:30 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-01-07 22:29 - 2015-01-10 19:52 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-07 22:29 - 2015-01-10 08:00 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-07 22:29 - 2015-01-07 22:29 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-01-07 22:29 - 2015-01-07 22:29 - 00002636 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-07 22:29 - 2015-01-07 22:29 - 00001096 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\GlarySoft
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\DiskDefrag
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-01-07 19:07 - 2015-01-07 19:09 - 00000000 ____D () C:\AdwCleaner
2015-01-07 19:06 - 2015-01-07 19:06 - 00000000 ____D () C:\Windows\ERUNT
2015-01-07 19:00 - 2015-01-07 19:00 - 00002354 _____ () C:\EamClean.log
2015-01-07 12:56 - 2015-01-07 12:56 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-06 13:44 - 2015-01-09 19:59 - 00001231 _____ () C:\Users\Czarek\Desktop\lvls.txt
2015-01-04 08:45 - 2015-01-08 06:59 - 00000000 ____D () C:\Users\Czarek\Desktop\wipe
2015-01-04 08:16 - 2015-01-04 08:16 - 00000247 _____ () C:\Windows\system32\2015-01-04-07-16-53.046-aswFe.exe-6260.log
2015-01-04 08:16 - 2015-01-04 08:16 - 00000197 _____ () C:\Windows\system32\2015-01-04-07-16-51.076-AvastVBoxSVC.exe-4768.log
2015-01-04 07:55 - 2015-01-04 07:55 - 00000247 _____ () C:\Windows\system32\2015-01-04-06-55-42.083-aswFe.exe-8132.log
2015-01-04 07:55 - 2015-01-04 07:55 - 00000197 _____ () C:\Windows\system32\2015-01-04-06-55-40.063-AvastVBoxSVC.exe-1740.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000247 _____ () C:\Windows\system32\2015-01-03-19-42-41.058-aswFe.exe-7796.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000197 _____ () C:\Windows\system32\2015-01-03-19-42-40.055-AvastVBoxSVC.exe-6060.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-03 20:42 - 2015-01-03 20:42 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-03 19:00 - 2015-01-03 19:00 - 00000000 ____D () C:\Program Files\HashTab Shell Extension
2014-12-28 16:10 - 2014-12-28 16:10 - 00097614 _____ () C:\ProgramData\1419779436.bdinstall.bin
2014-12-28 16:10 - 2014-12-28 16:10 - 00037823 _____ () C:\ProgramData\1419779435.bdinstall.bin
2014-12-28 16:07 - 2015-01-07 22:31 - 00000000 ____D () C:\Windows\Minidump
2014-12-23 10:04 - 2014-12-23 11:04 - 00000028 _____ () C:\Users\Czarek\Desktop\PORTAL.txt
2014-12-22 11:28 - 2014-12-22 11:28 - 00000865 _____ () C:\Users\Czarek\Desktop\Google Music Sync - Shortcut.lnk
2014-12-18 20:05 - 2014-12-24 20:21 - 00000133 _____ () C:\Users\Czarek\Desktop\tf2.txt
2014-12-18 15:11 - 2014-12-18 15:11 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\NVIDIA
2014-12-18 12:09 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 12:09 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 20:22 - 2014-12-16 20:22 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\TaiG
2014-12-16 09:12 - 2014-12-16 09:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 11:47 - 2014-12-14 11:48 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-12-14 11:47 - 2014-12-14 11:47 - 00098464 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-12-14 11:47 - 2014-12-14 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-12-14 11:45 - 2014-12-14 11:55 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\REAPER
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files\REAPER (x64)
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-12-14 10:10 - 2014-12-14 10:11 - 00000000 ____D () C:\Users\Czarek\AppData\Local\NVIDIA Corporation
2014-12-14 10:10 - 2014-12-14 10:10 - 00000000 ____D () C:\Users\Czarek\AppData\Local\NVIDIA
2014-12-14 10:02 - 2014-12-14 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-14 10:02 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-14 10:02 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-14 10:01 - 2014-12-14 10:11 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-14 10:01 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-14 10:01 - 2014-11-17 23:18 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-12-14 10:01 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-14 10:01 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-14 10:01 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-12-14 10:01 - 2014-11-12 22:56 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-14 10:01 - 2014-11-12 22:56 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-14 10:01 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-14 10:01 - 2014-11-11 11:29 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-14 10:01 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-14 10:01 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-14 10:01 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-14 10:00 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-14 10:00 - 2014-12-14 10:00 - 00000000 ____D () C:\NVIDIA
2014-12-14 09:59 - 2014-12-14 09:59 - 00190464 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2014-12-13 07:54 - 2014-12-13 07:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 07:54 - 2014-12-13 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-12 18:07 - 2014-12-12 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-12 18:07 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\Program Files\iTunes
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-12 18:06 - 2014-12-12 18:06 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\iPod
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\Bonjour
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-12-11 06:59 - 2014-12-11 06:59 - 00000000 ____D () C:\Windows\system32\appraiser
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-10 19:53 - 2014-08-04 11:59 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Skype
2015-01-10 19:52 - 2014-12-04 21:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-10 19:52 - 2014-09-12 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-10 19:52 - 2014-09-04 06:17 - 00003256 _____ () C:\Windows\System32\Tasks\IORRT
2015-01-10 19:52 - 2014-08-04 11:31 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Spotify
2015-01-10 19:52 - 2014-08-04 11:27 - 00000990 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-10 19:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 09:40 - 2014-11-14 06:57 - 00009730 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-10 09:40 - 2014-08-04 10:59 - 01527021 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 09:40 - 2009-07-14 05:45 - 00012928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 09:40 - 2009-07-14 05:45 - 00012928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 09:38 - 2014-10-03 06:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-10 08:46 - 2014-08-06 12:09 - 00000000 ____D () C:\Users\Czarek\IdeaProjects
2015-01-10 08:46 - 2014-08-04 11:27 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-10 08:39 - 2014-08-04 12:18 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\.minecraft
2015-01-10 08:09 - 2014-09-15 19:32 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Adobe
2015-01-10 08:05 - 2009-07-14 06:13 - 00787758 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-09 15:41 - 2014-09-16 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-09 15:41 - 2014-08-29 17:05 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time
2015-01-09 15:32 - 2014-08-04 10:59 - 00000000 ____D () C:\Users\Czarek
2015-01-09 15:31 - 2014-08-06 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2015-01-09 15:31 - 2014-08-06 12:03 - 00000000 ____D () C:\Program Files (x86)\JetBrains
2015-01-09 06:50 - 2014-08-04 11:54 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Spotify
2015-01-07 22:31 - 2014-09-30 06:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNium
2015-01-07 22:31 - 2014-09-09 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.2
2015-01-07 21:57 - 2014-10-18 10:33 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-01-07 21:57 - 2014-09-14 19:08 - 00000000 ____D () C:\Users\Czarek\js_plugins
2015-01-07 18:59 - 2014-09-09 19:31 - 00000000 ____D () C:\ProgramData\EXS
2015-01-07 16:28 - 2014-08-04 11:23 - 00112360 _____ () C:\Users\Czarek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 16:28 - 2009-07-14 05:45 - 05097816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-07 12:57 - 2014-08-06 12:07 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-06 18:51 - 2014-08-04 11:56 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\BitTorrent
2015-01-06 18:41 - 2014-08-05 14:18 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\vlc
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 15:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-03 18:49 - 2014-08-04 13:02 - 00003548 _____ () C:\Windows\System32\Tasks\IR7
2014-12-29 14:45 - 2014-08-29 10:43 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-28 16:47 - 2014-09-11 14:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\FileZilla
2014-12-27 08:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-12-18 07:01 - 2014-08-04 11:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-17 12:17 - 2014-09-02 14:13 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Audacity
2014-12-14 11:56 - 2014-08-13 11:24 - 01065984 _____ () C:\Users\Czarek\AppData\Local\file__0.localstorage
2014-12-14 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-14 07:52 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 18:55 - 2014-08-13 11:24 - 00002117 _____ () C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk
2014-12-13 07:54 - 2014-08-04 11:30 - 00000000 ____D () C:\ProgramData\Skype
2014-12-12 18:06 - 2014-09-17 11:29 - 00000000 ____D () C:\ProgramData\Apple
2014-12-12 17:48 - 2014-11-15 07:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-12 17:44 - 2014-09-17 11:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-12-12 15:38 - 2014-10-03 06:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 15:38 - 2014-10-03 06:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 15:38 - 2014-10-03 06:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 08:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 06:59 - 2014-08-04 13:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 06:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 06:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
 
