Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot remove detected virus/error...?


  • This topic is locked This topic is locked
31 replies to this topic

#1 Zylorarchy

Zylorarchy

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 07:22 AM

Please see attached document. I have tried removing the threat by pressing the (appropriate) buttons, I can click them but nothing happens. What do I do? System restore failed and now the restore point does not seem to go before the time at which this was detected... 

Attached Files



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 AM

Posted 20 February 2015 - 03:17 PM

Hello Zylorarchy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

 

---------------------

 

How many Bit system ?

 

Right-click My Computer
Properties> System type ??


Edited by olgun52, 20 February 2015 - 03:20 PM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 03:52 PM

Hello Zylorarchy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

 

---------------------

 

How many Bit system ?

 

Right-click My Computer
Properties> System type ??

 

 

64-bit operating system



#4 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 AM

Posted 20 February 2015 - 04:04 PM

  • Click here to download the AVG Remover tool. Please on the desktop
  • Run the downloaded tool and follow the instructions displayed on your screen.
  • Your computer will be restarted automatically. After the restart, AVG Remover will finish the uninstallation.

Let me know when you get that done


Edited by olgun52, 20 February 2015 - 04:05 PM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#5 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 04:24 PM

 

  • Click here to download the AVG Remover tool. Please on the desktop
  • Run the downloaded tool and follow the instructions displayed on your screen.
  • Your computer will be restarted automatically. After the restart, AVG Remover will finish the uninstallation.

Let me know when you get that done

 

 

Hello, I ran the tool and after (presumably?) uninstalling AVG (which has vanished save for the setup) it vanished completely with no automatic restart. I restarted the laptop anyway. 

 

Thank you for your help thus far, what next?



#6 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 AM

Posted 20 February 2015 - 04:34 PM

Hi Zylorarchy,

 

Before we move on, please read the following points carefully.
 

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.

 

  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks

---------------------------------------------------------------------------------------------------------

 

Please do the following.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Regards.

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#7 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 04:43 PM


---------------------------------------------------------------------------------------------------------

 

Please do the following.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Regards.

 

 

Results:

 

