Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Check your proxy settings 127.0.0.1:8080


  • This topic is locked This topic is locked
17 replies to this topic

#1 Tricky78

Tricky78

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 03:10 AM

Hi.  Only a few days ago I have started to get this error.  I have done a temp fix in the registry but every time I restart the PC the proxy comes back on.  If I shut the computer down it doesn't.

 

I have run lot of different program all which have not solved the problem, only my temp fix gets me back on line.  I have run FRST64 and here is my log.  I would really appreciate any help and the problem is driving my up the wall!

 

Many thanks

Rich

 

Attached Files

  • Attached File  FRST.txt   504.97KB   6 downloads


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:20 AM

Posted 05 February 2015 - 05:48 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 06:38 AM

Can you tell me the software you want me to remove and I will go ahead and remove them.  I bought the system from a friend so I have no idea what he has put on it before that is cracked


Edited by Tricky78, 05 February 2015 - 06:45 AM.


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:20 AM

Posted 05 February 2015 - 07:10 AM

Some entries show that at least your MS Office is cracked.

Please remove it now.

 

 

Please rescan with FRST (create a new  addition.txt as well) and pos the logs.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 07:27 AM

He is well going to get a mouth full from me as I have paid for that!.   Removing now and will re-scan.  Thanks for this



#6 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 07:38 AM

It keeps saying the logs are too big....but they arent


You can upload up to 7.03KB of files



#7 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 07:51 AM

The files are 503kb and 40kb.  Why is the limit now 7.03kb?  I cant upload the file or post the txt as txt to long :(


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:20 AM

Posted 05 February 2015 - 07:59 AM

Please attacht the files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 08:09 AM

Addition.txt  

Upload Skipped (This file was too big to upload)

 

This is the error I get when I try to attach the file like I did before



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:20 AM

Posted 05 February 2015 - 08:12 AM

Try to post its contents


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 08:20 AM

The file content it too big.  Should I try doing a whole now post?

#12 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 08:22 AM

Addition txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by Richard at 2015-02-05 12:45:34
Running from C:\Users\Richard\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
AVG PC TuneUp 2015 (en-GB) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version:  - Relic Entertainment)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version:  - Relic Entertainment)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dying Light Update v1.2.1 (HKLM-x32\...\RHlpbmdMaWdodA==_is1) (Version: 1 - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version:  - Codemasters)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FrostWire 5.7.4 (HKLM-x32\...\FrostWire 5) (Version: 5.7.4.1 - FrostWire LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version:  - Codemasters Racing)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 6510 series Basic Device Software (HKLM\...\{1952AED6-2908-418F-B9D8-AC359651F92D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6510 series Help (HKLM-x32\...\{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 6510 series Product Improvement Study (HKLM\...\{57CA7C8A-39E1-4CB5-B312-3E45B54AF51A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NHCmod v2.700b (HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\NHCmod v2.700b) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PC Monitor (HKLM\...\{A2D00ECD-15A1-4A4A-AE9E-6BA789AB54AD}) (Version: 2.9.3 - MMSOFT Design)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Sniper Elite: Nazi Zombie Army (HKLM-x32\...\Steam App 227100) (Version:  - Rebellion)
Sniper Elite: Nazi Zombie Army 2 (HKLM-x32\...\Steam App 247910) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 4.3.1 - Universal Media Server)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.42 - VSO Software)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinX HD Video Converter Deluxe 5.5.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
XviD4PSP 5.10.330.0 (HKLM-x32\...\XviD4PSP5_is1) (Version:  - Winnydows & fcp team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

28-01-2015 10:52:36 Windows Update
30-01-2015 12:55:58 Tunngle 5.1 Setup
03-02-2015 09:47:20 Restore Operation
04-02-2015 10:15:14 AA11
04-02-2015 11:14:38 Restore Operation
05-02-2015 07:18:45 REGISTRY EDIT