Some content of TEMP:
====================
C:\Users\Czarek\AppData\Local\Temp\jansi-64-git-Spigot-29dbaa7-262c777.dll
C:\Users\Czarek\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-04 10:55
 
==================== End Of Log ============================

 

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2015
Ran by Czarek at 2015-01-10 19:54:03
Running from C:\Users\Czarek\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.79 - ASUSTeK Computer Inc.)
AIDA64 Extreme v4.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.50 - FinalWire Ltd.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple-programstöd (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS Phoebus Audio Sound Card (HKLM-x32\...\{F07DD099-4BB2-44E9-8E64-FE9B781E8C02}) (Version:   - ASUS Phoebus)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BitTorrent (HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5332 - Corsair)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Cyberduck 4.5.2 (15058) (HKLM-x32\...\Cyberduck) (Version: 4.5.2 (15058) - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
f.lux (HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Flux) (Version:  - )
FileZilla Client 3.9.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.2 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GitHub (HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\5f7eb300e2ea4ebf) (Version: 2.2.0.0 - GitHub, Inc.)
Glary Utilities 5.15 (HKLM-x32\...\Glary Utilities 5) (Version: 5.15.0.28 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\{80E666DA-3CC1-3476-9968-029D9F1FEB8F}) (Version: 65.240.16509 - Google, Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
Gtk# for .Net 2.12.10 (HKLM-x32\...\{550B72C4-F404-4812-971F-947E835A877E}) (Version: 2.12.10 - Novell, Inc.)
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
iExplorer 3.4.0.1 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.3.400 - Intel Corporation)
IntelliJ IDEA Community Edition 13.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 13.1.4) (Version: 135.1230 - JetBrains s.r.o.)
IntelliJ IDEA Community Edition 14.0.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 14.0.2) (Version: 139.659.2 - JetBrains s.r.o.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java SE Development Kit 7 Update 65 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170650}) (Version: 1.7.0.650 - Oracle)
Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
Kepard (HKLM-x32\...\Kepard) (Version:  - Kepard) <==== ATTENTION!
KeyBot (HKLM-x32\...\{DF53C8ED-1B43-475D-8CEB-9462E7BC2D9C}) (Version: 1.00.11 - ASUSTeK Computer Inc.)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Svenska (HKLM\...\{90150000-001F-041D-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MyDriveConnect 3.3.0.1812 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Node.js (HKLM\...\{F40E7A6E-DE41-418B-93DA-81549610E5DF}) (Version: 0.10.33 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OCCT 4.4.0 (HKLM-x32\...\OCCT) (Version: 4.4.0 - Ocbase.com)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenSSL 1.0.1j (64-bit) (HKLM\...\OpenSSL (64-bit)_is1) (Version:  - OpenSSL Win64 Installer Team)
Oracle VM VirtualBox 4.3.14 (HKLM\...\{8DD94059-60C6-42E3-AB59-8F37445ACC79}) (Version: 4.3.14 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Sublime Text Build 3065 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\WinDirStat) (Version:  - )
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Аrdаmаx Keylogger 4.2 (HKLM-x32\...\Аrdаmаx Keylogger 4.2) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
14-12-2014 11:47:59 Device Driver Package Install: EuMus Design Sound, video and game controllers
18-12-2014 20:05:57 Windows Update
26-12-2014 09:48:59 Scheduled Checkpoint
29-12-2014 07:54:39 Windows Update
03-01-2015 18:53:50 Windows Update
03-01-2015 20:34:56 avast! antivirus system restore point
03-01-2015 20:35:16 Device Driver Package Install: Avast Network Service
03-01-2015 20:35:59 avast! antivirus system restore point
03-01-2015 20:38:47 Device Driver Package Install: Avast Network Service
03-01-2015 20:40:32 avast! antivirus system restore point
09-01-2015 06:54:30 Windows Update
09-01-2015 15:34:42 avast! antivirus system restore point
09-01-2015 15:39:04 Installed AVG 2015
09-01-2015 15:39:13 Installed AVG 2015
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09C2C34E-517E-445D-B031-9BC17CD45D57} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-04-09] (ASUSTeK Computer Inc.)
Task: {0D3FCDE7-518F-4794-8D9C-D6E7810FFC02} - System32\Tasks\ASUS\KeyBot Execute => C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe [2014-04-15] ()
Task: {0E459553-DE60-4979-9AA9-B07FBFB1DF01} - System32\Tasks\Hybrid4 => taskkill
Task: {1E5303D5-0A6F-430A-88EF-666B073DB80B} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-05-25] (TODO: <Company name>)
Task: {20386485-7DE5-4CE5-8CF2-8FBB8489A03A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {404C00C1-A252-4C40-9011-4018FE187CD3} - System32\Tasks\{E66D29C5-942C-461A-96E1-7B22A923E64C} => pcalua.exe -a "C:\Users\Czarek\Desktop\Display Driver Uninstaller.exe" -d C:\Users\Czarek\Desktop
Task: {41D67731-C21F-46F3-BD3C-AC9CFEEEAF4A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-12-22] (Glarysoft Ltd)
Task: {4379357B-C628-47EC-B7DE-350592A013A0} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-03-27] ()
Task: {5385F5E1-F020-4A8C-94E5-002CFB66225A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {543E1BB8-6690-46A9-A2EF-844704558B4A} - System32\Tasks\IORRT => C:\Trial\IORRT\IORRT.bat [2014-09-04] ()
Task: {56CE7DDA-CC75-4ACD-862F-B7768315576F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {61B163B4-7393-4DFD-824F-A170DF6C87FE} - System32\Tasks\Hybrid2 => C:\Trial\IR7\IR7.vbs [2014-08-04] ()
Task: {8077E323-E366-4D37-ACB2-898F5EFC30CA} - System32\Tasks\AdobeAAMUpdater-1.0-Swagmaster-Czarek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {8F03C93C-EAC6-4743-9946-A5EFC33CA259} - System32\Tasks\Hybrid => C:\Trial\IORRT\IORRT.bat [2014-09-04] ()
Task: {935167B7-7A85-431F-9FB2-4346AB9AC3A4} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-01-10] (ASUSTeK Computer Inc.)
Task: {956C852E-8F55-41BA-A236-732AEF661646} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {ABF4D2E1-2128-4181-9438-672014E48079} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2014-08-07] ()
Task: {CB102F8E-0C5C-4659-857A-04D975C5E330} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-05-25] ()
Task: {D81C7C68-EB2A-4916-A4AF-B38BE8F8EC16} - System32\Tasks\IR7 => cmd.exe /c cscript.exe /b C:\Windows\System32\slmgr.vbs /rearm &amp;&amp; net stop sppsvc &amp;&amp; net start sppsvc
Task: {DA3810CE-4462-4BF4-A74E-71F0E485FA4D} - System32\Tasks\Hybrid3 => taskkill
Task: {E260DD8C-9F36-4C3B-8921-452FC85A84FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E4180AE5-DA46-4628-B3F2-ECB4215DD7F4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EB8B9655-D61C-4AD1-9313-A0BC07C875CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-04] (Google Inc.)
Task: {EEBD8A31-D82A-4C59-9B5B-C6BA09ED277A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F0EE58F9-7BA1-45F4-99C5-368CD9416707} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {F3D39F01-F452-459B-B9ED-AEED2DB9553E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F9F34372-053B-41C0-A4C5-23E9161A089B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-04] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-12-14 10:01 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-11 08:52 - 2014-04-11 08:52 - 00034304 _____ () C:\Windows\System32\sst8clm.dll
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-08-23 09:17 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2014-09-09 06:40 - 2014-04-15 09:22 - 01615160 _____ () C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe
2014-08-09 06:56 - 2014-08-07 10:50 - 03104256 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
2014-08-23 09:18 - 2014-05-25 22:15 - 01270584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-08-04 11:47 - 2011-02-25 17:07 - 00204800 ____N () C:\Windows\SysWOW64\ExMgr.exe
2014-11-11 21:28 - 2013-11-20 11:52 - 02384384 ____N () C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe
2014-09-09 06:40 - 2014-03-21 15:44 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2012-01-10 13:41 - 2014-08-04 12:49 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2014-08-23 09:18 - 2014-04-11 08:53 - 01045304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2014-08-23 09:18 - 2014-04-11 09:53 - 00037176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2014-08-04 11:31 - 2014-12-11 15:19 - 00374840 _____ () C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-23 09:17 - 2015-01-10 19:52 - 00037376 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-08-23 09:17 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2014-08-04 11:47 - 2013-05-16 09:18 - 00090112 ____N () C:\Windows\SysWOW64\ExSrv.dll
2014-09-09 06:40 - 2014-01-16 10:20 - 00462848 _____ () C:\Program Files (x86)\ASUS\KeyBot\Macro_HookKey.dll
2014-09-09 06:40 - 2010-08-09 20:23 - 00175616 _____ () C:\Program Files (x86)\ASUS\KeyBot\AsusService.dll
2014-09-09 06:40 - 2013-09-03 09:49 - 00253952 _____ () C:\Program Files (x86)\ASUS\KeyBot\pngio.dll
2014-09-09 06:40 - 2012-02-02 20:26 - 00208896 _____ () C:\Program Files (x86)\ASUS\KeyBot\ImageHelper.dll
2014-08-09 06:56 - 2014-05-15 12:55 - 00203264 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
2014-08-09 06:56 - 2014-05-15 12:55 - 00203776 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2014-08-23 09:18 - 2014-05-25 22:15 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-08-23 09:18 - 2014-05-25 22:15 - 00859136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-08-23 09:18 - 2014-05-25 22:15 - 00801280 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-08-23 09:18 - 2014-05-25 22:15 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-08-23 09:18 - 2014-05-25 22:15 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2014-10-14 23:28 - 2014-10-14 23:28 - 08897696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-04 11:31 - 2014-12-11 15:19 - 36966968 _____ () C:\Users\Czarek\AppData\Roaming\Spotify\Data\libcef.dll
2015-01-10 19:52 - 2015-01-10 19:52 - 00098816 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32api.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00110080 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\pywintypes27.dll
2015-01-10 19:52 - 2015-01-10 19:52 - 00364544 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\pythoncom27.dll
2015-01-10 19:52 - 2015-01-10 19:52 - 00045568 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\_socket.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 01160704 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\_ssl.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00320512 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32com.shell.shell.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00713216 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\_hashlib.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 01175040 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._core_.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00805888 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._gdi_.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00811008 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._windows_.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 01062400 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._controls_.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00735232 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._misc_.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00128512 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\_elementtree.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00127488 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\pyexpat.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00557056 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\pysqlite2._sqlite.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00087552 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\_ctypes.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00119808 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32file.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00108544 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32security.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00007168 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\hashobjs_ext.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00167936 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32gui.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00018432 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32event.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00038912 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32inet.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00011264 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32crypt.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00070656 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._html2.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00027136 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\_multiprocessing.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00035840 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32process.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00686080 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\unicodedata.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00122368 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._wizard.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00024064 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32pipe.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00025600 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32pdh.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00525640 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\windows._lib_cacheinvalidation.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00010240 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\select.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00017408 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32profile.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00022528 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\win32ts.pyd
2015-01-10 19:52 - 2015-01-10 19:52 - 00078336 _____ () C:\Users\Czarek\AppData\Local\Temp\_MEI29442\wx._animate.pyd
2014-08-23 09:18 - 2013-11-20 09:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2014-08-23 09:18 - 2013-07-02 09:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2014-08-04 11:31 - 2014-12-11 15:19 - 00867896 _____ () C:\Users\Czarek\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-08-04 11:31 - 2014-12-11 15:19 - 00886840 _____ () C:\Users\Czarek\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-08-04 11:31 - 2014-12-11 15:19 - 00108600 _____ () C:\Users\Czarek\AppData\Roaming\Spotify\Data\libegl.dll
2014-12-12 15:11 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 15:11 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 15:11 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 15:11 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Client.jar => C:\Users\Czarek\Client.jar
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: Driver Detective => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
MSCONFIG\startupreg: EXS Start => C:\ProgramData\EXS\EXS.exe
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: iTunesHelper => "E:\Mass Programs\Itunes\iTunesHelper.exe"
MSCONFIG\startupreg: javak.jar => C:\Users\Czarek\javak.jar
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TBPanel => "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2183272898-1276940399-4256036921-500 - Administrator - Disabled)
Czarek (S-1-5-21-2183272898-1276940399-4256036921-1000 - Administrator - Enabled) => C:\Users\Czarek
Guest (S-1-5-21-2183272898-1276940399-4256036921-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/10/2015 07:52:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/10/2015 08:00:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/10/2015 07:59:40 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (01/10/2015 07:59:40 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (01/10/2015 07:59:40 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (01/09/2015 08:09:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/09/2015 08:09:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/09/2015 08:09:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/09/2015 08:08:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/09/2015 03:41:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (01/09/2015 11:11:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update service service failed to start due to the following error: 
%%1053
 
Error: (01/09/2015 11:11:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Update service service to connect.
 
Error: (01/09/2015 06:50:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update service service failed to start due to the following error: 
%%1053
 
Error: (01/09/2015 06:50:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Update service service to connect.
 
Error: (01/08/2015 07:08:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update service service failed to start due to the following error: 
%%1053
 
Error: (01/08/2015 07:08:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Update service service to connect.
 
Error: (01/08/2015 07:08:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (01/08/2015 02:10:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update service service failed to start due to the following error: 
%%1053
 
Error: (01/08/2015 02:10:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Update service service to connect.
 