1) 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Ollie (administrator) on OLZ on 20-02-2015 21:40:06
Running from C:\Users\Ollie\Downloads
Loaded Profiles: Ollie (Available profiles: Ollie)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(MMSOFT Design Ltd.) C:\Program Files\Pulseway\PCMonitorSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(MMSOFT Design Ltd.) C:\Program Files\Pulseway\pcmontask.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Ollie\jagexcache\jagexlauncher\bin\JagexLauncher.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-08-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-08-28] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-06]
CHR Extension: (Google Docs) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-06]
CHR Extension: (Google Drive) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-06]
CHR Extension: (YouTube) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-06]
CHR Extension: (Adblock Plus) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-10]
CHR Extension: (Google Search) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-06]
CHR Extension: (Google Sheets) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-06]
CHR Extension: (Gmail) - C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-01-02] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-12-01] ()
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PC Monitor; C:\Program Files\Pulseway\PCMonitorSrv.exe [855000 2015-01-10] (MMSOFT Design Ltd.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-08-28] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 vm331avs; \SystemRoot\System32\Drivers\vm331avs.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files\Pulseway\PCMonitorSrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-20 21:40 - 2015-02-20 21:40 - 00017449 _____ () C:\Users\Ollie\Downloads\FRST.txt
2015-02-20 21:37 - 2015-02-20 21:40 - 00000000 ____D () C:\FRST
2015-02-20 21:37 - 2015-02-20 21:37 - 02086912 _____ (Farbar) C:\Users\Ollie\Downloads\FRST64.exe
2015-02-20 21:23 - 2015-02-20 21:23 - 00000000 ____D () C:\Users\Ollie\AppData\Local\MFAData
2015-02-20 21:23 - 2015-02-20 21:23 - 00000000 ____D () C:\Users\Ollie\AppData\Local\Avg2015
2015-02-20 21:23 - 2015-02-20 21:23 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-20 21:20 - 2015-02-20 21:20 - 00006132 _____ () C:\windows\PFRO.log
2015-02-20 21:15 - 2015-02-20 21:20 - 00000000 ____D () C:\AVG_Remover
2015-02-20 21:15 - 2015-02-20 21:15 - 01779224 _____ ( ) C:\Users\Ollie\Downloads\AVG_Remover.exe
2015-02-18 16:14 - 2015-02-18 16:14 - 00856064 _____ () C:\Users\Ollie\Downloads\Lecture 02A Estates and Interests.ppt
2015-02-18 16:13 - 2015-02-18 16:13 - 01405440 _____ () C:\Users\Ollie\Downloads\Lecture 02(B) full.ppt
2015-02-18 16:12 - 2015-02-18 16:12 - 01374208 _____ () C:\Users\Ollie\Downloads\Lecture 02 (B) - Estates and Interests in Land.ppt
2015-02-15 14:17 - 2015-02-15 14:17 - 02849792 _____ () C:\Users\Ollie\Downloads\Lecture 01 Introduction to Land Law.ppt
2015-02-13 17:28 - 2015-02-13 17:33 - 00000000 ____D () C:\Users\Ollie\Documents\Bandicam
2015-02-13 17:28 - 2015-02-13 17:28 - 00000000 ____D () C:\Users\Ollie\AppData\Roaming\NVIDIA
2015-02-13 17:28 - 2015-02-13 17:28 - 00000000 ____D () C:\Users\Ollie\AppData\Roaming\BANDISOFT
2015-02-13 17:27 - 2015-02-13 17:27 - 00001011 _____ () C:\Users\Ollie\Desktop\Bandicam.lnk
2015-02-13 17:27 - 2015-02-13 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-02-13 17:27 - 2015-02-13 17:27 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2015-02-13 17:27 - 2015-02-13 17:27 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2015-02-13 17:26 - 2015-02-13 17:27 - 09495760 _____ (Bandisoft) C:\Users\Ollie\Downloads\bdcamsetup.exe
2015-02-13 10:41 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-13 10:41 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 10:48 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 10:48 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 10:48 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-02-11 10:48 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-02-11 10:48 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 10:48 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 10:48 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 10:48 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 10:48 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 10:48 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 10:48 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-02-11 10:48 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-02-11 10:48 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 10:48 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 10:48 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 10:48 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 10:48 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 10:48 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 10:48 - 2014-12-08 23:12 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml
2015-02-11 10:48 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 10:48 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 10:48 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 10:48 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 10:48 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-02-11 10:48 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-02-11 10:48 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-02-11 10:48 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 10:48 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-02-11 10:48 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-02-11 10:48 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-02-11 10:48 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-02-11 10:48 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-02-11 10:47 - 2015-02-03 23:38 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 10:47 - 2015-02-03 23:08 - 00761856 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 10:47 - 2015-02-03 23:08 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 10:47 - 2015-02-02 23:11 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 10:47 - 2015-02-02 23:11 - 00894464 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 10:47 - 2015-02-02 23:11 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 10:47 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-02-11 10:47 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 10:47 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 10:47 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 10:47 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-11 10:47 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 10:47 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 10:47 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 10:47 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 10:47 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 10:47 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-02-11 10:47 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-02-11 10:47 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-02-11 10:47 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 10:47 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 10:47 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 10:47 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 10:47 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 10:47 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-02-11 10:47 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-02-11 10:47 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-02-11 10:47 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 10:47 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-02-11 10:47 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 10:47 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 10:47 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 10:47 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 10:47 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 10:47 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 10:47 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 10:47 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 10:47 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 10:47 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-01-22 14:22 - 2015-01-22 14:27 - 00000000 ____D () C:\Users\Ollie\OSBuddy
2015-01-22 14:21 - 2015-01-22 14:21 - 00881112 _____ () C:\Users\Ollie\Desktop\OSBuddy.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-20 21:39 - 2014-12-15 20:00 - 00100352 ___SH () C:\Users\Ollie\Downloads\Thumbs.db
2015-02-20 21:39 - 2014-12-11 17:37 - 00000000 ____D () C:\Users\Ollie\AppData\Roaming\Skype
2015-02-20 21:37 - 2014-12-06 12:27 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 21:35 - 2014-12-11 16:36 - 00000024 _____ () C:\Users\Ollie\jagexappletviewer.preferences
2015-02-20 21:30 - 2014-12-27 16:25 - 00018787 _____ () C:\windows\setupact.log
2015-02-20 21:26 - 2014-03-18 09:53 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-20 21:25 - 2014-12-06 12:27 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-401089337-2155654681-4268219413-1001
2015-02-20 21:22 - 2014-12-11 17:45 - 01418644 _____ () C:\windows\WindowsUpdate.log
2015-02-20 21:21 - 2014-12-11 16:37 - 00000044 _____ () C:\Users\Ollie\jagex_cl_runescape_LIVE.dat
2015-02-20 21:20 - 2014-12-15 20:22 - 00000000 ____D () C:\Program Files\Pulseway
2015-02-20 21:20 - 2014-12-06 12:27 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 21:20 - 2014-12-06 12:24 - 00000000 __RDO () C:\Users\Ollie\OneDrive
2015-02-20 21:20 - 2014-08-28 07:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-20 21:20 - 2013-08-22 14:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-20 21:19 - 2014-12-11 18:12 - 00000000 ____D () C:\Users\Ollie\AppData\Roaming\TS3Client
2015-02-20 21:19 - 2014-08-28 08:35 - 00004608 _____ () C:\windows\system32\VfService.trf
2015-02-20 21:18 - 2013-08-22 15:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2015-02-20 21:00 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\sru
2015-02-20 17:11 - 2014-12-12 22:11 - 00000045 _____ () C:\Users\Ollie\jagex_cl_runescape_LIVE1.dat
2015-02-20 16:04 - 2014-12-06 12:25 - 00003906 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{14477DAF-F819-42DC-8F61-AA2A7CEC9CFA}
2015-02-20 15:09 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\AppReadiness
2015-02-20 12:05 - 2014-12-06 12:20 - 00000000 ____D () C:\Users\Ollie
2015-02-20 12:03 - 2014-12-06 12:22 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-20 11:59 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\registration
2015-02-20 11:22 - 2014-08-28 07:49 - 00000000 ____D () C:\Program Files (x86)\USB Camera
2015-02-20 11:07 - 2014-12-06 12:45 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-20 10:22 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\System
2015-02-20 09:45 - 2014-12-06 12:21 - 00000000 ____D () C:\Users\Ollie\AppData\Local\Packages
2015-02-19 17:37 - 2014-12-06 12:27 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 12:17 - 2014-12-14 17:19 - 00000044 _____ () C:\Users\Ollie\jagex_cl_oldschool_LIVE.dat
2015-02-18 12:22 - 2013-08-22 13:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-02-17 12:33 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\rescache
2015-02-16 12:51 - 2013-08-22 13:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-02-15 18:53 - 2014-12-06 12:39 - 00000000 ____D () C:\Users\Ollie\Documents\Data to keep
2015-02-14 23:47 - 2014-12-06 12:58 - 00000000 ____D () C:\Users\Ollie\AppData\Roaming\Nitro PDF
2015-02-13 11:08 - 2013-08-22 15:20 - 00000000 ____D () C:\windows\CbsTemp
2015-02-12 18:20 - 2013-08-22 14:44 - 00493488 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-12 18:18 - 2014-12-12 21:16 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-12 18:18 - 2014-12-10 15:51 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 11:10 - 2014-12-07 15:10 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 11:04 - 2014-12-07 15:10 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-10 21:57 - 2014-12-07 00:58 - 00000000 ____D () C:\Users\Ollie\AppData\Local\CrashDumps
2015-02-05 15:32 - 2014-12-06 12:27 - 00003886 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 15:32 - 2014-12-06 12:27 - 00003650 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 19:31 - 2014-12-10 15:55 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2014-12-10 15:55 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-27 10:56 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\NDF
2015-01-22 14:29 - 2014-12-06 12:49 - 00000024 ____R () C:\Users\Ollie\random.dat
 