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {50EA607D-7CF8-44C9-AC2E-FFD43031C0DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {56AB9317-0E5C-4959-A68E-4437802AE1FC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {78951D5B-7AA4-4BBD-9DFE-D08BE4F08150} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {9AF04FD4-D438-4779-8636-F1858A1396B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26] (Google Inc.)
Task: {A8E22B26-3F0B-4BD7-B777-EF01526A5341} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {B9D7D2C1-DD60-4D35-A543-FC24CE1203D4} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies)
Task: {CB401AFB-03E5-4C6A-9290-C8AC21313411} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26] (Google Inc.)
Task: {CDFABC6B-BEEC-41C9-8A6D-365B668C6A63} - System32\Tasks\HPCustParticipation HP Photosmart 6510 series => C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D6721C84-989D-4BE6-A7AE-E50673D36688} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {DBAF0ADE-1CEC-4DD4-A9D0-9DB77E7573FA} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-12 16:03 - 2015-01-09 23:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-12 16:55 - 2015-01-20 09:45 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2012-02-20 19:06 - 2015-01-03 09:45 - 00266752 _____ () C:\Program Files\PC Monitor\OpenHardwareMonitorLib.dll
2014-09-13 16:11 - 2014-09-13 16:10 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-11-24 12:48 - 2014-11-24 12:48 - 00713528 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-11-24 12:49 - 2014-11-24 12:49 - 00856888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2014-09-18 07:23 - 2014-09-18 07:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 18:51 - 2014-10-14 18:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 07:23 - 2014-09-18 07:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 18:51 - 2014-10-14 18:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-07-12 14:05 - 2012-08-09 10:55 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-07-12 14:05 - 2012-08-09 10:55 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2014-11-23 03:39 - 2014-11-23 03:39 - 20385806 _____ () C:\Program Files (x86)\Universal Media Server\win32\mplayer.exe
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-07-13 06:14 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Richard\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Richard\OneDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "IntelTBRunOnce"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\StartupApproved\StartupFolder: => "SkyDrive Pro.lnk"
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\StartupApproved\StartupFolder: => "OneDrive for Business.lnk"
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\StartupApproved\Run: => "AdobeBridge"

==================== Accounts: =============================

Administrator (S-1-5-21-2795947289-3062736323-1448895467-500 - Administrator - Disabled)
Guest (S-1-5-21-2795947289-3062736323-1448895467-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2795947289-3062736323-1448895467-1008 - Limited - Enabled)
Richard (S-1-5-21-2795947289-3062736323-1448895467-1001 - Administrator - Enabled) => C:\Users\Richard

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2015 00:41:54 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 00:41:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/05/2015 09:10:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iOSCleaner.exe, version: 15.0.1001.238, time stamp: 0x547319ff
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process ID: 0xe5c
Faulting application start time: 0xiOSCleaner.exe0
Faulting application path: iOSCleaner.exe1
Faulting module path: iOSCleaner.exe2
Report ID: iOSCleaner.exe3
Faulting package full name: iOSCleaner.exe4
Faulting package-relative application ID: iOSCleaner.exe5

Error: (02/05/2015 07:40:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (02/05/2015 07:40:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (02/05/2015 07:40:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (02/05/2015 07:37:16 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 07:31:54 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 07:26:46 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 07:19:04 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

System errors:
=============
Error: (02/05/2015 00:43:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:43:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:43:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:43:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:43:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:43:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:42:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vcs service failed to start due to the following error:
%%577

Error: (02/05/2015 00:41:53 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:41:53 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (02/05/2015 00:41:53 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Microsoft Office Sessions:
=========================
Error: (02/05/2015 00:41:54 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 00:41:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/05/2015 09:10:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iOSCleaner.exe15.0.1001.238547319ffunknown0.0.0.000000000c000000500000000e5c01d0412321dfb1faC:\Program Files (x86)\AVG\AVG PC TuneUp\iOSCleaner.exeunknownde0f79a7-ad16-11e4-becb-9b14da963d5f

Error: (02/05/2015 07:40:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Richard\AppData\Local\Microsoft\Windows\INetCache\IE\9MD5T5YQ\esetsmartinstaller_enu.exe

Error: (02/05/2015 07:40:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Richard\AppData\Local\Microsoft\Windows\INetCache\IE\9MD5T5YQ\esetsmartinstaller_enu.exe

