Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows 8 random occurences of 100%disk(task manager) and freezing


  • This topic is locked This topic is locked
79 replies to this topic

#1 wer34576

wer34576

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 21 February 2015 - 01:27 PM

hi im wer34576. my computer is having issues were for varying lengths of time it will freeze up and the task manager will show 100% disk. when looking at the task manager no read or write(or very little) "speed" occurs. i have attached files below of a farbasr recovery scan and screen shots of times when i get this problem. i have also posted a link below to the topic started with the same problem were Broni helped me and we went through various virus removal tools and scans. i have also tried running in safe mode were the problem does not occur. running on a clean boot the problem still occurred.

 

 

 

 

Attached File  Addition.txt   30.93KB   1 downloadsAttached File  FRST.txt   44.59KB   1 downloadsAttached File  task manager 2.png   73.33KB   0 downloadsAttached File  task manager 3.png   95.62KB   0 downloadsAttached File  task manager performance tab2.png   53.19KB   0 downloadsAttached File  task manager performance tab4.png   69.89KB   0 downloadsAttached File  task manager.png   71.29KB   0 downloads

 

 

previos post: http://www.bleepingcomputer.com/forums/t/566001/windows-8-100-disk-but-no-readingwriting-to-disk/



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,550 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:16 AM

Posted 26 February 2015 - 01:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/567838 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 wer34576

wer34576
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 26 February 2015 - 02:48 PM