==================== Files in the root of some directories =======
 
2014-12-07 00:48 - 2014-12-07 00:48 - 0045443 _____ () C:\ProgramData\1417913315.bdinstall.bin
2014-12-07 00:51 - 2014-12-07 00:51 - 0045155 _____ () C:\ProgramData\1417913508.bdinstall.bin
2014-12-07 00:53 - 2014-12-07 00:53 - 0042698 _____ () C:\ProgramData\1417913610.7076.bin
2014-12-07 00:53 - 2014-12-07 00:53 - 0002056 _____ () C:\ProgramData\1417913610.9340.bin
2014-12-07 00:53 - 2014-12-07 00:53 - 0000189 _____ () C:\ProgramData\1417913610.9476.bin
2014-12-07 00:57 - 2014-12-07 00:57 - 0209938 _____ () C:\ProgramData\1417913729.bdinstall.bin
2014-12-12 21:57 - 2014-12-12 21:57 - 0036560 _____ () C:\ProgramData\1418421461.bdinstall.bin
2014-12-12 21:58 - 2014-12-12 21:58 - 0098444 _____ () C:\ProgramData\1418421466.bdinstall.bin
2014-08-28 07:49 - 2014-08-28 07:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Files to move or delete:
====================
C:\Users\Ollie\jagex_cl_oldschool_LIVE.dat
C:\Users\Ollie\jagex_cl_runescape_LIVE.dat
C:\Users\Ollie\jagex_cl_runescape_LIVE1.dat
C:\Users\Ollie\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Ollie\AppData\Local\Temp\bdfilters.dll
C:\Users\Ollie\AppData\Local\Temp\HitmanPro.exe
C:\Users\Ollie\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Ollie\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ollie\AppData\Local\Temp\nvStInst.exe
C:\Users\Ollie\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Ollie\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Ollie\AppData\Local\Temp\sfareca00001.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-20 10:22
 