Error: (01/08/2015 06:58:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (01/10/2015 07:52:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/10/2015 08:00:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/10/2015 07:59:40 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (01/10/2015 07:59:40 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (01/10/2015 07:59:40 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (01/09/2015 08:09:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Czarek\Desktop\wipe\esetsmartinstaller_enu.exe
 
Error: (01/09/2015 08:09:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Czarek\Desktop\wipe\esetsmartinstaller_enu.exe
 
Error: (01/09/2015 08:09:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Czarek\Desktop\wipe\esetsmartinstaller_enu.exe
 
Error: (01/09/2015 08:08:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Usual\Downloads\esetsmartinstaller_enu.exe
 
Error: (01/09/2015 03:41:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 21%
Total physical RAM: 16325.74 MB
Available physical RAM: 12850.08 MB
Total Pagefile: 24515.92 MB
Available Pagefile: 20576.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.35 GB) (Free:108.86 GB) NTFS
Drive e: (Mass Storage) (Fixed) (Total:1863.01 GB) (Free:990.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 750E290C)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: FE0B5BFF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:40 AM

Posted 10 January 2015 - 01:56 PM

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 Czaarek99

Czaarek99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 10 January 2015 - 02:13 PM

Adwcleaner:
 
# AdwCleaner v4.107 - Report created 10/01/2015 at 19:59:42
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Czarek - SWAGMASTER
# Running from : C:\Users\Czarek\Desktop\AdwCleaner .exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Mozilla Firefox v34.0.5 (x86 en-US)
 
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[R0].txt - [1067 octets] - [07/01/2015 19:08:30]
AdwCleaner[R1].txt - [910 octets] - [10/01/2015 19:58:51]
AdwCleaner[S0].txt - [1137 octets] - [07/01/2015 19:09:25]
AdwCleaner[S1].txt - [832 octets] - [10/01/2015 19:59:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [891 octets] ##########
 