still here

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by kieran (administrator) on KIERANPC on 26-02-2015 19:46:26
Running from C:\Users\kieran\Downloads
Loaded Profiles: kieran (Available profiles: kieran)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\kieran\Downloads\FRST64 (2).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-02-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643576 2014-11-13] (McAfee, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-12-26] (Google Inc.)
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2506618595-2769742477-235216807-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2506618595-2769742477-235216807-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\kieran\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-26]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.com", "hxxp://istart.webssearches.com/?type=hp&ts=1420358361&from=exp&uid=TS512GSSD370_B831271826", "hxxp://istart.webssearches.com/?type=hppp&ts=1420358386&from=exp&uid=TS512GSSD370_B831271826"
CHR Profile: C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo on the Web) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-02-22]
CHR Extension: (Google Docs) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-24]
CHR Extension: (YouTube) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Skype Click to Call) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-02-22]
CHR Extension: (Google Wallet) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Gmail) - C:\Users\kieran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2015-01-03] (EasyAntiCheat Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1580416 2015-02-01] (Echobit LLC)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [660544 2014-12-04] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [604448 2014-12-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [228000 2014-12-19] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [312952 2014-12-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [221320 2014-12-19] (McAfee, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [336088 2014-11-13] (McAfee, Inc.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70984 2014-12-19] (McAfee, Inc.)
R3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2015-02-01] (Echobit, LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [368904 2014-12-19] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [340192 2014-12-19] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [100080 2014-12-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82584 2014-12-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [532424 2014-12-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [886488 2014-12-19] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2014-11-08] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2014-11-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [349328 2014-12-19] (McAfee, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-01-20] (VIA Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [297472 2014-01-20] (VIA Technologies, Inc.)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-26 19:45 - 2015-02-26 19:45 - 02087936 _____ (Farbar) C:\Users\kieran\Downloads\FRST64 (2).exe
2015-02-24 21:08 - 2015-02-24 21:08 - 00000316 _____ () C:\Windows\PFRO.log
2015-02-24 21:08 - 2015-02-24 21:08 - 00000116 _____ () C:\Windows\setupact.log
2015-02-24 21:08 - 2015-02-24 21:08 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-24 21:06 - 2015-02-24 21:06 - 00037376 ___SH () C:\Users\kieran\Desktop\Thumbs.db
2015-02-23 16:04 - 2015-02-23 16:04 - 00000000 _____ () C:\Users\kieran\AppData\Local\{A990C760-2EB2-4CA2-8395-82D252176ABD}
2015-02-22 20:56 - 2015-02-23 16:18 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-22 20:56 - 2015-02-22 20:56 - 00000000 ____D () C:\Users\kieran\AppData\Local\Google
2015-02-22 20:56 - 2015-02-22 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-22 16:28 - 2015-02-22 16:28 - 00000000 ____D () C:\Users\kieran\AppData\Local\Steam
2015-02-21 17:30 - 2015-02-21 17:30 - 02086912 _____ (Farbar) C:\Users\kieran\Downloads\FRST64 (1).exe
2015-02-18 11:13 - 2015-02-26 19:40 - 00657420 _____ () C:\Windows\WindowsUpdate.log
2015-02-17 12:14 - 2015-02-17 12:14 - 00014062 _____ () C:\Users\kieran\Desktop\Processexp.txt
2015-02-17 12:13 - 2014-09-11 07:57 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\kieran\Downloads\procexp.exe
2015-02-17 12:13 - 2014-09-11 07:57 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\kieran\Desktop\procexp.exe
2015-02-17 12:13 - 2014-08-05 07:24 - 00072154 _____ () C:\Users\kieran\Downloads\procexp.chm
2015-02-17 12:13 - 2014-08-05 07:24 - 00072154 _____ () C:\Users\kieran\Desktop\procexp.chm
2015-02-17 12:13 - 2014-08-05 07:24 - 00007005 _____ () C:\Users\kieran\Downloads\Eula.txt
2015-02-17 12:13 - 2014-08-05 07:24 - 00007005 _____ () C:\Users\kieran\Desktop\Eula.txt
2015-02-17 12:12 - 2015-02-17 12:12 - 01188194 _____ () C:\Users\kieran\Desktop\ProcessExplorer.zip
2015-02-15 10:59 - 2015-02-15 10:59 - 00000000 ____D () C:\Users\kieran\AppData\Roaming\AMD
2015-02-15 10:49 - 2015-02-15 10:49 - 00001256 _____ () C:\Users\kieran\Desktop\ATLauncher.exe - Shortcut.lnk
2015-02-15 09:23 - 2015-02-24 19:36 - 00000647 _____ () C:\Users\kieran\.atl.properties
2015-02-15 09:23 - 2015-02-24 17:05 - 00000000 ____D () C:\Users\kieran\AppData\Roaming\ATLauncher
2015-02-12 20:37 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:37 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 22:11 - 2015-02-11 22:11 - 02008060 _____ () C:\Users\kieran\Downloads\download
2015-02-10 20:55 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 20:55 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 20:55 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-10 20:55 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-10 20:55 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 20:55 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 20:55 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 20:55 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 20:55 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 20:54 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-10 20:54 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 20:54 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 20:54 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 20:54 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 20:54 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 20:54 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 20:54 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-10 20:54 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 20:54 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 20:54 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 20:54 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 20:54 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 20:54 