Here are both farbar scans
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by nuthatch (administrator) on NUTHATCH-PC on 03-04-2014 14:10:10
Running from C:\Users\nuthatch\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-02] (AVAST Software)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1225944 2014-03-25] (COMODO)
HKLM\...\Run: [KeyScrambler] - C:\Program Files\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes Anti-Exploit] - C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [1294136 2014-02-21] (Malwarebytes Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKU\S-1-5-21-3977535122-739135346-868588242-1000\...\Run: [PeerBlock] - C:\Program Files\PeerBlock\peerblock.exe [2124360 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-3977535122-739135346-868588242-1000\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [527936 2014-03-22] (BillP Studios)
HKU\S-1-5-21-3977535122-739135346-868588242-1002\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (ArcPlugin) - C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Adblock Plus) - C:\Users\nuthatch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-23]
CHR Extension: (avast! Online Security) - C:\Users\nuthatch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-23]
CHR Extension: (Google Wallet) - C:\Users\nuthatch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2009-02-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
S3 ArcService; C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-21] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-23] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5302384 2014-03-25] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO)
R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [319288 2014-02-21] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-23] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2009-02-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-23] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2013-12-18] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2014-03-25] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [607680 2014-03-25] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43216 2014-03-25] (COMODO)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [44632 2014-02-21] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [92656 2014-03-25] (COMODO)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [20040 2014-01-14] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-03 14:10 - 2014-04-03 14:10 - 00009556 _____ () C:\Users\nuthatch\Desktop\FRST.txt
2014-04-03 13:54 - 2014-04-03 14:10 - 00000000 ____D () C:\FRST
2014-04-03 13:29 - 2014-04-03 13:50 - 00000780 _____ () C:\Windows\PFRO.log
2014-04-03 12:39 - 2014-04-03 12:39 - 00048600 _____ () C:\Users\nuthatch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-03 12:39 - 2014-04-03 12:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-03 12:39 - 2014-04-03 12:39 - 00000000 _____ () C:\Windows\setupact.log
2014-04-03 12:27 - 2014-04-03 12:27 - 01145856 _____ (Farbar) C:\Users\nuthatch\Desktop\FRST.exe
2014-04-03 12:26 - 2014-04-03 13:49 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-04-03 12:22 - 2014-04-03 12:22 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NUTHATCH-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-bit).dat
2014-04-03 12:21 - 2014-04-03 12:21 - 00000000 ____D () C:\RegBackup
2014-04-03 12:18 - 2014-04-03 12:18 - 03098210 _____ () C:\Users\nuthatch\Desktop\tweaking.com_windows_repair_aio.zip
2014-04-03 12:18 - 2014-04-03 12:18 - 00000000 ____D () C:\Users\nuthatch\Desktop\tweaking.com_windows_repair_aio
2014-04-03 12:05 - 2014-04-03 12:05 - 00004586 _____ () C:\Users\nuthatch\Desktop\04032014_120104.log
2014-04-03 12:04 - 2014-04-03 13:50 - 00228720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-03 12:01 - 2014-04-03 12:01 - 00000000 ____D () C:\_OTL
2014-04-03 00:25 - 2014-04-03 00:25 - 00000054 _____ () C:\Users\nuthatch\Desktop\rep.txt
2014-04-02 18:32 - 2014-04-03 00:05 - 00003796 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-02 18:32 - 2014-04-02 18:32 - 00000000 ____D () C:\VTRoot
2014-03-31 20:23 - 2014-04-03 14:06 - 00129931 _____ () C:\Windows\WindowsUpdate.log
2014-03-31 16:46 - 2014-03-31 16:46 - 00000000 ____D () C:\Users\nuthatch\Desktop\New Folder
2014-03-31 16:26 - 2014-03-31 16:26 - 00602112 _____ (OldTimer Tools) C:\Users\nuthatch\Desktop\OTL.exe
2014-03-26 20:37 - 2014-03-26 20:37 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-26 20:27 - 2014-03-27 15:55 - 00000000 ____D () C:\Users\nuthatch\Desktop\CRYENGINE_Build_PC_v3_5_8_2310_freesdk
2014-03-26 08:09 - 2014-03-26 08:09 - 00001082 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-03-26 08:09 - 2014-03-26 08:09 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-26 08:09 - 2014-03-26 08:09 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-03-25 13:20 - 2014-03-27 15:36 - 00000000 ____D () C:\Users\nuthatch\Desktop\ja ja