MBAM:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2015-01-10
Scan Time: 20:01:56
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.10.15
Rootkit Database: v2015.01.07.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Czarek
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347462
Time Elapsed: 4 min, 20 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x64
Ran by Czarek on 2015-01-10 at 20:08:38,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-01-10 at 20:10:28,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
FRST:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2015
Ran by Czarek (administrator) on SWAGMASTER on 10-01-2015 20:11:09
Running from C:\Users\Czarek\Desktop
Loaded Profile: Czarek (Available profiles: Czarek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Windows\SysWOW64\ExMgr.exe
() C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
() C:\Program Files (x86)\puush\puush.exe
(Flux Software LLC) C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Cmedia Electronics Inc.) C:\Windows\system\ATLOISAService.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [PheobusEX] => C:\Windows\syswow64\ExMgr.exe [204800 2011-02-25] ()
HKLM\...\Run: [GamecomSound] => C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe [2384384 2013-11-20] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-08-04] ()
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [f.lux] => C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [Spotify] => C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iMacros for Firefox - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-12-18]
FF Extension: ReloadEvery - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-12-15]
FF Extension: Greasemonkey - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-12-15]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://i.imgur.com/35yYCKA.png
CHR Profile: C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-04]
CHR Extension: (Google Drive) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-04]
CHR Extension: (YouTube) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-04]
CHR Extension: (plugCubed) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli [2014-08-04]
CHR Extension: (Webpage Screenshot) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-08-04]
CHR Extension: (Google Search) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-04]
CHR Extension: (Google Play Music) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-12-22]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-09-07]
CHR Extension: (EditThisCookie) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-08-04]
CHR Extension: (AdBlock) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-04]
CHR Extension: (Summer Fields) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lioedaeelokfajcbbdbbljmcjadfbngf [2014-08-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Google Wallet) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-04]
CHR Extension: (Deezer) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2014-08-04]
CHR Extension: (Gmail) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-04]
CHR HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-03-21] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-10] (ASUSTeK Computer Inc.)
S3 ATLMonitorService; C:\Windows\system\MonitorService.exe [650752 2013-10-01] (Cmedia Electronics Inc) [File not signed]
R3 ATLOISAService; C:\Windows\system\ATLOISAService.exe [512000 2013-10-25] (Cmedia Electronics Inc.) [File not signed]
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-08-31] (Company) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 A2DDA; C:\USERS\CZAREK\DESKTOP\WIPE\EEK\BIN\a2ddax64.sys [26176 2015-01-04] (Emsisoft GmbH)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [34136 2014-05-27] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cleanhlp; C:\Users\Czarek\Desktop\wipe\EEK\bin\cleanhlp64.sys [57024 2015-01-04] (Emsisoft GmbH)
R3 CmHdAudAddService; C:\Windows\System32\DRIVERS\CMHDAudioV64.sys [67584 2013-07-17] (C-Media Electronics Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-07] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-10] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-07-15] (Oracle Corporation)
R3 cpuz137; \??\C:\Users\Czarek\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-10 20:11 - 2015-01-10 20:11 - 00024323 _____ () C:\Users\Czarek\Desktop\FRST.txt
2015-01-10 20:11 - 2015-01-10 19:53 - 02124288 _____ (Farbar) C:\Users\Czarek\Desktop\FRST64.exe
2015-01-10 20:10 - 2015-01-10 20:10 - 00000622 _____ () C:\Users\Czarek\Desktop\JRT.txt
2015-01-10 20:06 - 2015-01-10 20:06 - 00001047 _____ () C:\Users\Czarek\Desktop\mbam.txt
2015-01-10 20:01 - 2015-01-10 20:01 - 00000970 _____ () C:\Users\Czarek\Desktop\AdwCleaner[S1].txt
2015-01-10 19:53 - 2015-01-10 20:11 - 00000000 ____D () C:\FRST
2015-01-09 20:30 - 2015-01-09 20:30 - 00000061 _____ () C:\Users\Czarek\Desktop\sfader.txt
2015-01-09 20:09 - 2015-01-09 20:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-09 15:47 - 2015-01-09 15:47 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Avg_Update_1014av
2015-01-09 15:47 - 2015-01-09 15:47 - 00000000 ____D () C:\ProgramData\Avg_Update_1014av
2015-01-09 15:41 - 2015-01-10 20:00 - 00417878 _____ () C:\Windows\PFRO.log
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ___HD () C:\$AVG
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\TuneUp Software
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\AVG2015
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-09 15:36 - 2015-01-10 20:01 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-09 15:36 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Avg2015
2015-01-09 15:36 - 2015-01-09 15:36 - 00000000 ____D () C:\Users\Czarek\AppData\Local\MFAData
2015-01-09 15:32 - 2015-01-09 15:32 - 00000000 ____D () C:\Users\Czarek\.IdeaIC14
2015-01-09 15:31 - 2015-01-09 15:31 - 00001046 _____ () C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 14.0.2.lnk
2015-01-09 15:28 - 2015-01-09 15:30 - 583923250 _____ () C:\Users\Czarek\Desktop\intelli backup.zip
2015-01-08 19:48 - 2015-01-09 15:43 - 00000000 ____D () C:\Users\Czarek\Desktop\skyeffects backup
2015-01-08 06:57 - 2015-01-10 20:00 - 00001512 _____ () C:\Windows\setupact.log
2015-01-08 06:57 - 2015-01-08 06:57 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 22:30 - 2015-01-07 22:30 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-01-07 22:29 - 2015-01-10 20:00 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-07 22:29 - 2015-01-10 08:00 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-07 22:29 - 2015-01-07 22:29 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-01-07 22:29 - 2015-01-07 22:29 - 00002636 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-07 22:29 - 2015-01-07 22:29 - 00001096 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\GlarySoft
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\DiskDefrag
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-01-07 19:07 - 2015-01-10 19:59 - 00000000 ____D () C:\AdwCleaner
2015-01-07 19:06 - 2015-01-07 19:06 - 00000000 ____D () C:\Windows\ERUNT
2015-01-07 19:00 - 2015-01-07 19:00 - 00002354 _____ () C:\EamClean.log
2015-01-07 12:56 - 2015-01-07 12:56 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-06 13:44 - 2015-01-09 19:59 - 00001231 _____ () C:\Users\Czarek\Desktop\lvls.txt
2015-01-04 08:45 - 2015-01-08 06:59 - 00000000 ____D () C:\Users\Czarek\Desktop\wipe
2015-01-04 08:16 - 2015-01-04 08:16 - 00000247 _____ () C:\Windows\system32\2015-01-04-07-16-53.046-aswFe.exe-6260.log
2015-01-04 08:16 - 2015-01-04 08:16 - 00000197 _____ () C:\Windows\system32\2015-01-04-07-16-51.076-AvastVBoxSVC.exe-4768.log
2015-01-04 07:55 - 2015-01-04 07:55 - 00000247 _____ () C:\Windows\system32\2015-01-04-06-55-42.083-aswFe.exe-8132.log
2015-01-04 07:55 - 2015-01-04 07:55 - 00000197 _____ () C:\Windows\system32\2015-01-04-06-55-40.063-AvastVBoxSVC.exe-1740.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000247 _____ () C:\Windows\system32\2015-01-03-19-42-41.058-aswFe.exe-7796.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000197 _____ () C:\Windows\system32\2015-01-03-19-42-40.055-AvastVBoxSVC.exe-6060.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-03 20:42 - 2015-01-03 20:42 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-03 19:00 - 2015-01-03 19:00 - 00000000 ____D () C:\Program Files\HashTab Shell Extension