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 20:54 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-10 20:54 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-10 20:54 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-10 20:54 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 20:54 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 20:54 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 20:54 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 20:54 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 20:54 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 20:54 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-10 20:54 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-10 20:54 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-10 20:54 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 20:54 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-10 20:54 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 20:54 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 20:54 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 20:54 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 20:54 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 20:54 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 20:54 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 20:54 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 20:54 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 20:54 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 20:54 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-10 20:54 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-10 20:54 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 20:54 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 20:54 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 20:54 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 20:54 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 20:54 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 20:54 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 20:54 - 2014-12-08 23:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-10 20:54 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-10 20:54 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-10 20:54 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-10 20:54 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-10 20:54 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-10 20:54 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-10 20:54 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-10 20:54 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-08 20:34 - 2015-02-08 20:34 - 00000000 ____D () C:\ProgramData\Sophos
2015-02-08 20:33 - 2015-02-08 20:33 - 00002775 _____ () C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-02-08 20:33 - 2015-02-08 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-02-08 20:33 - 2015-02-08 20:33 - 00000000 ____D () C:\Program Files (x86)\Sophos
2015-02-08 20:30 - 2015-02-08 20:32 - 110465696 _____ (Sophos Limited) C:\Users\kieran\Downloads\Sophos Virus Removal Tool.exe
2015-02-08 20:29 - 2015-02-08 20:29 - 00000615 _____ () C:\Users\kieran\Desktop\JRT.txt
2015-02-08 20:26 - 2015-02-08 20:26 - 01388274 _____ (Thisisu) C:\Users\kieran\Downloads\JRT.exe
2015-02-08 20:22 - 2015-02-08 20:23 - 00000000 ____D () C:\AdwCleaner
2015-02-08 20:22 - 2015-02-08 20:22 - 02112512 _____ () C:\Users\kieran\Downloads\adwcleaner_4.110.exe
2015-02-08 20:19 - 2015-02-08 20:19 - 00448512 _____ (OldTimer Tools) C:\Users\kieran\Downloads\TFC.exe
2015-02-08 09:20 - 2015-02-08 09:20 - 00002190 _____ () C:\Users\kieran\Desktop\Rkill.txt
2015-02-08 09:19 - 2015-02-08 09:19 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\kieran\Downloads\rkill.exe
2015-02-08 08:56 - 2015-02-08 09:19 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-08 08:53 - 2015-02-08 09:19 - 00000000 ____D () C:\Users\kieran\Desktop\mbar
2015-02-08 08:53 - 2015-02-08 08:53 - 16466552 _____ (Malwarebytes Corp.) C:\Users\kieran\Downloads\mbar-1.08.3.1004.exe
2015-02-08 08:32 - 2015-02-08 08:56 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-08 08:32 - 2015-02-08 08:56 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-08 08:32 - 2015-02-08 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-08 08:32 - 2015-02-08 08:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-08 08:32 - 2015-02-08 08:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-08 08:32 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-08 08:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-08 08:31 - 2015-02-08 08:31 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\kieran\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-08 08:22 - 2015-02-08 08:22 - 00036614 _____ () C:\Users\kieran\Downloads\Result.txt
2015-02-08 08:21 - 2015-02-08 08:21 - 00401920 _____ (Farbar) C:\Users\kieran\Downloads\MiniToolBox.exe
2015-02-08 08:20 - 2015-02-08 08:20 - 00002673 _____ () C:\Users\kieran\Downloads\FSS.txt
2015-02-08 08:19 - 2015-02-08 08:19 - 00415232 _____ (Farbar) C:\Users\kieran\Downloads\FSS.exe
2015-02-08 08:17 - 2015-02-08 08:17 - 00852594 _____ () C:\Users\kieran\Downloads\SecurityCheck.exe
2015-02-08 08:09 - 2015-02-08 08:09 - 00000000 ____D () C:\Users\kieran\AppData\Roaming\ATI
2015-02-07 11:17 - 2015-02-07 11:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-07 11:17 - 2015-02-07 11:17 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-02-06 19:59 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-02-06 19:59 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-02-06 19:59 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-02-06 19:59 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-02-06 19:59 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-02-06 19:59 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-02-06 19:59 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-02-06 19:59 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-02-06 19:59 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-02-06 19:59 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-02-06 19:59 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-02-06 19:59 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-02-06 19:59 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-02-06 19:59 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-02-06 19:59 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-02-06 19:59 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-02-06 19:49 - 2015-02-06 19:50 - 02347384 _____ (ESET) C:\Users\kieran\Downloads\esetsmartinstaller_enu.exe
2015-02-06 19:42 - 2015-02-06 19:43 - 00526371 _____ () C:\Users\kieran\Downloads\openhardwaremonitor-v0.6.0-beta.zip
2015-02-06 16:04 - 2015-02-21 17:36 - 00031670 _____ () C:\Users\kieran\Downloads\Addition.txt
2015-02-06 16:03 - 2015-02-26 19:46 - 00019032 _____ () C:\Users\kieran\Downloads\FRST.txt
2015-02-06 16:03 - 2015-02-26 19:46 - 00000000 ____D () C:\FRST