Error: (02/05/2015 07:40:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Richard\AppData\Local\Microsoft\Windows\INetCache\IE\9MD5T5YQ\esetsmartinstaller_enu.exe

Error: (02/05/2015 07:37:16 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 07:31:54 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 07:26:46 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description:

Error: (02/05/2015 07:19:04 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

CodeIntegrity Errors:
===================================
  Date: 2015-02-05 12:42:33.407
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-02-05 09:04:36.983
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:36.892
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:36.701
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:36.584
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:36.394
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:36.297
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:36.107
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:35.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 09:04:35.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 11%
Total physical RAM: 24535.67 MB
Available physical RAM: 21777.09 MB
Total Pagefile: 28119.67 MB
Available Pagefile: 25295.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.35 GB) (Free:974.41 GB) NTFS
Drive d: (Films) (Fixed) (Total:931.51 GB) (Free:417.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF3B2B2D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================



#13 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 08:25 AM

Cant do the FRST file :(



#14 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 10:04 AM

FRST PART 1

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Richard (administrator) on TRICKY on 05-02-2015 12:43:48
Running from C:\Users\Richard\Desktop
Loaded Profiles: Richard (Available profiles: Richard)
Platform: Windows 8.1 Pro (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Users\Richard\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(MMSOFT Design Ltd.) C:\Program Files\PC Monitor\PCMonitorSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(InstallShield) C:\Program Files (x86)\KMS Updater\Updater.exe
(MMSOFT Design Ltd.) C:\Program Files\PC Monitor\pcmontask.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files (x86)\Universal Media Server\win32\mplayer.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\...\MountPoints2: {1952f8d6-09df-11e4-8250-ccccaaa3f15d} - "M:\setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [HKLM] => ProxyEnable is set.
ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
HKU\S-1-5-21-2795947289-3062736323-1448895467-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2795947289-3062736323-1448895467-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {CB927D12-4FF7-4A9E-A169-56E4B8A75598} http://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value
Winsock: Catalog5-x64 07 C:\WINDOWS\system32\wlidnsp.dll [74240] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [74240] (Microsoft Corporation)
Tcpip\..\Interfaces\{CE5ED42E-7AFF-437B-B79B-E1EC14568121}: [NameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-07-12]

Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-26]
CHR Extension: (Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-26]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-26]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-26]
CHR Extension: (Google Search) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-11-26]
CHR Extension: (Google Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-26]
CHR Extension: (Google Wallet) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-26]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-25] (Electronic Arts)
R2 PC Monitor; C:\Program Files\PC Monitor\PCMonitorSrv.exe [855000 2015-01-10] (MMSOFT Design Ltd.)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-09-13] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-09-12] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
R2 Updater.exe; C:\Program Files (x86)\KMS Updater\Updater.exe [35328 2014-11-13] (InstallShield) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-07-12] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2014-10-03] () [File not signed]
S3 VCSVADHWSer; C:\Windows\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) [File not signed]
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-07-12] (Microsoft Corporation)
S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\PC Monitor\PCMonitorSrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)



#15 Tricky78

Tricky78
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:20 AM

Posted 05 February 2015 - 10:08 AM

PART 2

 