2014-03-25 13:17 - 2014-03-25 13:17 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-25 13:16 - 2014-03-25 13:17 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-25 13:16 - 2014-03-25 13:16 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Leadertech
2014-03-25 13:16 - 2014-03-25 13:16 - 00000000 ____D () C:\Program Files\Logitech
2014-03-25 13:15 - 2014-03-25 13:16 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-03-25 13:14 - 2014-03-25 13:17 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Logitech
2014-03-25 13:14 - 2014-03-25 13:14 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Logishrd
2014-03-25 12:47 - 2014-03-25 12:47 - 00000000 ___SD () C:\ComboFix
2014-03-21 23:44 - 2014-03-21 23:50 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-21 23:43 - 2014-03-21 23:43 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-21 22:58 - 2014-03-21 22:58 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Mozilla
2014-03-19 01:44 - 2014-03-31 18:45 - 00000000 ____D () C:\Windows\pss
2014-03-18 20:55 - 2014-03-26 20:02 - 00290776 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-03-18 20:55 - 2014-03-18 20:55 - 00000000 ____D () C:\Users\nuthatch\AppData\Local\PunkBuster
2014-03-18 20:54 - 2014-03-18 20:47 - 00001202 _____ () C:\Users\nuthatch\Desktop\APB Reloaded.lnk
2014-03-18 20:53 - 2014-03-18 20:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-18 20:52 - 2014-03-26 20:00 - 00281288 _____ () C:\Windows\system32\PnkBstrB.ex0
2014-03-18 20:52 - 2014-03-18 20:52 - 00138904 _____ () C:\Users\nuthatch\AppData\Roaming\PnkBstrK.sys
2014-03-18 20:52 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-03-18 20:52 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-03-18 20:52 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-03-18 20:52 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-03-18 20:52 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-03-18 20:52 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-03-18 20:52 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-03-18 20:52 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-03-18 20:52 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-03-18 20:52 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-03-18 20:52 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-03-18 20:52 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-03-18 20:35 - 2014-03-25 12:51 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2014-03-18 20:35 - 2014-03-18 20:35 - 00000000 ____D () C:\Users\nuthatch\AppData\Local\GamersFirst
2014-03-18 20:35 - 2014-03-18 20:35 - 00000000 ____D () C:\Program Files\GamersFirst
2014-03-18 08:25 - 2014-03-18 08:25 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-03-18 08:25 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-03-18 08:25 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-03-17 15:17 - 2014-03-18 20:34 - 00000724 _____ () C:\console.log
2014-03-17 14:39 - 2014-03-17 14:39 - 00001635 _____ () C:\Users\nuthatch\Desktop\TERA.lnk
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\TERA
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Program Files\TERA
2014-03-14 09:08 - 2014-02-23 06:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 09:08 - 2014-02-23 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 09:08 - 2014-02-23 06:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 09:08 - 2014-02-23 06:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 09:08 - 2014-02-23 06:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 09:08 - 2014-02-23 06:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 09:08 - 2014-02-23 06:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-14 09:08 - 2014-02-23 06:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 09:08 - 2014-02-23 06:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 09:08 - 2014-02-23 06:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 09:08 - 2014-02-23 06:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 09:08 - 2014-02-23 06:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 09:08 - 2014-02-23 06:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-14 09:08 - 2014-02-23 06:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 09:08 - 2014-02-23 06:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-14 09:08 - 2014-02-23 06:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 08:57 - 2014-02-07 11:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 08:57 - 2014-02-03 11:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 08:57 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 08:57 - 2013-11-13 01:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-13 00:08 - 2014-03-13 00:08 - 00000051 _____ () C:\Users\nuthatch\AppData\Roaming\mbam.context.scan