==================== End Of Log ============================
 
2) 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Ollie at 2015-02-20 21:41:28
Running from C:\Users\Ollie\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.740 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6490.0 - IDT)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{87D9837B-FFC4-45E2-8AE8-6F588EF30FD9}) (Version: 2.8.001.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.3 (HKLM-x32\...\{CCCEAAD4-3D2F-42C1-9AAA-08D458DB3509}) (Version: 1.2.3 - Jagex Ltd)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Pulseway (HKLM\...\{EEA88E88-C2C4-4262-956D-959C0E76B92C}) (Version: 4.6.4 - MMSOFT Design)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-401089337-2155654681-4268219413-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
28-01-2015 11:51:00 Windows Update
09-02-2015 17:56:11 Windows Update
12-02-2015 18:15:25 Windows Update
19-02-2015 19:00:18 Scheduled Checkpoint
20-02-2015 11:45:04 Restore Operation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0619CE96-6BCB-4104-8BAB-99A3903FFB6E} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {07D93A62-EE04-4491-A66A-16DF9FD4B335} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-16] (Microsoft Corporation)
Task: {0F25125A-EB6C-4F62-9137-394DFD4BA978} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {13B7E575-5161-47D5-BDB3-D12CB64E90EB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {2A66B566-0B05-4381-806B-392A9A526F18} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-12-01] (Lenovo)
Task: {3AECFA85-2476-44DF-9F4C-5ED67BB37DC3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5722AC58-E639-4279-B239-F9D9E0C93C6D} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-12-01] ()
Task: {58352FC9-2CCC-43D8-A1A1-F8534720DA6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {69F3B7CA-FEFE-4803-B769-5350D3EFBECF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {7119AD3D-B8F7-4D78-B9DB-43A2EC123EFC} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-14] (Synaptics Incorporated)
Task: {80137E3C-31C4-40D8-9D76-8A08C568ED30} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {955518AA-D669-4082-A7D3-96DC9B52E433} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {AA26A192-270B-4A37-8E25-49F36EB95A85} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-12-01] ()
Task: {AB8B6755-6484-443B-AE01-5F221E4C9542} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B0C1130F-4751-4DB9-AD81-01FF0ED1F0EB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-12-01] (Lenovo)
Task: {B3CC55D7-2519-4880-AE7F-1B5F14C00F41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-16] (Microsoft Corporation)
Task: {B569F5B8-3404-40B0-854F-6C74B8F96E2A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-12-01] (Lenovo)
Task: {BA459187-F3DA-457F-8EBC-08EF03C69F04} - System32\Tasks\{1EAC949E-C56F-40AC-A77B-58DE28120FA4} => pcalua.exe -a "C:\Program Files (x86)\SpeedFan\uninstall.exe"
Task: {CF17208F-FB7F-449C-B02F-C7661207A2A0} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {EF646EA9-66D2-4B45-A50B-25BF0E2EB505} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F9E71A57-9AC3-4D1F-949D-84EC405FD4EE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-08-28 07:45 - 2014-12-13 08:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-16 09:24 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-16 09:24 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-11-26 10:37 - 2015-01-03 09:45 - 00266752 _____ () C:\Program Files\Pulseway\OpenHardwareMonitorLib.dll
2014-08-28 08:31 - 2012-04-25 02:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-28 08:35 - 2014-08-28 08:35 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-08-28 08:35 - 2014-08-28 08:35 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2015-01-16 09:25 - 2015-01-16 09:25 - 08878248 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-28 08:08 - 2014-10-03 17:36 - 00457616 _____ () C:\windows\system32\igfxTray.exe
2011-11-11 14:33 - 2011-11-11 14:33 - 00009728 _____ () C:\Users\Ollie\jagexcache\jagexlauncher\bin\JagexLauncher.exe
2013-09-07 08:48 - 2013-09-07 08:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 08:45 - 2013-09-07 08:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 08:52 - 2013-09-07 08:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2011-11-10 17:35 - 2011-11-10 17:35 - 03198464 _____ () C:\Users\Ollie\jagexcache\jagexlauncher\bin\jvm.dll
2011-11-10 18:16 - 2011-11-10 18:16 - 00402944 _____ () C:\Users\Ollie\jagexcache\jagexlauncher\bin\freetype.dll
2014-12-11 16:37 - 2015-02-20 21:21 - 00066048 _____ () C:\.jagex_cache_32\browsercontrol.dll
2014-12-11 16:37 - 2015-02-20 21:21 - 00132096 _____ () C:\Users\Ollie\jagexcache\runescape\LIVE\jaclib.dll
2014-12-11 16:37 - 2015-02-20 21:21 - 00076288 _____ () C:\Users\Ollie\jagexcache\runescape\LIVE\jagdx.dll
2015-02-19 17:37 - 2015-02-17 22:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-19 17:37 - 2015-02-17 22:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-19 17:37 - 2015-02-17 22:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-19 17:37 - 2015-02-17 22:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
2014-08-28 07:47 - 2013-09-04 15:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Ollie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Ollie\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Desktop\TFC.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\AdwCleaner (2).exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\Apprehension.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Ollie\Downloads\avg_isct_stb_all_2015_5315_WAO_2.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\esetsmartinstaller_enu.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\Gyazo-2.3.0.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\MiniToolBox.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\TeamSpeak3-Client-win64-3.0.16.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ollie\Pictures\Door.png
DNS Servers: 194.168.4.100 - 194.168.8.100
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "Persistence"
HKU\S-1-5-21-401089337-2155654681-4268219413-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-401089337-2155654681-4268219413-500 - Administrator - Disabled)
Guest (S-1-5-21-401089337-2155654681-4268219413-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-401089337-2155654681-4268219413-1003 - Limited - Enabled)
Ollie (S-1-5-21-401089337-2155654681-4268219413-1001 - Administrator - Enabled) => C:\Users\Ollie
 