2015-02-06 16:03 - 2015-02-06 16:03 - 02131968 _____ (Farbar) C:\Users\kieran\Downloads\FRST64.exe
2015-02-05 20:10 - 2015-02-05 20:10 - 00000000 ____D () C:\ProgramData\ATI
2015-02-05 20:09 - 2015-02-05 20:09 - 00000000 ____D () C:\Users\kieran\AppData\Roaming\library_dir
2015-02-05 20:09 - 2015-02-05 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-02-05 20:08 - 2015-02-05 20:08 - 00064052 _____ () C:\Windows\SysWOW64\CCCInstall_201502052008421048.log
2015-02-05 20:08 - 2015-02-05 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-02-05 20:08 - 2015-02-05 20:08 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-02-05 20:08 - 2015-02-05 20:08 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-02-05 20:06 - 2015-02-05 20:06 - 00054028 _____ () C:\Windows\SysWOW64\CCCInstall_201502052006377165.log
2015-02-05 20:02 - 2015-02-05 20:02 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\kieran\Downloads\autodetectutility.exe
2015-02-05 19:15 - 2015-02-05 19:17 - 00000000 ____D () C:\Windows\pss
2015-02-05 15:42 - 2015-02-08 09:25 - 00007621 _____ () C:\Users\kieran\AppData\Local\Resmon.ResmonCfg
2015-02-05 07:52 - 2015-02-05 07:52 - 00001765 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-05 07:52 - 2015-02-05 07:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-05 07:52 - 2015-02-05 07:52 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-05 07:52 - 2015-02-05 07:52 - 00000000 ____D () C:\Program Files\iTunes
2015-02-05 07:52 - 2015-02-05 07:52 - 00000000 ____D () C:\Program Files\iPod
2015-02-05 07:52 - 2015-02-05 07:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-03 16:08 - 2015-02-03 16:08 - 00000000 ____D () C:\ProgramData\WarThunder
2015-02-02 07:48 - 2015-02-02 07:48 - 00000222 _____ () C:\Users\kieran\Desktop\Nosgoth.url
2015-02-01 18:29 - 2015-02-01 18:29 - 00021656 _____ (Echobit, LLC) C:\Windows\system32\Drivers\evolve.sys
2015-02-01 18:29 - 2015-02-01 18:29 - 00002035 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2015-02-01 18:29 - 2015-02-01 18:29 - 00002023 _____ () C:\Users\Public\Desktop\Evolve.lnk
2015-02-01 18:28 - 2015-02-01 18:28 - 00000000 ____D () C:\Program Files\Echobit
2015-02-01 18:27 - 2015-02-01 18:27 - 03258328 _____ (Echobit LLC) C:\Users\kieran\Downloads\EvolveSetup.exe
2015-02-01 18:27 - 2015-02-01 18:27 - 00000000 ____D () C:\Users\kieran\AppData\Local\Echobit
2015-02-01 18:27 - 2015-02-01 18:27 - 00000000 ____D () C:\ProgramData\Echobit
2015-02-01 18:26 - 2015-02-01 18:26 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-01 18:26 - 2015-02-01 18:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-01 18:26 - 2015-02-01 18:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-01 18:26 - 2015-02-01 18:26 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-01 18:26 - 2015-02-01 18:26 - 00000000 ____D () C:\Program Files\Java
2015-02-01 18:25 - 2015-02-01 18:25 - 31029672 _____ (Oracle Corporation) C:\Users\kieran\Downloads\jre-7u71-windows-x64.exe
2015-02-01 18:24 - 2015-02-01 18:25 - 00000000 ____D () C:\Users\kieran\Downloads\CrashLanding
2015-02-01 18:19 - 2015-02-01 18:21 - 00000000 ____D () C:\Users\kieran\Downloads\Monster
2015-02-01 14:27 - 2015-02-01 14:28 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-01 13:04 - 2015-02-01 13:04 - 00000222 _____ () C:\Users\kieran\Desktop\War Thunder.url
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-26 19:41 - 2014-12-26 14:12 - 00000000 ____D () C:\Users\kieran\AppData\Roaming\Skype
2015-02-26 19:38 - 2014-12-26 20:36 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2506618595-2769742477-235216807-1001
2015-02-26 19:30 - 2014-12-26 12:49 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-26 19:29 - 2014-12-26 12:49 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 21:08 - 2014-12-26 12:53 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-02-24 21:08 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-24 21:08 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-22 21:02 - 2014-12-26 14:04 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-22 20:56 - 2014-12-26 12:49 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-20 20:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-20 15:43 - 2014-12-26 20:30 - 00000000 ____D () C:\Users\kieran
2015-02-20 08:46 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-16 15:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-14 17:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2015-02-12 21:07 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-10 21:28 - 2015-01-22 11:05 - 00337808 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-10 21:28 - 2014-12-28 10:29 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-10 21:22 - 2014-12-28 10:29 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-08 08:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\IME
2015-02-07 11:17 - 2014-12-29 10:14 - 00000000 ____D () C:\Users\kieran\Documents\My Games
2015-02-07 11:17 - 2014-12-26 12:53 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-07 11:03 - 2014-12-26 20:31 - 00000000 ____D () C:\Users\kieran\AppData\Local\VirtualStore
2015-02-07 10:51 - 2015-01-19 10:15 - 00000000 ____D () C:\Users\kieran\AppData\Local\Warframe
2015-02-07 09:39 - 2014-12-26 14:58 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-02-06 21:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-02-06 19:59 - 2014-12-26 14:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-06 19:59 - 2014-12-26 14:11 - 00000000 ____D () C:\ProgramData\Skype
2015-02-06 19:58 - 2014-12-27 10:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-06 19:58 - 2014-12-27 10:15 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-06 19:45 - 2010-01-31 22:00 - 00000000 ____D () C:\Users\kieran\Downloads\OpenHardwareMonitor
2015-02-05 20:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-02-05 20:08 - 2014-12-26 13:04 - 00000000 ____D () C:\ProgramData\AMD
2015-02-05 20:08 - 2014-12-26 12:52 - 00000000 ____D () C:\Program Files\AMD
2015-02-05 20:05 - 2014-12-26 12:53 - 00000000 ____D () C:\AMD
2015-02-05 07:52 - 2014-12-26 15:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-04 17:12 - 2014-12-26 12:49 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 17:12 - 2014-12-26 12:49 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 19:31 - 2013-08-22 15:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2013-08-22 15:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 18:33 - 2014-12-27 10:23 - 00000000 ____D () C:\Users\kieran\Desktop\images
2015-02-01 18:52 - 2014-12-27 10:14 - 00000000 ____D () C:\Users\kieran\AppData\Roaming\.minecraft
2015-02-01 18:48 - 2014-12-27 10:17 - 00000000 ____D () C:\Users\kieran\AppData\Local\ftblauncher
2015-02-01 18:21 - 2014-12-27 10:21 - 00000000 ____D () C:\Users\kieran\Downloads\assets
2015-02-01 18:20 - 2014-12-27 10:21 - 00000000 ____D () C:\Users\kieran\Downloads\libraries
2015-01-29 15:39 - 2014-12-27 10:20 - 00000000 ____D () C:\Users\kieran\AppData\Local\Unity
 