2014-12-28 16:10 - 2014-12-28 16:10 - 00097614 _____ () C:\ProgramData\1419779436.bdinstall.bin
2014-12-28 16:10 - 2014-12-28 16:10 - 00037823 _____ () C:\ProgramData\1419779435.bdinstall.bin
2014-12-28 16:07 - 2015-01-07 22:31 - 00000000 ____D () C:\Windows\Minidump
2014-12-23 10:04 - 2014-12-23 11:04 - 00000028 _____ () C:\Users\Czarek\Desktop\PORTAL.txt
2014-12-22 11:28 - 2014-12-22 11:28 - 00000865 _____ () C:\Users\Czarek\Desktop\Google Music Sync - Shortcut.lnk
2014-12-18 20:05 - 2014-12-24 20:21 - 00000133 _____ () C:\Users\Czarek\Desktop\tf2.txt
2014-12-18 15:11 - 2014-12-18 15:11 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\NVIDIA
2014-12-18 12:09 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 12:09 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 20:22 - 2014-12-16 20:22 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\TaiG
2014-12-16 09:12 - 2014-12-16 09:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 11:47 - 2014-12-14 11:48 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-12-14 11:47 - 2014-12-14 11:47 - 00098464 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-12-14 11:47 - 2014-12-14 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-12-14 11:45 - 2014-12-14 11:55 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\REAPER
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files\REAPER (x64)
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-12-14 10:10 - 2014-12-14 10:11 - 00000000 ____D () C:\Users\Czarek\AppData\Local\NVIDIA Corporation
2014-12-14 10:10 - 2014-12-14 10:10 - 00000000 ____D () C:\Users\Czarek\AppData\Local\NVIDIA
2014-12-14 10:02 - 2014-12-14 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-14 10:02 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-14 10:02 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-14 10:01 - 2014-12-14 10:11 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-14 10:01 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-14 10:01 - 2014-11-17 23:18 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-12-14 10:01 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-14 10:01 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-14 10:01 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-12-14 10:01 - 2014-11-12 22:56 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-14 10:01 - 2014-11-12 22:56 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-14 10:01 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-14 10:01 - 2014-11-11 11:29 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-14 10:01 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-14 10:01 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-14 10:01 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-14 10:00 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-14 10:00 - 2014-12-14 10:00 - 00000000 ____D () C:\NVIDIA
2014-12-14 09:59 - 2014-12-14 09:59 - 00190464 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2014-12-13 07:54 - 2014-12-13 07:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 07:54 - 2014-12-13 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-12 18:07 - 2014-12-12 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-12 18:07 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\Program Files\iTunes
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-12 18:06 - 2014-12-12 18:06 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\iPod
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\Bonjour
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-12-11 06:59 - 2014-12-11 06:59 - 00000000 ____D () C:\Windows\system32\appraiser
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-10 20:10 - 2014-08-04 11:59 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Skype
2015-01-10 20:06 - 2009-07-14 06:13 - 00787758 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-10 20:05 - 2014-08-04 11:31 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Spotify
2015-01-10 20:03 - 2014-08-04 10:59 - 01544311 _____ () C:\Windows\WindowsUpdate.log
2015-01-10 20:02 - 2014-11-14 06:57 - 00006462 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-10 20:01 - 2014-12-04 21:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-10 20:00 - 2014-09-12 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-10 20:00 - 2014-09-04 06:17 - 00003256 _____ () C:\Windows\System32\Tasks\IORRT
2015-01-10 20:00 - 2014-08-04 11:27 - 00000990 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-10 20:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-10 19:59 - 2009-07-14 05:45 - 00012928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 19:59 - 2009-07-14 05:45 - 00012928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 09:38 - 2014-10-03 06:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-10 08:46 - 2014-08-06 12:09 - 00000000 ____D () C:\Users\Czarek\IdeaProjects
2015-01-10 08:46 - 2014-08-04 11:27 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-10 08:39 - 2014-08-04 12:18 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\.minecraft
2015-01-10 08:09 - 2014-09-15 19:32 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Adobe
2015-01-09 15:41 - 2014-09-16 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-09 15:41 - 2014-08-29 17:05 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time
2015-01-09 15:32 - 2014-08-04 10:59 - 00000000 ____D () C:\Users\Czarek
2015-01-09 15:31 - 2014-08-06 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2015-01-09 15:31 - 2014-08-06 12:03 - 00000000 ____D () C:\Program Files (x86)\JetBrains
2015-01-09 06:50 - 2014-08-04 11:54 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Spotify
2015-01-07 22:31 - 2014-09-30 06:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNium
2015-01-07 22:31 - 2014-09-09 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.2
2015-01-07 21:57 - 2014-10-18 10:33 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-01-07 21:57 - 2014-09-14 19:08 - 00000000 ____D () C:\Users\Czarek\js_plugins
2015-01-07 18:59 - 2014-09-09 19:31 - 00000000 ____D () C:\ProgramData\EXS
2015-01-07 16:28 - 2014-08-04 11:23 - 00112360 _____ () C:\Users\Czarek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 16:28 - 2009-07-14 05:45 - 05097816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-07 12:57 - 2014-08-06 12:07 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-06 18:51 - 2014-08-04 11:56 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\BitTorrent
2015-01-06 18:41 - 2014-08-05 14:18 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\vlc
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 15:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-03 18:49 - 2014-08-04 13:02 - 00003548 _____ () C:\Windows\System32\Tasks\IR7
2014-12-29 14:45 - 2014-08-29 10:43 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-28 16:47 - 2014-09-11 14:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\FileZilla
2014-12-27 08:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-12-18 07:01 - 2014-08-04 11:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-17 12:17 - 2014-09-02 14:13 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Audacity
2014-12-14 11:56 - 2014-08-13 11:24 - 01065984 _____ () C:\Users\Czarek\AppData\Local\file__0.localstorage
2014-12-14 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-14 07:52 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 18:55 - 2014-08-13 11:24 - 00002117 _____ () C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk
2014-12-13 07:54 - 2014-08-04 11:30 - 00000000 ____D () C:\ProgramData\Skype
2014-12-12 18:06 - 2014-09-17 11:29 - 00000000 ____D () C:\ProgramData\Apple
2014-12-12 17:48 - 2014-11-15 07:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-12 17:44 - 2014-09-17 11:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-12-12 15:38 - 2014-10-03 06:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 15:38 - 2014-10-03 06:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 15:38 - 2014-10-03 06:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 08:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 06:59 - 2014-08-04 13:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 06:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 06:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
 