==================== Faulty Device Manager Devices =============
 
Name: Intel® 82567LF Gigabit Network Connection
Description: Intel® 82567LF Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1yexpress
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Lenovo EasyCamera
Description: Lenovo EasyCamera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Bison
Service: vm331avs
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/20/2015 11:56:16 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: 0x80070005.
 
Error: (02/20/2015 11:25:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (02/20/2015 11:22:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.exe_Lenovo EasyCamera, version: 3.13.829.1, time stamp: 0x4e51d676
Faulting module name: combase.dll, version: 6.3.9600.17031, time stamp: 0x53086d7c
Exception code: 0xc0000005
Fault offset: 0x00016d64
Faulting process id: 0x1efc
Faulting application start time: 0xsetup.exe_Lenovo EasyCamera0
Faulting application path: setup.exe_Lenovo EasyCamera1
Faulting module path: setup.exe_Lenovo EasyCamera2
Report Id: setup.exe_Lenovo EasyCamera3
Faulting package full name: setup.exe_Lenovo EasyCamera4
Faulting package-relative application ID: setup.exe_Lenovo EasyCamera5
 
Error: (02/20/2015 10:23:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (02/19/2015 08:46:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (02/19/2015 08:44:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (02/19/2015 07:03:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (02/19/2015 07:01:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (02/19/2015 02:23:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (02/18/2015 10:00:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
 
System errors:
=============
Error: (02/20/2015 09:19:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024001e: Definition Update for Windows Defender - KB2267602 (Definition 1.193.467.0).
 
Error: (02/20/2015 09:18:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/20/2015 09:18:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVGIDSAgent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/20/2015 04:12:50 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer SOPHIEHOOYMAN
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3F96AF89-3E7D-40F8-B316-54CE73E88D6D}.
The master browser is stopping or an election is being forced.
 
Error: (02/20/2015 11:24:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (02/13/2015 02:20:46 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (02/13/2015 02:20:46 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (02/13/2015 02:20:46 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (02/12/2015 11:04:45 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
Error: (02/12/2015 07:30:56 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
 
Microsoft Office Sessions:
=========================
Error: (02/20/2015 11:56:16 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Scheduled Checkpoint0x80070005
 
Error: (02/20/2015 11:25:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (02/20/2015 11:22:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: setup.exe_Lenovo EasyCamera3.13.829.14e51d676combase.dll6.3.9600.1703153086d7cc000000500016d641efc01d04cf72123466aC:\windows\TEMP\{F4CDEE16-2BBD-498C-A139-14D2C1E9FD98}\setup.exeC:\windows\SYSTEM32\combase.dllcf7e2ade-b8f2-11e4-827e-18cf5ec1c2a3
 
Error: (02/20/2015 10:23:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/19/2015 08:46:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/19/2015 08:44:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/19/2015 07:03:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/19/2015 07:01:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/19/2015 02:23:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (02/18/2015 10:00:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-21 13:41:11.285
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-14 00:01:00.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-13 14:47:19.272
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 38%
Total physical RAM: 8116.27 MB
Available physical RAM: 5031.77 MB
Total Pagefile: 10932.27 MB
Available Pagefile: 7289.36 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:889.53 GB) (Free:841.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS
Drive e: (MERLIN) (CDROM) (Total:7.85 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
==================== End Of Log ============================


#8 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 AM

Posted 20 February 2015 - 06:18 PM

Step 1:
 FRST Script:
 Ensure your external and/or USB drives are inserted during the scan
 Please download this attached txt.gif  fixlist.txt   4.66KB   0 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

Step 2:
Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search, then Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 3:
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 4:
 Scan with Malwarebytes Antimalware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply

Have a nice day.