==================== Files in the root of some directories =======
 
2014-12-27 22:04 - 2014-12-27 09:11 - 0012005 _____ () C:\Users\kieran\AppData\Roaming\alsoft.ini
2015-02-05 15:42 - 2015-02-08 09:25 - 0007621 _____ () C:\Users\kieran\AppData\Local\Resmon.ResmonCfg
2015-02-23 16:04 - 2015-02-23 16:04 - 0000000 _____ () C:\Users\kieran\AppData\Local\{A990C760-2EB2-4CA2-8395-82D252176ABD}
2015-01-15 16:20 - 2015-01-20 08:15 - 0000112 _____ () C:\ProgramData\Q5xL44.dat
 
Files to move or delete:
====================
C:\ProgramData\Q5xL44.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-18 17:59
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by kieran at 2015-02-26 19:46:48
Running from C:\Users\kieran\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
8BitMMO (HKLM-x32\...\Steam App 250420) (Version:  - Archive Entertainment)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
AirMech (HKLM-x32\...\Steam App 206500) (Version:  - Carbon Games)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk Mudbox 2015 (HKLM\...\Autodesk Mudbox 2015) (Version: 9.0.1.89 - Autodesk)
Autodesk Mudbox 2015 (Version: 9.0.1.89 - Autodesk) Hidden
Autodesk Mudbox 2015 SP1 (HKLM\...\Autodesk Mudbox 2015 SP1) (Version: 9.0.1.89 - Autodesk)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Chivalry BETA (HKLM-x32\...\Steam App 232210) (Version:  - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.10 - Echobit, LLC)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Godus (HKLM-x32\...\Steam App 232810) (Version:  - 22cans)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kerbal Space Program Demo (HKLM-x32\...\Steam App 231410) (Version:  - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.207 - McAfee, Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150210.101909 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Particulars (HKLM-x32\...\Steam App 259470) (Version:  - SeeThrough Studios)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
Reus (HKLM-x32\...\Steam App 222730) (Version:  - Abbey Games)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Kingdoms (HKLM-x32\...\Steam App 47410) (Version:  - FireFly Studios)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
Toribash (HKLM-x32\...\Steam App 248570) (Version:  - Nabi Studios)
Unity (HKLM-x32\...\Unity) (Version: 4.6.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.131 - MSI)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2506618595-2769742477-235216807-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kieran\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
08-02-2015 20:33:04 Installed Sophos Virus Removal Tool.
12-02-2015 21:06:51 Windows Update
21-02-2015 09:42:34 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {2C18603C-4920-4C80-9321-DF6B8B0216EA} - \temp_24229f1b-b223-43ea-a4b0-30d161a1eb18-2 No Task File <==== ATTENTION
Task: {3DBB84AD-EA1D-49FC-B73F-A9141A306923} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-10] (Microsoft Corporation)
Task: {5E38DBAB-8E03-42CA-83B2-A705BC4B959C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7327D63F-7534-4148-8639-6C79E6607097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {752E6582-97B5-4130-B19E-B586DCFB7BEA} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-7 No Task File <==== ATTENTION
Task: {7547885C-341C-42AD-BDB6-C874AF1E4B4F} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-5 No Task File <==== ATTENTION
Task: {7D392538-FDC1-4034-BD2D-42AE03517931} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {88706348-7855-4BDB-BEFC-9A1294795D1B} - System32\Tasks\avastBCLRestartS-1-5-21-2506618595-2769742477-235216807-1001 => Chrome.exe 
Task: {9411F675-DC5E-4DEA-93D8-0E35FB79F76C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-26] (Google Inc.)
Task: {C2A84A7E-16DF-4D4F-A20F-999454503A1E} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-1 No Task File <==== ATTENTION
Task: {E81FBB92-C916-4A94-9CC3-5560B570E365} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-22 15:15 - 2014-01-22 15:15 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-12-26 16:06 - 2014-12-05 02:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-12-26 16:06 - 2014-12-05 02:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-02-23 16:18 - 2015-02-17 22:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-23 16:18 - 2015-02-17 22:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-23 16:18 - 2015-02-17 22:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kieran\Desktop\images\P-Man.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "VIAxHCUtl"
HKLM\...\StartupApproved\Run: => "MBCfg64"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\StartupApproved\Run: => "swg"
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\StartupApproved\Run: => "Bubble Dock"
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\StartupApproved\Run: => "HitsBlender"
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\StartupApproved\Run: => "Price-Horse"
HKU\S-1-5-21-2506618595-2769742477-235216807-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2506618595-2769742477-235216807-500 - Administrator - Disabled)
Guest (S-1-5-21-2506618595-2769742477-235216807-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2506618595-2769742477-235216807-1004 - Limited - Enabled)
kieran (S-1-5-21-2506618595-2769742477-235216807-1001 - Administrator - Enabled) => C:\Users\kieran
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/24/2015 05:10:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error: (02/24/2015 05:10:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume System Reserved was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (02/23/2015 09:06:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 131c
 