Some content of TEMP:
====================
C:\Users\Czarek\AppData\Local\Temp\jansi-64-git-Spigot-29dbaa7-262c777.dll
C:\Users\Czarek\AppData\Local\Temp\Quarantine.exe
C:\Users\Czarek\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Czarek\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-04 10:55
 
==================== End Of Log ============================


#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:40 AM

Posted 10 January 2015 - 02:57 PM

Hey my friend. :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    HKLM-x32\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    CHR HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 Czaarek99

Czaarek99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 11 January 2015 - 03:26 AM

Fixlog.txt Also, after the reboot made by FRST I got this .NET error:
emr0V.png
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2015
Ran by Czarek at 2015-01-11 08:13:33 Run:1
Running from C:\Users\Czarek\Desktop
Loaded Profile: Czarek (Available profiles: Czarek)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
EmptyTemp:
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
EmptyTemp: => Removed 425.9 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 08:14:04 ====
 
FRST.txt:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2015
Ran by Czarek (administrator) on SWAGMASTER on 11-01-2015 08:18:56
Running from C:\Users\Czarek\Desktop
Loaded Profile: Czarek (Available profiles: Czarek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\KeyBot\KeyBot.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Windows\SysWOW64\ExMgr.exe
() C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Flux Software LLC) C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Intel® Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Czarek\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Cmedia Electronics Inc.) C:\Windows\system\ATLOISAService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [PheobusEX] => C:\Windows\syswow64\ExMgr.exe [204800 2011-02-25] ()
HKLM\...\Run: [GamecomSound] => C:\Program Files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe [2384384 2013-11-20] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-08-04] ()
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [f.lux] => C:\Users\Czarek\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [Spotify] => C:\Users\Czarek\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2183272898-1276940399-4256036921-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iMacros for Firefox - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-12-18]
FF Extension: ReloadEvery - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-12-15]
FF Extension: Greasemonkey - C:\Users\Czarek\AppData\Roaming\Mozilla\Firefox\Profiles\b9kuai6l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-12-15]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://i.imgur.com/35yYCKA.png
CHR Profile: C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-04]
CHR Extension: (Google Drive) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-04]
CHR Extension: (YouTube) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-04]
CHR Extension: (plugCubed) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli [2014-08-04]
CHR Extension: (Webpage Screenshot) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-08-04]
CHR Extension: (Google Search) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-04]
CHR Extension: (Google Play Music) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-12-22]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-09-07]
CHR Extension: (EditThisCookie) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-08-04]
CHR Extension: (AdBlock) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-04]
CHR Extension: (Summer Fields) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lioedaeelokfajcbbdbbljmcjadfbngf [2014-08-04]
CHR Extension: (Google Wallet) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-04]
CHR Extension: (Deezer) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2014-08-04]
CHR Extension: (Gmail) - C:\Users\Czarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-04]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-28] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-03-21] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [389944 2014-05-10] (ASUSTeK Computer Inc.)
S3 ATLMonitorService; C:\Windows\system\MonitorService.exe [650752 2013-10-01] (Cmedia Electronics Inc) [File not signed]
R3 ATLOISAService; C:\Windows\system\ATLOISAService.exe [512000 2013-10-25] (Cmedia Electronics Inc.) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-08-31] (Company) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 A2DDA; C:\USERS\CZAREK\DESKTOP\WIPE\EEK\BIN\a2ddax64.sys [26176 2015-01-04] (Emsisoft GmbH)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [34136 2014-05-27] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cleanhlp; C:\Users\Czarek\Desktop\wipe\EEK\bin\cleanhlp64.sys [57024 2015-01-04] (Emsisoft GmbH)
R3 CmHdAudAddService; C:\Windows\System32\DRIVERS\CMHDAudioV64.sys [67584 2013-07-17] (C-Media Electronics Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-07] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-07-15] (Oracle Corporation)
R3 cpuz137; \??\C:\Users\Czarek\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-11 08:18 - 2015-01-11 08:19 - 00023876 _____ () C:\Users\Czarek\Desktop\FRST.txt
2015-01-11 08:17 - 2015-01-11 08:18 - 00005762 _____ () C:\Users\Czarek\Desktop\.NET.txt
2015-01-11 08:13 - 2015-01-10 19:53 - 02124288 _____ (Farbar) C:\Users\Czarek\Desktop\FRST64.exe
2015-01-10 19:53 - 2015-01-11 08:18 - 00000000 ____D () C:\FRST
2015-01-09 20:30 - 2015-01-09 20:30 - 00000061 _____ () C:\Users\Czarek\Desktop\sfader.txt
2015-01-09 20:09 - 2015-01-09 20:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-09 15:47 - 2015-01-09 15:47 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Avg_Update_1014av
2015-01-09 15:47 - 2015-01-09 15:47 - 00000000 ____D () C:\ProgramData\Avg_Update_1014av
2015-01-09 15:41 - 2015-01-11 08:14 - 00430498 _____ () C:\Windows\PFRO.log
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ___HD () C:\$AVG
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\TuneUp Software
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\AVG2015
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-09 15:39 - 2015-01-09 15:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-09 15:36 - 2015-01-11 08:12 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-09 15:36 - 2015-01-09 15:39 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Avg2015
2015-01-09 15:36 - 2015-01-09 15:36 - 00000000 ____D () C:\Users\Czarek\AppData\Local\MFAData
2015-01-09 15:32 - 2015-01-09 15:32 - 00000000 ____D () C:\Users\Czarek\.IdeaIC14
2015-01-09 15:31 - 2015-01-09 15:31 - 00001046 _____ () C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 14.0.2.lnk
2015-01-09 15:28 - 2015-01-09 15:30 - 583923250 _____ () C:\Users\Czarek\Desktop\intelli backup.zip
2015-01-08 19:48 - 2015-01-09 15:43 - 00000000 ____D () C:\Users\Czarek\Desktop\skyeffects backup
2015-01-08 06:57 - 2015-01-11 08:15 - 00001848 _____ () C:\Windows\setupact.log
2015-01-08 06:57 - 2015-01-08 06:57 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 22:30 - 2015-01-07 22:30 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-01-07 22:29 - 2015-01-11 08:14 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-07 22:29 - 2015-01-10 08:00 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-07 22:29 - 2015-01-07 22:29 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-01-07 22:29 - 2015-01-07 22:29 - 00002636 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-07 22:29 - 2015-01-07 22:29 - 00001096 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\GlarySoft
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\DiskDefrag
2015-01-07 22:29 - 2015-01-07 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-01-07 19:07 - 2015-01-10 19:59 - 00000000 ____D () C:\AdwCleaner
2015-01-07 19:06 - 2015-01-07 19:06 - 00000000 ____D () C:\Windows\ERUNT
2015-01-07 19:00 - 2015-01-07 19:00 - 00002354 _____ () C:\EamClean.log
2015-01-07 12:56 - 2015-01-07 12:56 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-06 13:44 - 2015-01-09 19:59 - 00001231 _____ () C:\Users\Czarek\Desktop\lvls.txt
2015-01-04 08:45 - 2015-01-08 06:59 - 00000000 ____D () C:\Users\Czarek\Desktop\wipe
2015-01-04 08:16 - 2015-01-04 08:16 - 00000247 _____ () C:\Windows\system32\2015-01-04-07-16-53.046-aswFe.exe-6260.log
2015-01-04 08:16 - 2015-01-04 08:16 - 00000197 _____ () C:\Windows\system32\2015-01-04-07-16-51.076-AvastVBoxSVC.exe-4768.log
2015-01-04 07:55 - 2015-01-04 07:55 - 00000247 _____ () C:\Windows\system32\2015-01-04-06-55-42.083-aswFe.exe-8132.log
2015-01-04 07:55 - 2015-01-04 07:55 - 00000197 _____ () C:\Windows\system32\2015-01-04-06-55-40.063-AvastVBoxSVC.exe-1740.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000247 _____ () C:\Windows\system32\2015-01-03-19-42-41.058-aswFe.exe-7796.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000197 _____ () C:\Windows\system32\2015-01-03-19-42-40.055-AvastVBoxSVC.exe-6060.log