Attached Files


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 06:49 PM

Before I begin, " Ensure your external and/or USB drives are inserted during the scan". 

 

Why? Do I have to scan those too...? 



#10 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 10:33 PM

Before I begin, " Ensure your external and/or USB drives are inserted during the scan". 

 

Why? Do I have to scan those too...? 

 

Hello, I'm not quite sure what you meant by the above so I did not scan USB sticks? But I did do the following steps for the laptop.

 

Results:

 

FRST Results:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by Ollie at 2015-02-21 02:58:50 Run:1
Running from C:\Users\Ollie\Downloads
Loaded Profiles: Ollie (Available profiles: Ollie)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
2015-02-20 21:23 - 2015-02-20 21:23 - 00000000 ____D () C:\Users\Ollie\AppData\Local\MFAData
2015-02-20 21:23 - 2015-02-20 21:23 - 00000000 ____D () C:\Users\Ollie\AppData\Local\Avg2015
2015-02-20 21:23 - 2015-02-20 21:23 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-20 21:15 - 2015-02-20 21:20 - 00000000 ____D () C:\AVG_Remover
2015-02-20 21:15 - 2015-02-20 21:15 - 01779224 _____ ( ) C:\Users\Ollie\Downloads\AVG_Remover.exe
2015-02-20 21:39 - 2014-12-15 20:00 - 00100352 ___SH () C:\Users\Ollie\Downloads\Thumbs.db
2014-12-07 00:48 - 2014-12-07 00:48 - 0045443 _____ () C:\ProgramData\1417913315.bdinstall.bin
2014-12-07 00:51 - 2014-12-07 00:51 - 0045155 _____ () C:\ProgramData\1417913508.bdinstall.bin
2014-12-07 00:53 - 2014-12-07 00:53 - 0042698 _____ () C:\ProgramData\1417913610.7076.bin
2014-12-07 00:53 - 2014-12-07 00:53 - 0002056 _____ () C:\ProgramData\1417913610.9340.bin
2014-12-07 00:53 - 2014-12-07 00:53 - 0000189 _____ () C:\ProgramData\1417913610.9476.bin
2014-12-07 00:57 - 2014-12-07 00:57 - 0209938 _____ () C:\ProgramData\1417913729.bdinstall.bin
2014-12-12 21:57 - 2014-12-12 21:57 - 0036560 _____ () C:\ProgramData\1418421461.bdinstall.bin
2014-12-12 21:58 - 2014-12-12 21:58 - 0098444 _____ () C:\ProgramData\1418421466.bdinstall.bin
2014-08-28 07:49 - 2014-08-28 07:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Winlogon\Notify\igfxcui: igfxdev.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc
Task: {BA459187-F3DA-457F-8EBC-08EF03C69F04} - System32\Tasks\{1EAC949E-C56F-40AC-A77B-58DE28120FA4} => pcalua.exe -a "C:\Program Files (x86)\SpeedFan\uninstall.exe
2011-11-10 17:35 - 2011-11-10 17:35 - 03198464 _____ () C:\Users\Ollie\jagexcache\jagexlauncher\bin\jvm.dll
2011-11-10 18:16 - 2011-11-10 18:16 - 00402944 _____ () C:\Users\Ollie\jagexcache\jagexlauncher\bin\freetype.dll
2014-12-11 16:37 - 2015-02-20 21:21 - 00066048 _____ () C:\.jagex_cache_32\browsercontrol.dll
2014-12-11 16:37 - 2015-02-20 21:21 - 00132096 _____ () C:\Users\Ollie\jagexcache\runescape\LIVE\jaclib.dll
2014-12-11 16:37 - 2015-02-20 21:21 - 00076288 _____ () C:\Users\Ollie\jagexcache\runescape\LIVE\jagdx.dll
2014-12-11 16:37 - 2015-02-20 21:21 - 00066048 _____ () C:\.jagex_cache_32
2014-12-11 16:37 - 2015-02-20 21:21 - 00132096 _____ () C:\Users\Ollie\jagexcache
2015-02-20 21:35 - 2014-12-11 16:36 - 00000024 _____ () C:\Users\Ollie\jagexappletviewer.preferences
2015-02-20 21:21 - 2014-12-11 16:37 - 00000044 _____ () C:\Users\Ollie\jagex_cl_runescape_LIVE.dat
2015-02-20 17:11 - 2014-12-12 22:11 - 00000045 _____ () C:\Users\Ollie\jagex_cl_runescape_LIVE1.dat
2015-02-19 12:17 - 2014-12-14 17:19 - 00000044 _____ () C:\Users\Ollie\jagex_cl_oldschool_LIVE.dat
C:\Users\Ollie\jagex_cl_oldschool_LIVE.dat
C:\Users\Ollie\jagex_cl_runescape_LIVE.dat
C:\Users\Ollie\jagex_cl_runescape_LIVE1.dat
C:\Users\Ollie\random.dat
C:\Users\Ollie\AppData\Local\Temp\bdfilters.dll
C:\Users\Ollie\AppData\Local\Temp\HitmanPro.exe
C:\Users\Ollie\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Ollie\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ollie\AppData\Local\Temp\nvStInst.exe
C:\Users\Ollie\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Ollie\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Ollie\AppData\Local\Temp\sfareca00001.dll
AlternateDataStreams: C:\Users\Ollie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Ollie\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Desktop\TFC.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\AdwCleaner (2).exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\Apprehension.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Ollie\Downloads\avg_isct_stb_all_2015_5315_WAO_2.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\esetsmartinstaller_enu.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\Gyazo-2.3.0.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\MiniToolBox.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\Ollie\Downloads\TeamSpeak3-Client-win64-3.0.16.exe:BDU
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
*****************
 