Start Time: 01d04f833944e022
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: afe548a6-bb9f-11e4-8285-d8cb8a17036f
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/23/2015 09:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2c4
 
Start Time: 01d04fac726609af
 
Termination Time: 0
 
Application Path: C:\Windows\explorer.exe
 
Report Id: c1e7c4d0-bb9f-11e4-8285-d8cb8a17036f
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/23/2015 04:15:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: cd0
 
Start Time: 01d04f819bc06cd0
 
Termination Time: 0
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 33541c12-bb75-11e4-8285-d8cb8a17036f
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/23/2015 04:10:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 12d4
 
Start Time: 01d04f8207cf002d
 
Termination Time: 122
 
Application Path: C:\Windows\explorer.exe
 
Report Id: 64f30b77-bb76-11e4-8285-d8cb8a17036f
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/22/2015 08:11:06 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
 
Error: (02/22/2015 08:11:06 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
 
Error: (02/22/2015 07:28:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error: (02/22/2015 07:28:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
 
System errors:
=============
Error: (02/26/2015 07:39:17 PM) (Source: DCOM) (EventID: 10010) (User: kieranpc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/26/2015 07:38:47 PM) (Source: DCOM) (EventID: 10010) (User: kieranpc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/26/2015 07:27:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service.
 
Error: (02/24/2015 09:09:05 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5
 
Error: (02/24/2015 09:08:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
%%3
 
Error: (02/24/2015 08:30:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD FUEL Service service.
 
Error: (02/24/2015 08:29:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
 
Error: (02/24/2015 07:36:36 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5
 
Error: (02/24/2015 05:10:35 PM) (Source: DCOM) (EventID: 10010) (User: kieranpc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/24/2015 05:10:04 PM) (Source: DCOM) (EventID: 10010) (User: kieranpc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
Microsoft Office Sessions:
=========================
Error: (02/24/2015 05:10:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
 
Error: (02/24/2015 05:10:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System ReservedThe parameter is incorrect. (0x80070057)
 
Error: (02/23/2015 09:06:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.3.9600.17284131c01d04f833944e0220C:\Windows\explorer.exeafe548a6-bb9f-11e4-8285-d8cb8a17036f
 
Error: (02/23/2015 09:05:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.3.9600.172842c401d04fac726609af0C:\Windows\explorer.exec1e7c4d0-bb9f-11e4-8285-d8cb8a17036f
 
Error: (02/23/2015 04:15:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17284cd001d04f819bc06cd00C:\Windows\Explorer.EXE33541c12-bb75-11e4-8285-d8cb8a17036f
 
Error: (02/23/2015 04:10:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.3.9600.1728412d401d04f8207cf002d122C:\Windows\explorer.exe64f30b77-bb76-11e4-8285-d8cb8a17036f
 
Error: (02/22/2015 08:11:06 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
 
Error: (02/22/2015 08:11:06 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
 