2014-03-12 15:50 - 2014-03-12 15:50 - 00000000 ____D () C:\Windows\jumpshot.com
2014-03-12 09:52 - 2014-03-12 09:52 - 00001728 _____ () C:\Users\nuthatch\Desktop\PeerBlock.lnk
2014-03-10 21:03 - 2008-09-02 16:03 - 00453152 _____ (NVIDIA Corporation) C:\Windows\system32\nvuninst.exe
2014-03-10 21:03 - 2008-07-08 09:45 - 00004984 _____ () C:\Windows\system32\Drivers\nvphy.bin
2014-03-08 22:55 - 2014-03-08 22:55 - 00011075 _____ () C:\Users\nuthatch\Desktop\ComboFix.txt
2014-03-05 20:55 - 2014-04-03 12:05 - 00000000 ____D () C:\Users\nuthatch\Desktop\syst
2014-03-05 20:55 - 2014-03-05 20:55 - 00000000 ____D () C:\Users\nuthatch\Desktop\PvP neverwinter
2014-03-04 17:56 - 2014-04-02 14:56 - 00000000 ____D () C:\Users\nuthatch\AppData\Local\CrashDumps
2014-03-04 11:16 - 2014-03-24 20:51 - 00001121 _____ () C:\Users\nuthatch\Desktop\go.txt
==================== One Month Modified Files and Folders =======
2014-04-03 14:10 - 2014-04-03 14:10 - 00009556 _____ () C:\Users\nuthatch\Desktop\FRST.txt
2014-04-03 14:10 - 2014-04-03 13:54 - 00000000 ____D () C:\FRST
2014-04-03 14:08 - 2009-02-18 22:33 - 00000000 ____D () C:\Program Files\PeerBlock
2014-04-03 14:06 - 2014-03-31 20:23 - 00129931 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 14:00 - 2006-11-02 11:33 - 00755394 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 13:57 - 2014-01-23 22:32 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 13:56 - 2014-01-23 22:32 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-03 13:56 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 13:56 - 2006-11-02 13:47 - 00004928 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 13:56 - 2006-11-02 13:47 - 00004928 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 13:55 - 2006-11-02 14:01 - 00032646 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-03 13:50 - 2014-04-03 13:29 - 00000780 _____ () C:\Windows\PFRO.log
2014-04-03 13:50 - 2014-04-03 12:04 - 00228720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-03 13:49 - 2014-04-03 12:26 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-04-03 12:39 - 2014-04-03 12:39 - 00048600 _____ () C:\Users\nuthatch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-03 12:39 - 2014-04-03 12:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-03 12:39 - 2014-04-03 12:39 - 00000000 _____ () C:\Windows\setupact.log
2014-04-03 12:27 - 2014-04-03 12:27 - 01145856 _____ (Farbar) C:\Users\nuthatch\Desktop\FRST.exe
2014-04-03 12:22 - 2014-04-03 12:22 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NUTHATCH-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-bit).dat
2014-04-03 12:21 - 2014-04-03 12:21 - 00000000 ____D () C:\RegBackup
2014-04-03 12:18 - 2014-04-03 12:18 - 03098210 _____ () C:\Users\nuthatch\Desktop\tweaking.com_windows_repair_aio.zip
2014-04-03 12:18 - 2014-04-03 12:18 - 00000000 ____D () C:\Users\nuthatch\Desktop\tweaking.com_windows_repair_aio
2014-04-03 12:05 - 2014-04-03 12:05 - 00004586 _____ () C:\Users\nuthatch\Desktop\04032014_120104.log
2014-04-03 12:05 - 2014-03-05 20:55 - 00000000 ____D () C:\Users\nuthatch\Desktop\syst
2014-04-03 12:01 - 2014-04-03 12:01 - 00000000 ____D () C:\_OTL
2014-04-03 00:25 - 2014-04-03 00:25 - 00000054 _____ () C:\Users\nuthatch\Desktop\rep.txt
2014-04-03 00:05 - 2014-04-02 18:32 - 00003796 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-02 18:32 - 2014-04-02 18:32 - 00000000 ____D () C:\VTRoot
2014-04-02 18:32 - 2009-02-18 22:38 - 00001777 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2014-04-02 14:56 - 2014-03-04 17:56 - 00000000 ____D () C:\Users\nuthatch\AppData\Local\CrashDumps
2014-03-31 18:45 - 2014-03-19 01:44 - 00000000 ____D () C:\Windows\pss
2014-03-31 16:46 - 2014-03-31 16:46 - 00000000 ____D () C:\Users\nuthatch\Desktop\New Folder
2014-03-31 16:26 - 2014-03-31 16:26 - 00602112 _____ (OldTimer Tools) C:\Users\nuthatch\Desktop\OTL.exe
2014-03-30 07:16 - 2013-12-13 19:37 - 00000000 ____D () C:\Program Files\SpywareBlaster
2014-03-27 15:55 - 2014-03-26 20:27 - 00000000 ____D () C:\Users\nuthatch\Desktop\CRYENGINE_Build_PC_v3_5_8_2310_freesdk
2014-03-27 15:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Web
2014-03-27 15:36 - 2014-03-25 13:20 - 00000000 ____D () C:\Users\nuthatch\Desktop\ja ja
2014-03-26 20:37 - 2014-03-26 20:37 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-26 20:02 - 2014-03-18 20:55 - 00290776 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-03-26 20:00 - 2014-03-18 20:52 - 00281288 _____ () C:\Windows\system32\PnkBstrB.ex0