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\Ollie\AppData\Local\MFAData => Moved successfully.
C:\Users\Ollie\AppData\Local\Avg2015 => Moved successfully.
C:\ProgramData\MFAData => Moved successfully.
C:\AVG_Remover => Moved successfully.
C:\Users\Ollie\Downloads\AVG_Remover.exe => Moved successfully.
C:\Users\Ollie\Downloads\Thumbs.db => Moved successfully.
C:\ProgramData\1417913315.bdinstall.bin => Moved successfully.
C:\ProgramData\1417913508.bdinstall.bin => Moved successfully.
C:\ProgramData\1417913610.7076.bin => Moved successfully.
C:\ProgramData\1417913610.9340.bin => Moved successfully.
C:\ProgramData\1417913610.9476.bin => Moved successfully.
C:\ProgramData\1417913729.bdinstall.bin => Moved successfully.
C:\ProgramData\1418421461.bdinstall.bin => Moved successfully.
C:\ProgramData\1418421466.bdinstall.bin => Moved successfully.
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => Key deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => Error: No automatic fix found for this entry.
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA459187-F3DA-457F-8EBC-08EF03C69F04}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA459187-F3DA-457F-8EBC-08EF03C69F04}" => Key deleted successfully.
C:\Windows\System32\Tasks\{1EAC949E-C56F-40AC-A77B-58DE28120FA4} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1EAC949E-C56F-40AC-A77B-58DE28120FA4}" => Key deleted successfully.
C:\Users\Ollie\jagexcache\jagexlauncher\bin\jvm.dll => Moved successfully.
C:\Users\Ollie\jagexcache\jagexlauncher\bin\freetype.dll => Moved successfully.
C:\.jagex_cache_32\browsercontrol.dll => Moved successfully.
C:\Users\Ollie\jagexcache\runescape\LIVE\jaclib.dll => Moved successfully.
C:\Users\Ollie\jagexcache\runescape\LIVE\jagdx.dll => Moved successfully.
C:\.jagex_cache_32 => Moved successfully.
C:\Users\Ollie\jagexcache => Moved successfully.
C:\Users\Ollie\jagexappletviewer.preferences => Moved successfully.
C:\Users\Ollie\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Ollie\jagex_cl_runescape_LIVE1.dat => Moved successfully.
C:\Users\Ollie\jagex_cl_oldschool_LIVE.dat => Moved successfully.
"C:\Users\Ollie\jagex_cl_oldschool_LIVE.dat" => File/Directory not found.
"C:\Users\Ollie\jagex_cl_runescape_LIVE.dat" => File/Directory not found.
"C:\Users\Ollie\jagex_cl_runescape_LIVE1.dat" => File/Directory not found.
C:\Users\Ollie\random.dat => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\bdfilters.dll => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\HitmanPro.exe => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\Nv3DVisionIePlugin.dll => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\OfficeSetup.exe => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
C:\Users\Ollie\AppData\Local\Temp\sfareca00001.dll => Moved successfully.
"C:\Users\Ollie\OneDrive" => ":ms-properties" ADS not found.
C:\Users\Ollie\Desktop\JRT.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Desktop\TFC.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\AdwCleaner (2).exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\AdwCleaner.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\Apprehension.mp3 => ":TOC.WMV" ADS removed successfully.
C:\Users\Ollie\Downloads\avg_isct_stb_all_2015_5315_WAO_2.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\esetsmartinstaller_enu.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\Gyazo-2.3.0.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\JRT.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\MiniToolBox.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\SkypeSetup.exe => ":BDU" ADS removed successfully.
C:\Users\Ollie\Downloads\TeamSpeak3-Client-win64-3.0.16.exe => ":BDU" ADS removed successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset all =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
EmptyTemp: => Removed 1.2 GB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-21 03:01:30)<=
 
C:\ProgramData\DP45977C.lfl => File moved successfully.
 