Error: (02/22/2015 07:28:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
 
Error: (02/22/2015 07:28:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\CCleaner\CCleaner.exe
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6350 Six-Core Processor 
Percentage of memory in use: 25%
Total physical RAM: 8140.36 MB
Available physical RAM: 6074.27 MB
Total Pagefile: 9420.36 MB
Available Pagefile: 7464.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:476.6 GB) (Free:288.62 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: AF2A832B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.6 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

i have the windows cd available



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:16 AM

Posted 04 March 2015 - 02:52 PM

Greetings wer34576 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
C:\ProgramData\Q5xL44.dat
Task: {2C18603C-4920-4C80-9321-DF6B8B0216EA} - \temp_24229f1b-b223-43ea-a4b0-30d161a1eb18-2 No Task File <==== ATTENTION
Task: {752E6582-97B5-4130-B19E-B586DCFB7BEA} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-7 No Task File <==== ATTENTION
Task: {7547885C-341C-42AD-BDB6-C874AF1E4B4F} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-5 No Task File <==== ATTENTION
Task: {C2A84A7E-16DF-4D4F-A20F-999454503A1E} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-1 No Task File <==== ATTENTION
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Junkware log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 wer34576

wer34576
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 06 March 2015 - 02:31 PM

hi, I'm fine with being called by my first name(Kieran).
 
 
ix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2015 01
Ran by kieran at 2015-03-06 16:17:19 Run:1
Running from C:\Users\kieran\Desktop
Loaded Profiles: kieran (Available profiles: kieran)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
C:\ProgramData\Q5xL44.dat
Task: {2C18603C-4920-4C80-9321-DF6B8B0216EA} - \temp_24229f1b-b223-43ea-a4b0-30d161a1eb18-2 No Task File <==== ATTENTION
Task: {752E6582-97B5-4130-B19E-B586DCFB7BEA} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-7 No Task File <==== ATTENTION
Task: {7547885C-341C-42AD-BDB6-C874AF1E4B4F} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-5 No Task File <==== ATTENTION
Task: {C2A84A7E-16DF-4D4F-A20F-999454503A1E} - \24229f1b-b223-43ea-a4b0-30d161a1eb18-1 No Task File <==== ATTENTION
*****************
 
C:\ProgramData\Q5xL44.dat => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C18603C-4920-4C80-9321-DF6B8B0216EA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C18603C-4920-4C80-9321-DF6B8B0216EA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_24229f1b-b223-43ea-a4b0-30d161a1eb18-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{752E6582-97B5-4130-B19E-B586DCFB7BEA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{752E6582-97B5-4130-B19E-B586DCFB7BEA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\24229f1b-b223-43ea-a4b0-30d161a1eb18-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7547885C-341C-42AD-BDB6-C874AF1E4B4F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7547885C-341C-42AD-BDB6-C874AF1E4B4F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\24229f1b-b223-43ea-a4b0-30d161a1eb18-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2A84A7E-16DF-4D4F-A20F-999454503A1E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2A84A7E-16DF-4D4F-A20F-999454503A1E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\24229f1b-b223-43ea-a4b0-30d161a1eb18-1" => Key deleted successfully.
 
==== End of Fixlog 16:17:19 ====
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8.1 x64
Ran by kieran on 06/03/2015 at 19:23:49.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARINSTALLER_UPDATE-093BDF48.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARMANAGER_BA9226F4-3D073F18.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/03/2015 at 19:26:09.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Attached Files



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:16 AM

Posted 06 March 2015 - 09:29 PM

Greetings,

I am assuming your computer has stayed the same. Please do this.

===================================================

Using VGA Driver in Normal Mode

--------------------
  • Click the Windows key + R at the same time
  • Type msconfig and hit Enter
  • Click the Boot tab (for XP click BOOT.INI)
  • Place a check mark in Base video, then click OK
  • Restart your computer
  • Your screen resolution will look different as if it was in Safe Mode, that is normal
  • Monitor your computer behavior
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 wer34576

wer34576
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 07 March 2015 - 05:30 AM

problem still occurs



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:16 AM

Posted 07 March 2015 - 05:17 PM

Thank you Kieran.

Please reverse the Base Video steps then do this.