2015-01-03 20:42 - 2015-01-03 20:42 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-03 20:42 - 2015-01-03 20:42 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-03 19:00 - 2015-01-03 19:00 - 00000000 ____D () C:\Program Files\HashTab Shell Extension
2014-12-28 16:10 - 2014-12-28 16:10 - 00097614 _____ () C:\ProgramData\1419779436.bdinstall.bin
2014-12-28 16:10 - 2014-12-28 16:10 - 00037823 _____ () C:\ProgramData\1419779435.bdinstall.bin
2014-12-28 16:07 - 2015-01-07 22:31 - 00000000 ____D () C:\Windows\Minidump
2014-12-23 10:04 - 2014-12-23 11:04 - 00000028 _____ () C:\Users\Czarek\Desktop\PORTAL.txt
2014-12-22 11:28 - 2014-12-22 11:28 - 00000865 _____ () C:\Users\Czarek\Desktop\Google Music Sync - Shortcut.lnk
2014-12-18 20:05 - 2014-12-24 20:21 - 00000133 _____ () C:\Users\Czarek\Desktop\tf2.txt
2014-12-18 15:11 - 2014-12-18 15:11 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\NVIDIA
2014-12-18 12:09 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 12:09 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-16 20:22 - 2014-12-16 20:22 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\TaiG
2014-12-16 09:12 - 2014-12-16 09:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 11:47 - 2014-12-14 11:48 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-12-14 11:47 - 2014-12-14 11:47 - 00098464 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-12-14 11:47 - 2014-12-14 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-12-14 11:45 - 2014-12-14 11:55 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\REAPER
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files\REAPER (x64)
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files\Common Files\Propellerhead Software
2014-12-14 11:45 - 2014-12-14 11:45 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-12-14 10:10 - 2014-12-14 10:11 - 00000000 ____D () C:\Users\Czarek\AppData\Local\NVIDIA Corporation
2014-12-14 10:10 - 2014-12-14 10:10 - 00000000 ____D () C:\Users\Czarek\AppData\Local\NVIDIA
2014-12-14 10:02 - 2014-12-14 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-14 10:02 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-14 10:02 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-14 10:02 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-14 10:01 - 2014-12-14 10:11 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-14 10:01 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-14 10:01 - 2014-11-17 23:18 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-12-14 10:01 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-14 10:01 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-14 10:01 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-12-14 10:01 - 2014-11-13 01:20 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-12-14 10:01 - 2014-11-12 22:56 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-14 10:01 - 2014-11-12 22:56 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-14 10:01 - 2014-11-12 22:56 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-14 10:01 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-14 10:01 - 2014-11-11 11:29 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-14 10:01 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-14 10:01 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-14 10:01 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-14 10:00 - 2014-12-14 10:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-14 10:00 - 2014-12-14 10:00 - 00000000 ____D () C:\NVIDIA
2014-12-14 09:59 - 2014-12-14 09:59 - 00190464 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2014-12-13 07:54 - 2014-12-13 07:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 07:54 - 2014-12-13 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-12 18:07 - 2014-12-12 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-12 18:07 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\Program Files\iTunes
2014-12-12 18:06 - 2014-12-12 18:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-12 18:06 - 2014-12-12 18:06 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\iPod
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files\Bonjour
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-11 08:18 - 2014-08-04 10:59 - 01584007 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 08:17 - 2014-11-14 06:57 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-11 08:17 - 2014-08-04 11:59 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Skype
2015-01-11 08:15 - 2014-12-04 21:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-11 08:15 - 2014-09-04 06:17 - 00003256 _____ () C:\Windows\System32\Tasks\IORRT
2015-01-11 08:15 - 2014-08-04 11:31 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Spotify
2015-01-11 08:15 - 2014-08-04 11:27 - 00000990 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 08:14 - 2014-09-12 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-11 08:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 08:14 - 2009-07-14 05:45 - 00012928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 08:14 - 2009-07-14 05:45 - 00012928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 20:46 - 2014-08-04 11:27 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-10 20:39 - 2014-08-04 12:18 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\.minecraft
2015-01-10 20:38 - 2014-10-03 06:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-10 20:06 - 2009-07-14 06:13 - 00787758 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-10 08:46 - 2014-08-06 12:09 - 00000000 ____D () C:\Users\Czarek\IdeaProjects
2015-01-10 08:09 - 2014-09-15 19:32 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Adobe
2015-01-09 15:41 - 2014-09-16 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-09 15:41 - 2014-08-29 17:05 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time
2015-01-09 15:32 - 2014-08-04 10:59 - 00000000 ____D () C:\Users\Czarek
2015-01-09 15:31 - 2014-08-06 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2015-01-09 15:31 - 2014-08-06 12:03 - 00000000 ____D () C:\Program Files (x86)\JetBrains
2015-01-09 06:50 - 2014-08-04 11:54 - 00000000 ____D () C:\Users\Czarek\AppData\Local\Spotify
2015-01-07 22:31 - 2014-09-30 06:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNium
2015-01-07 22:31 - 2014-09-09 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.2
2015-01-07 21:57 - 2014-10-18 10:33 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-01-07 21:57 - 2014-09-14 19:08 - 00000000 ____D () C:\Users\Czarek\js_plugins
2015-01-07 18:59 - 2014-09-09 19:31 - 00000000 ____D () C:\ProgramData\EXS
2015-01-07 16:28 - 2014-08-04 11:23 - 00112360 _____ () C:\Users\Czarek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 16:28 - 2009-07-14 05:45 - 05097816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-07 12:57 - 2014-08-06 12:07 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-06 18:51 - 2014-08-04 11:56 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\BitTorrent
2015-01-06 18:41 - 2014-08-05 14:18 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\vlc
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 15:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-03 18:49 - 2014-08-04 13:02 - 00003548 _____ () C:\Windows\System32\Tasks\IR7
2014-12-29 14:45 - 2014-08-29 10:43 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-28 16:47 - 2014-09-11 14:39 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\FileZilla
2014-12-27 08:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-12-18 07:01 - 2014-08-04 11:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-17 12:17 - 2014-09-02 14:13 - 00000000 ____D () C:\Users\Czarek\AppData\Roaming\Audacity
2014-12-14 11:56 - 2014-08-13 11:24 - 01065984 _____ () C:\Users\Czarek\AppData\Local\file__0.localstorage
2014-12-14 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-14 07:52 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 18:55 - 2014-08-13 11:24 - 00002117 _____ () C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk
2014-12-13 07:54 - 2014-08-04 11:30 - 00000000 ____D () C:\ProgramData\Skype
2014-12-12 18:06 - 2014-09-17 11:29 - 00000000 ____D () C:\ProgramData\Apple
2014-12-12 17:48 - 2014-11-15 07:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-12 17:44 - 2014-09-17 11:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-12-12 15:38 - 2014-10-03 06:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 15:38 - 2014-10-03 06:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 15:38 - 2014-10-03 06:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-04 10:55
 
==================== End Of Log ============================
 
ESET:
No log was given since no threats found:
 
emqS9.png
 
Question:
Except the websites problem I can say it takes a few more seconds to boot, but this is hard to tell since I am using a ssd as a boot drive.
 