 

==== End of Fixlog 03:01:30 ====
 
 
AdwCleaner Results:
 
# AdwCleaner v4.111 - Logfile created 21/02/2015 at 03:09:09
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Ollie - OLZ
# Running from : C:\Users\Ollie\Downloads\adwcleaner_4.111 (2).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v40.0.2214.115
 
[C:\Users\Ollie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1307 bytes] - [06/12/2014 17:58:24]
AdwCleaner[R1].txt - [876 bytes] - [07/12/2014 13:25:06]
AdwCleaner[R2].txt - [960 bytes] - [13/12/2014 21:55:35]
AdwCleaner[R3].txt - [1080 bytes] - [23/12/2014 13:55:33]
AdwCleaner[R4].txt - [1485 bytes] - [21/02/2015 02:46:08]
AdwCleaner[R5].txt - [1454 bytes] - [21/02/2015 03:08:01]
AdwCleaner[S0].txt - [1341 bytes] - [06/12/2014 18:02:13]
AdwCleaner[S1].txt - [938 bytes] - [07/12/2014 13:27:37]
AdwCleaner[S2].txt - [1020 bytes] - [13/12/2014 21:59:04]
AdwCleaner[S3].txt - [1142 bytes] - [23/12/2014 16:58:49]
AdwCleaner[S4].txt - [1561 bytes] - [21/02/2015 02:50:50]
AdwCleaner[S5].txt - [1383 bytes] - [21/02/2015 03:09:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1442  bytes] ##########
 
 
JRT Results:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by Ollie on 21/02/2015 at  3:14:11.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/02/2015 at  3:15:46.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Malwarebytes results:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 21/02/2015
Scan Time: 03:16:44
Logfile: Malwarebytes.txt
Administrator: No
 
Version: 2.00.4.1028
Malware Database: v2015.02.20.09
Rootkit Database: v2015.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Ollie
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 331425
Time Elapsed: 8 min, 20 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#11 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 20 February 2015 - 11:08 PM

I would like to point out that since I have followed these steps, gaming has become difficult with very regular freezing. This has only happened since following these steps...



#12 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 AM

Posted 21 February 2015 - 07:51 AM

Before I begin, " Ensure your external and/or USB drives are inserted during the scan". 

 

Why? Do I have to scan those too...? 

No , But always get installed in the system. Because it is a part of the system.

I would like to point out that since I have followed these steps, gaming has become difficult with very regular freezing. This has only happened since following these steps...

 

I do not fully understand. Something wrong?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#13 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 21 February 2015 - 01:57 PM

 

Before I begin, " Ensure your external and/or USB drives are inserted during the scan". 

 

Why? Do I have to scan those too...? 

No , But always get installed in the system. Because it is a part of the system.

I would like to point out that since I have followed these steps, gaming has become difficult with very regular freezing. This has only happened since following these steps...

 

I do not fully understand. Something wrong?

 

 

I have run all of the software above with the exception of "FRST" and none have ever caused an issue. However after executing "Fix" on FRST  the laptop took a long time to startup, and the game I play (Runescape) was removed. Re-installing it, it barely works now, freezing constantly making the game unplayable. This has only occurred since running FRST.

 

Advise?



#14 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 AM

Posted 21 February 2015 - 02:18 PM

Sorry, Is there any information about the game in Fixlist delete list.? I hope not. Have  you  still  problems ?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#15 Zylorarchy

Zylorarchy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:21 AM

Posted 21 February 2015 - 02:46 PM

Sorry, Is there any information about the game in Fixlist delete list.? I hope not. Have  you  still  problems ?

 

Yes, in the list above, everything relating to Jagex is about Runescape. That is the company that creates the game. FRST removed Jagex files and the game itself, I re-installed it and the issues of the freezing began from there. 

 

So for example in the Fixlist above, Jagexlauncher and Jagexcache are all Runescape folders/files, JagexLauncher is what is used to run the game. FRST removed all of this and upon re-install the problems of the game freezing have been present.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users