2015-02-03 15:20 - 2015-02-03 15:20 - 00001094 _____ () C:\Users\Richard\Desktop\regedit - Shortcut.lnk
2015-02-03 13:34 - 2015-02-03 15:50 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-03 13:34 - 2015-02-03 13:34 - 00000000 ____D () C:\Users\Richard\AppData\Local\MFAData
2015-02-03 13:18 - 2015-02-05 07:18 - 02131968 _____ (Farbar) C:\Users\Richard\Desktop\FRST64.exe
2015-02-03 13:16 - 2015-02-05 12:43 - 00000000 ____D () C:\FRST
2015-02-03 13:07 - 2015-02-03 13:07 - 00000000 ____D () C:\Program Files (x86)\trend micro
2015-02-03 12:38 - 2015-02-03 13:03 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-02-03 12:38 - 2015-02-03 12:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-03 12:35 - 2015-02-03 12:36 - 18570328 _____ () C:\Users\Richard\Downloads\RogueKillerX64.exe
2015-02-03 11:17 - 2015-02-05 12:39 - 00000000 ____D () C:\ProgramData\Tunngle
2015-02-03 11:17 - 2015-02-04 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2015-02-03 11:17 - 2015-02-03 11:17 - 00001007 _____ () C:\Users\Public\Desktop\Tunngle.lnk
2015-02-03 11:17 - 2015-02-03 11:17 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2015-02-03 11:03 - 2015-02-03 11:03 - 00001550 _____ () C:\Users\Richard\Desktop\Wreckfest.lnk
2015-02-03 10:48 - 2015-02-03 10:48 - 00002245 _____ () C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
2015-02-03 10:48 - 2015-02-03 10:48 - 00002231 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-02-03 10:48 - 2015-02-03 10:48 - 00002219 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2015-02-03 10:48 - 2014-11-24 12:48 - 00040248 _____ (AVG Technologies) C:\WINDOWS\system32\TURegOpt.exe
2015-02-03 10:48 - 2014-11-24 12:48 - 00029496 _____ (AVG Technologies) C:\WINDOWS\system32\authuitu.dll
2015-02-03 10:48 - 2014-11-24 12:48 - 00025400 _____ (AVG Technologies) C:\WINDOWS\SysWOW64\authuitu.dll
2015-02-03 10:38 - 2015-02-05 12:42 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-03 10:38 - 2015-02-04 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-03 10:38 - 2015-02-03 10:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-03 10:38 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-03 10:38 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-03 10:37 - 2015-02-03 10:38 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-03 10:37 - 2015-02-03 10:38 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Malwarebytes
2015-02-03 10:37 - 2015-02-03 10:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-02-03 10:37 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-03 09:17 - 2015-02-03 09:17 - 00000000 ____D () C:\Users\Richard\AppData\Local\SKIDROW
2015-02-02 17:29 - 2015-02-02 17:29 - 00000000 ____D () C:\Program Files (x86)\Bugbear Entertainment
2015-01-31 10:33 - 2015-01-31 10:33 - 00007605 _____ () C:\Users\Richard\AppData\Local\Resmon.ResmonCfg
2015-01-29 18:27 - 2015-01-29 18:27 - 00000000 ____D () C:\Program Files\CPUID
2015-01-29 16:11 - 2015-01-29 16:11 - 00000000 ____D () C:\Users\Richard\Documents\DyingLight
2015-01-27 16:34 - 2015-01-27 16:34 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2015-01-27 16:34 - 2015-01-27 16:34 - 00000000 ____D () C:\Program Files (x86)\KMS Updater
2015-01-27 10:17 - 2015-01-27 10:17 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\75342A5C.sys
2015-01-24 12:49 - 2015-01-24 12:49 - 00002160 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2015-01-24 12:49 - 2015-01-24 12:49 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2015-01-24 12:49 - 2015-01-24 12:49 - 00001474 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-01-24 07:47 - 2015-01-24 07:47 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\10C34C87.sys
2015-01-23 10:51 - 2015-01-23 10:51 - 00000000 ____D () C:\Users\Richard\AppData\Local\ESN
2015-01-22 19:53 - 2015-01-13 04:15 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 32102544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 25459856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 24765584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 20465296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 17250776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 16009120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 13295552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 13210248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 10774544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 10714488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 10274448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-01-22 19:53 - 2015-01-10 08:07 - 03607184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 03245712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 02902456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 01895240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434725.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 01556808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434725.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00994712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00969360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00942736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00929424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00906384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00877488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00833864 _____ () C:\WINDOWS\system32\nvmcumd.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00496456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00353040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00345744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00305320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00177624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00100496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2015-01-22 19:53 - 2015-01-10 08:07 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2015-01-21 09:15 - 2015-01-21 09:15 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48882611.sys
2015-01-20 13:16 - 2015-01-20 13:16 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-01-20 11:09 - 2015-02-03 12:13 - 00000000 ____D () C:\Users\Richard\Documents\The Crew
2015-01-20 11:09 - 2015-02-03 11:29 - 00000000 ____D () C:\Users\Richard\Documents\ProfileCache
2015-01-20 10:11 - 2015-01-20 10:11 - 00000233 _____ () C:\Users\Richard\Desktop\The Crew (Worldwide).url
2015-01-20 10:11 - 2015-01-20 10:11 - 00000233 _____ () C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Crew (Worldwide).url
2015-01-19 13:06 - 2015-02-03 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExPVR
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\pH-Mb
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ExPVR
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Users\Richard\AppData\Local\pH-Mb
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Program Files (x86)\ExPVR
2015-01-19 12:46 - 2015-01-19 12:46 - 00003254 _____ () C:\WINDOWS\System32\Tasks\{1A13915F-35E4-4A66-9894-E660E1C0E228}
2015-01-16 17:13 - 2015-01-16 17:13 - 00002476 _____ () C:\Users\Richard\Desktop\NHCmod v2.700b.lnk
2015-01-16 17:13 - 2015-01-16 17:13 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NHCmod v2.700b
2015-01-16 10:04 - 2015-01-16 10:04 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\63D94493.sys
2015-01-14 08:43 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 08:43 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 08:43 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 08:42 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 08:42 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 08:42 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 08:42 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 08:42 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 08:42 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 08:42 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 08:42 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 08:42 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 08:42 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 08:42 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 08:42 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 08:42 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 08:42 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 08:42 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 08:42 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 08:42 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 08:42 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 08:42 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 08:42 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 08:42 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 08:42 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 08:42 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 08:42 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 08:42 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 08:42 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 08:42 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 08:42 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-12 10:37 - 2015-01-12 10:37 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-07 10:35 - 2015-01-07 10:35 - 00000000 ____D () C:\Program Files (x86)\PlanIT Business Management
2015-01-07 10:19 - 2015-01-07 10:37 - 00000210 _____ () C:\WINDOWS\Caligari.ini
2015-01-06 16:14 - 2015-01-06 16:20 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 12:43 - 2014-12-31 16:09 - 00000000 ____D () C:\ProgramData\UMS
2015-02-05 12:41 - 2014-12-31 18:22 - 00039305 _____ () C:\WINDOWS\setupact.log
2015-02-05 12:41 - 2014-11-26 07:54 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-05 12:41 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-05 12:40 - 2014-03-18 08:16 - 00148600 _____ () C:\WINDOWS\PFRO.log
2015-02-05 12:40 - 2013-08-22 14:44 - 05113384 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-05 12:39 - 2014-07-12 17:10 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Tunngle
2015-02-05 12:39 - 2014-07-12 14:14 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\TS3Client
2015-02-05 12:39 - 2014-07-12 11:12 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\ClassicShell
2015-02-05 12:32 - 2014-07-12 11:13 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2795947289-3062736323-1448895467-1001
2015-02-05 12:28 - 2014-07-12 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-05 12:27 - 2014-07-12 14:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-02-05 12:27 - 2014-07-12 14:23 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-02-05 12:27 - 2014-07-12 14:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-05 12:27 - 2014-03-18 15:10 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-02-05 12:27 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-05 12:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-05 12:26 - 2012-07-26 05:26 - 00000076 _____ () C:\WINDOWS\win.ini
2015-02-05 12:04 - 2014-07-13 07:42 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-05 12:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-05 11:59 - 2014-11-26 07:54 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-05 09:32 - 2014-07-12 16:03 - 01588305 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-05 09:13 - 2014-07-12 16:32 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Azureus
2015-02-05 08:35 - 2014-07-12 11:24 - 01064960 ___SH () C:\Users\Richard\Desktop\Thumbs.db
2015-02-05 08:28 - 2014-07-12 13:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-05 08:04 - 2014-07-13 07:42 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-05 07:30 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-04 18:03 - 2015-01-03 11:22 - 00000000 ____D () C:\Users\Richard\Documents\Assassin's Creed Unity
2015-02-04 11:39 - 2014-03-18 15:25 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-04 11:27 - 2014-07-12 16:07 - 00000000 ____D () C:\Users\Richard
2015-02-04 11:25 - 2014-11-26 07:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-04 11:25 - 2014-10-24 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-04 11:25 - 2014-09-12 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-02-04 11:25 - 2014-07-12 13:12 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-04 11:25 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\WinMetadata
2015-02-04 11:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2015-02-04 11:06 - 2014-07-12 18:24 - 00000000 __RDO () C:\Users\Richard\OneDrive.old
2015-02-04 06:56 - 2014-11-20 14:56 - 00005020 _____ () C:\WINDOWS\system32\TeamViewer10_Hooks.log
2015-02-04 06:56 - 2014-11-20 14:56 - 00000983 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-04 06:56 - 2014-07-12 16:54 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-04 06:54 - 2013-08-22 15:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-02-03 23:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-02-03 23:15 - 2014-03-18 15:10 - 00000000 __SHD () C:\WINDOWS\BitLockerDiscoveryVolumeContents
2015-02-03 23:15 - 2014-03-18 15:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sppui
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sppui