Anyway, a website that seems to be broken 70% of the time for me is bukkit.org
If I go through a proxy it works fine, but this website gives me the not available error the most.


#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:40 AM

Posted 11 January 2015 - 07:48 AM

  • Download Windows Repair (All in One) from this site
  • Install the program then run it.
NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.
  • Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
  • If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk. In that case make sure you restart computer.
p22004342.gif
  • Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:
p22004343.gif
  • Go to Step 4 and under "System Restore" click on Create button:
p22004346.gif
  • Go to Start Repairs tab and click Start button. Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design. Click on Start button.
 
p22004347.gif
  • Post Windows Repair log which is located in the following folder:
    • 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
    • 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
Still problems?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 Czaarek99

Czaarek99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 11 January 2015 - 11:11 AM

Repair log:

 

Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Ultimate
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: SWAGMASTER
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Czarek
Current Profile SID: S-1-5-21-2183272898-1276940399-4256036921-1000
Current Profile Classes: S-1-5-21-2183272898-1276940399-4256036921-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Czarek\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:02:36
 
Process Count: 112
Commit Total: 4,00 GB
Commit Limit: 23,94 GB
Commit Peak: 4,30 GB
Handle Count: 38841
Kernel Total: 311,48 MB
Kernel Paged: 212,57 MB
Kernel Non Paged: 98,91 MB
System Cache: 2,31 GB
Thread Count: 1947
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15,94 GB
Memory Used: 3,57 GB(22,4002%)
Memory Avail.: 12,37 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15,94 GB
Memory Used: 3,01 GB(18,853%)
Memory Avail.: 12,94 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (2015-01-11 16:53:19)
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 169
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (2015-01-11 16:53:20)
   Running Repair Under Current User Account
   Done (2015-01-11 16:53:33)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (2015-01-11 16:53:33)
   Running Repair Under System Account
   Done (2015-01-11 16:56:17)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (2015-01-11 16:56:17)
   Running Repair Under System Account
   Done (2015-01-11 16:56:59)
 
03 - Reset Service Permissions
   Start (2015-01-11 16:56:59)
   Running Repair Under System Account
   Done (2015-01-11 16:57:14)
 
04 - Register System Files
   Start (2015-01-11 16:57:14)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 16:57:24)
 
05 - Repair WMI
   Start (2015-01-11 16:57:24)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   AVG Internet Security 2015 Exported.
 
   Exporting AntiSpyware Info...
   Windows Defender Exported.
   AVG Internet Security 2015 Exported.
 
   Exporting 3rd Party Firewall Info...
   AVG Internet Security 2015 Exported.
 
   Running Repair Under Current User Account
   Done (2015-01-11 16:58:42)
 
06 - Repair Windows Firewall
   Start (2015-01-11 16:58:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 16:59:18)
 
07 - Repair Internet Explorer
   Start (2015-01-11 16:59:18)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 16:59:27)
 
08 - Repair MDAC/MS Jet
   Start (2015-01-11 16:59:27)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 16:59:32)
 
09 - Repair Hosts File
   Start (2015-01-11 16:59:32)
   Running Repair Under System Account
   Done (2015-01-11 16:59:33)
 
10 - Remove Policies Set By Infections
   Start (2015-01-11 16:59:33)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 16:59:35)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (2015-01-11 16:59:35)
   Running Repair Under System Account
   Done (2015-01-11 16:59:36)
 
12 - Repair Icons
   Start (2015-01-11 16:59:36)
   Running Repair Under Current User Account
   Done (2015-01-11 16:59:37)
 
13 - Repair Winsock & DNS Cache
   Start (2015-01-11 16:59:37)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 16:59:52)
 
15 - Repair Proxy Settings
   Start (2015-01-11 16:59:52)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 16:59:54)
 
17 - Repair Windows Updates
   Start (2015-01-11 16:59:54)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (2015-01-11 17:00:12)
 
18 - Repair CD/DVD Missing/Not Working
   Start (2015-01-11 17:00:12)
   iTunes was found, adding UpperFilters for iTunes Reg Key
   UpperFilters added?: True
   Done (2015-01-11 17:00:12)
 
19 - Repair Volume Shadow Copy Service
   Start (2015-01-11 17:00:12)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:29)
 
21 - Repair MSI (Windows Installer)
   Start (2015-01-11 17:00:29)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:38)
 
23.01 - Repair bat Association
   Start (2015-01-11 17:00:38)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:40)
 
23.02 - Repair cmd Association
   Start (2015-01-11 17:00:40)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:42)
 
23.03 - Repair com Association
   Start (2015-01-11 17:00:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:44)
 
23.04 - Repair Directory Association
   Start (2015-01-11 17:00:44)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:46)
 
23.05 - Repair Drive Association
   Start (2015-01-11 17:00:46)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:49)
 
23.06 - Repair exe Association
   Start (2015-01-11 17:00:49)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:51)
 
23.07 - Repair Folder Association
   Start (2015-01-11 17:00:51)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:53)
 
23.08 - Repair inf Association
   Start (2015-01-11 17:00:53)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:55)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (2015-01-11 17:00:55)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:57)
 
23.10 - Repair msc Association
   Start (2015-01-11 17:00:57)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:00:59)
 
23.11 - Repair reg Association
   Start (2015-01-11 17:00:59)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:01:01)
 
23.12 - Repair scr Association
   Start (2015-01-11 17:01:01)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:01:03)
 
24 - Repair Windows Safe Mode
   Start (2015-01-11 17:01:03)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:01:05)
 
25 - Repair Print Spooler
   Start (2015-01-11 17:01:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:01:18)
 
26 - Restore Important Windows Services
   Start (2015-01-11 17:01:18)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:01:22)
 
27 - Set Windows Services To Default Startup
   Start (2015-01-11 17:01:23)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:01:28)
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1
 
31 - Repair Windows 'New' Submenu
   Start (2015-01-11 17:01:28)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (2015-01-11 17:01:30)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (2015-01-11 17:01:30)
   Total Repair Time: 00:08:13
 
 
...YOU MUST RESTART YOUR SYSTEM...
 
 
And yeah Im still having problems :(
 
All my other computers on the same network have no problems.

Edited by Czaarek99, 11 January 2015 - 11:15 AM.


#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:40 AM

Posted 11 January 2015 - 04:52 PM

Can you send me a screenshot of the broken Website? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 Czaarek99

Czaarek99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 12 January 2015 - 09:09 AM

Can you send me a screenshot of the broken Website? :)

As I said before the error is completely random and sometimes I can go a whole day without it happening, but then tomorrow websites don't work again. Basically chrome shows this error:

Gd8mL06.png

And the same thing happens in all browsers. And if I try to ping the website while I get this error it will return 127.0.0.1 which is localhost.



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:40 AM

Posted 12 January 2015 - 10:11 AM

I would say this problem is due to an error with your ISP , not with your system.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 Czaarek99

Czaarek99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 12 January 2015 - 10:23 AM

I would say this problem is due to an error with your ISP , not with your system.

I thought so first, but then I called my ISP and they said everything is fine.

And I want to point out that EVERY other computer, iPad, laptop on my network works flawlessly and never gets this problem, this problem is isolated purely to this computer.



#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:40 AM

Posted 12 January 2015 - 10:25 AM

OK then we will try something. :)

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users