===================================================

9-Lab Removal Tool

--------------------
  • Download 9-Lab Removal Tool for either 64 bit or 32 bit computers and save it to your Desktop
  • Double click the rmtool-setup icon
  • Click Next, I Agree, then Install
  • Click Finish to automatically lauch the program
  • Click Settings, then place a check mark in Open log file immediately after saving
  • Click Scanner, then Full scan
  • When completed click Show Results
  • Click Clean
  • Close the window without clicking Save Log (it has already been saved)
  • Copy and paste the contents of the 9lab log in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • 9lab report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 wer34576

wer34576
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 08 March 2015 - 04:26 AM

9-lab Removal Tool 1.0.0.27 BETA
9-lab.com
 
Database version: 98.29248
 
Windows 8.1 (Version 6.3, Build 0, 64-bit Edition)
Internet Explorer 9.11.9600.17631
kieran :: KIERANPC
 
08/03/2015 08:10:48
9lab-log-2015-03-08 (08-10-48).txt
 
Scan type: Full
Objects scanned: 48927
Time Elapsed: 18 m 32 s
 
Files detected: 11
Adware.FMPL.Gen.vb [c:\program files (x86)\CF3D6C98-D47F-4894-9FB0-6571FC391305\64.ico]
Adware.FMPL.Gen.vb [c:\program files (x86)\CF3D6C98-D47F-4894-9FB0-6571FC391305\libeay32.dll]
Adware.FMPL.Gen.vb [c:\program files (x86)\CF3D6C98-D47F-4894-9FB0-6571FC391305\nfapi.dll]
Adware.FMPL.Gen.vb [c:\program files (x86)\CF3D6C98-D47F-4894-9FB0-6571FC391305\nfregdrv.exe]
Adware.FMPL.Gen.vb [c:\program files (x86)\CF3D6C98-D47F-4894-9FB0-6571FC391305\ProtocolFilters.dll]
Adware.FMPL.Gen.vb [c:\program files (x86)\CF3D6C98-D47F-4894-9FB0-6571FC391305\ssleay32.dll]
Malware.Win32.Gen.bot!s1 [C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\BrowserController.exe]
Malware.Win32.Gen.sm!s1 [C:\Users\kieran\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe]
Malware.Win32.Gen.sm!s2 [C:\Users\kieran\Downloads\MiniToolBox.exe]
Malware.Win32.Gen.sm [C:\Users\kieran\Downloads\SecurityCheck.exe]
Malware.Win32.Gen.sm!s1 [C:\Users\kieran\Downloads\TFC.exe]


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:16 AM

Posted 08 March 2015 - 02:00 PM

Thank you for the information. Can you tell me if your computer is still freezing? If so, under what conditions and how often?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 wer34576

wer34576
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 08 March 2015 - 03:36 PM

it is still freezing but it seems for less time. as it always has it will often occur more frequently when i have just started using my computer. however it does still tend to have random occurrences where it will just start freezing and going to 100% disk activity. it will also have the rare tendency of shutting down programs in these freezing periods. ranging from web browsers, games and even McAfee.

 

please take not that the time may not be different as the time varied by a lot before  running the 9 lab tool and i can only go off what has happened between then and now. i will of course update after i see on more occasions.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:16 AM

Posted 08 March 2015 - 04:20 PM

Thank you Kieran,

When putting the symptoms together it is possible this is a corruption rather than a malware issue, or maybe even a hardware issue.

Please do these things first.

===================================================

Run sfc /scannow from Elevated Command

--------------------
  • Click Start and Type cmd
  • Right click on cmd.exe above and select Run as Administrator
  • If you are prompted for an administrator password or for a confirmation, type the password, or click Allow
  • Windows 8: Press the Windows key + X at the same time, then click Command Prompt (Admin)
  • Type the following at the Command Prompt and press Enter

sfc /scannow

  • If Windows did not find any integrity violations please let me know
  • If errors were found but not corrected please run sfc /scannow an additonal 2 times
===================================================

CHKDSK /R in Windows 8

--------------------
  • Press the windows key Windows_Logo_key.gif + X on your keyboard at the same time
  • Select Command Prompt (Admin)
  • Type (or copy and paste) the following after the command prompt and press Enter

CMD /C ECHO Y|CHKDSK /R C: /R | SHUTDOWN /R /T 10

  • Please allow the system to reboot on its own and run the program. This may take a bit of time
  • When completed your system will automatically reboot
  • Report the results in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • sfc /scannow results
  • chkdsk results
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 wer34576

wer34576
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 09 March 2015 - 11:05 AM

update: same as before the scan and it had random occurrences of freezing and 100%disk  while i was running the scan and closed this web browser as i was writing my reply.

 

sfc scan first time found corruption but did not fix all of it.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,590 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:16 AM

Posted 09 March 2015 - 11:28 AM

Thanks. Let me know after you run sfc another 2 times and then chkdsk.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 wer34576

wer34576
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 09 March 2015 - 11:29 AM

how should i add the sfc log as its too big






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users