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-02-03 23:15 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-02-03 23:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-02-03 23:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-02-03 23:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-03 23:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-03 23:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-02-03 23:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-02-03 22:59 - 2014-07-12 16:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-03 22:58 - 2014-07-12 16:30 - 00167756 _____ () C:\WINDOWS\DirectX.log
2015-02-03 22:57 - 2014-07-12 11:54 - 00000000 ____D () C:\Users\Richard\Downloads\Games
2015-02-03 22:20 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-03 22:17 - 2013-08-22 15:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-02-03 22:17 - 2013-08-22 15:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-02-03 18:07 - 2014-07-12 11:06 - 00000000 ____D () C:\Users\Richard\AppData\Local\Packages
2015-02-03 15:50 - 2014-09-19 16:42 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-03 15:22 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-02-03 14:26 - 2014-09-08 12:35 - 00000000 ____D () C:\Users\Richard\Desktop\BordL2+28Tr-LNG_v1.0.29._UD16July2014
2015-02-03 14:26 - 2014-07-12 14:25 - 00000000 ____D () C:\Program Files (x86)\FrostWire 5
2015-02-03 14:01 - 2014-07-12 11:49 - 00000000 ____D () C:\Users\Richard\Documents\My Games
2015-02-03 13:40 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-03 13:36 - 2014-07-12 14:07 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\TuneUp Software
2015-02-03 11:17 - 2014-10-24 14:58 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2015-02-03 10:37 - 2014-08-12 08:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-03 10:32 - 2014-10-24 09:47 - 00000000 ____D () C:\Program Files\iTunes
2015-02-03 10:32 - 2014-10-24 09:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-03 10:30 - 2014-12-31 17:08 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\dvdcss
2015-02-03 10:30 - 2014-10-24 09:47 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-03 10:30 - 2014-09-12 13:30 - 00000000 ____D () C:\ProgramData\Origin
2015-02-03 10:30 - 2014-09-12 13:30 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-03 10:30 - 2014-07-12 11:31 - 00000000 ____D () C:\Users\Richard\Documents\FLiNGTrainer
2015-02-03 10:30 - 2014-07-12 11:12 - 00000000 ____D () C:\ProgramData\ClassicShell
2015-02-03 10:30 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-03 10:30 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-03 10:19 - 2014-10-24 09:47 - 00000000 ____D () C:\Program Files\iPod
2015-02-03 10:19 - 2014-07-12 17:15 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-02 13:45 - 2014-08-13 20:55 - 00241664 ___SH () C:\Users\Richard\Documents\Thumbs.db
2015-02-02 13:11 - 2014-07-14 16:42 - 00000380 _____ () C:\Users\Richard\AppData\Roaming\wklnhst.dat
2015-01-31 10:21 - 2014-07-12 16:29 - 00000000 ____D () C:\Users\Richard\AppData\Local\Windows Live
2015-01-30 10:33 - 2014-07-12 16:58 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\HpUpdate
2015-01-27 16:34 - 2014-09-08 13:42 - 00000000 ____D () C:\WINDOWS\AutoKMS
2015-01-26 10:02 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-24 20:20 - 2013-08-22 15:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 20:20 - 2013-08-22 15:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 18:44 - 2014-07-12 11:48 - 00000000 ____D () C:\Users\Richard\Documents\Matlock PreSchool
2015-01-24 12:49 - 2014-07-12 18:10 - 00001486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-01-24 12:49 - 2014-07-12 17:29 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-01-24 12:49 - 2014-07-12 17:29 - 00002230 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-01-24 12:49 - 2014-07-12 17:29 - 00002069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-01-24 12:48 - 2014-07-12 17:26 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-23 10:53 - 2014-09-12 22:46 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-23 10:53 - 2014-09-12 22:46 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-01-22 19:54 - 2014-10-03 12:40 - 00000000 ____D () C:\Temp
2015-01-22 19:54 - 2014-07-12 16:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-19 09:42 - 2014-07-12 23:14 - 00000400 __RSH () C:\ProgramData\ntuser.pol
2015-01-17 13:55 - 2014-12-07 13:30 - 00000000 __RHD () C:\ESD
2015-01-16 18:03 - 2012-07-26 08:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-16 06:41 - 2014-07-12 17:03 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-01-16 06:41 - 2014-07-12 17:03 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-01-16 06:41 - 2014-07-12 16:58 - 01514528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-01-16 06:41 - 2014-07-12 16:58 - 01278920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-01-14 08:51 - 2014-07-12 12:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 08:49 - 2014-07-12 12:30 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 21:35 - 2014-11-04 08:21 - 00000000 ____D () C:\Program Files\PC Monitor
2015-01-11 14:45 - 2014-07-13 05:52 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\Skype
2015-01-10 08:07 - 2014-12-25 10:05 - 18566296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-01-10 08:07 - 2014-12-25 10:05 - 14115944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-01-10 08:07 - 2014-12-25 10:05 - 03298816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-01-10 08:07 - 2014-12-25 10:05 - 01556808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2015-01-10 08:07 - 2014-07-12 11:16 - 00073872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-01-10 08:07 - 2014-07-12 11:16 - 00060744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-01-10 08:07 - 2014-03-20 22:02 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-01-09 23:30 - 2014-07-12 16:03 - 06860432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-01-09 23:30 - 2014-07-12 16:03 - 03517256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-01-09 23:29 - 2014-07-12 16:03 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-01-09 23:29 - 2014-07-12 16:03 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-01-09 23:29 - 2014-07-12 16:03 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-01-09 23:29 - 2014-07-12 16:03 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-01-09 19:47 - 2014-07-12 16:03 - 04173527 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-01-07 10:38 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries

==================== Files in the root of some directories =======

2014-12-15 10:53 - 2014-12-15 13:15 - 0099384 _____ () C:\Users\Richard\AppData\Roaming\inst.exe
2014-12-15 10:53 - 2014-12-15 13:15 - 0007859 _____ () C:\Users\Richard\AppData\Roaming\pcouffin.cat
2014-12-15 10:53 - 2014-12-15 13:15 - 0001167 _____ () C:\Users\Richard\AppData\Roaming\pcouffin.inf
2014-12-15 10:53 - 2014-12-15 13:15 - 0000055 _____ () C:\Users\Richard\AppData\Roaming\pcouffin.log
2014-12-15 10:53 - 2014-12-15 13:15 - 0082816 _____ (VSO Software) C:\Users\Richard\AppData\Roaming\pcouffin.sys
2014-12-15 10:52 - 2014-12-15 12:40 - 0001057 _____ () C:\Users\Richard\AppData\Roaming\vso_ts_preview.xml
2014-07-14 16:42 - 2015-02-02 13:11 - 0000380 _____ () C:\Users\Richard\AppData\Roaming\wklnhst.dat
2014-12-31 15:39 - 2014-12-31 15:39 - 0007680 _____ () C:\Users\Richard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 10:33 - 2015-01-31 10:33 - 0007605 _____ () C:\Users\Richard\AppData\Local\Resmon.ResmonCfg
2014-07-12 16:58 - 2014-07-12 16:58 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Richard\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Richard\AppData\Local\Temp\i4jdel0.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-04 10:35

==================== End Of Log ============================


the systems section is too long to post.....if I could attach it or email would be easier...not sure why I cant






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users