2014-03-26 08:09 - 2014-03-26 08:09 - 00001082 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-03-26 08:09 - 2014-03-26 08:09 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-26 08:09 - 2014-03-26 08:09 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-03-25 20:22 - 2013-11-14 12:38 - 00607680 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-03-25 20:22 - 2013-11-14 12:38 - 00036000 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2014-03-25 20:22 - 2013-09-24 11:54 - 00092656 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-03-25 20:22 - 2013-09-24 11:54 - 00043216 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-03-25 20:22 - 2013-09-24 11:54 - 00020072 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-03-25 20:22 - 2013-09-24 11:53 - 00363504 _____ (COMODO) C:\Windows\system32\guard32.dll
2014-03-25 20:22 - 2013-09-24 11:53 - 00284888 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll
2014-03-25 20:22 - 2013-09-24 11:53 - 00040664 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll
2014-03-25 13:18 - 2009-02-18 21:45 - 00000000 ____D () C:\Users\nuthatch
2014-03-25 13:17 - 2014-03-25 13:17 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-25 13:17 - 2014-03-25 13:16 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-25 13:17 - 2014-03-25 13:14 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Logitech
2014-03-25 13:16 - 2014-03-25 13:16 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Leadertech
2014-03-25 13:16 - 2014-03-25 13:16 - 00000000 ____D () C:\Program Files\Logitech
2014-03-25 13:16 - 2014-03-25 13:15 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-03-25 13:14 - 2014-03-25 13:14 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Logishrd
2014-03-25 12:52 - 2009-02-18 21:45 - 00001356 _____ () C:\Users\nuthatch\AppData\Local\d3d9caps.dat
2014-03-25 12:51 - 2014-03-18 20:35 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
2014-03-25 12:51 - 2014-02-20 17:48 - 00000000 ____D () C:\Program Files\Common Files\BioWare
2014-03-25 12:47 - 2014-03-25 12:47 - 00000000 ___SD () C:\ComboFix
2014-03-25 12:47 - 2014-02-27 15:04 - 00000000 ____D () C:\Qoobox
2014-03-25 08:36 - 2009-02-18 22:31 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-24 20:51 - 2014-03-04 11:16 - 00001121 _____ () C:\Users\nuthatch\Desktop\go.txt
2014-03-21 23:50 - 2014-03-21 23:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-21 23:43 - 2014-03-21 23:43 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-21 22:58 - 2014-03-21 22:58 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\Mozilla
2014-03-18 20:55 - 2014-03-18 20:55 - 00000000 ____D () C:\Users\nuthatch\AppData\Local\PunkBuster
2014-03-18 20:53 - 2014-03-18 20:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-18 20:52 - 2014-03-18 20:52 - 00138904 _____ () C:\Users\nuthatch\AppData\Roaming\PnkBstrK.sys
2014-03-18 20:52 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-03-18 20:47 - 2014-03-18 20:54 - 00001202 _____ () C:\Users\nuthatch\Desktop\APB Reloaded.lnk
2014-03-18 20:35 - 2014-03-18 20:35 - 00000000 ____D () C:\Users\nuthatch\AppData\Local\GamersFirst
2014-03-18 20:35 - 2014-03-18 20:35 - 00000000 ____D () C:\Program Files\GamersFirst
2014-03-18 20:34 - 2014-03-17 15:17 - 00000724 _____ () C:\console.log
2014-03-18 16:13 - 2013-12-13 19:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 16:12 - 2006-11-02 11:24 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-18 08:25 - 2014-03-18 08:25 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-03-18 08:25 - 2013-12-13 19:19 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-03-18 08:25 - 2009-02-18 22:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 14:39 - 2014-03-17 14:39 - 00001635 _____ () C:\Users\nuthatch\Desktop\TERA.lnk
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Users\nuthatch\AppData\Roaming\TERA
2014-03-17 14:39 - 2014-03-17 14:39 - 00000000 ____D () C:\Program Files\TERA
2014-03-16 09:00 - 2014-01-23 22:33 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 09:34 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-03-13 00:08 - 2014-03-13 00:08 - 00000051 _____ () C:\Users\nuthatch\AppData\Roaming\mbam.context.scan
2014-03-12 19:11 - 2014-01-25 11:23 - 00000000 ____D () C:\Users\nuthatch\Desktop\dreadzone
2014-03-12 15:50 - 2014-03-12 15:50 - 00000000 ____D () C:\Windows\jumpshot.com
2014-03-12 09:52 - 2014-03-12 09:52 - 00001728 _____ () C:\Users\nuthatch\Desktop\PeerBlock.lnk
2014-03-10 21:29 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-10 21:22 - 2013-12-13 19:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-08 22:55 - 2014-03-08 22:55 - 00011075 _____ () C:\Users\nuthatch\Desktop\ComboFix.txt
2014-03-08 22:53 - 2014-02-27 15:04 - 00000000 ____D () C:\Windows\erdnt
2014-03-08 22:53 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2014-03-05 20:55 - 2014-03-05 20:55 - 00000000 ____D () C:\Users\nuthatch\Desktop\PvP neverwinter
2014-03-05 15:59 - 2014-01-25 11:22 - 00000000 ____D () C:\Users\nuthatch\Desktop\Alice
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-03 14:03
==================== End Of Log ============================
here is the 2nd
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by nuthatch at 2014-04-03 14:10:30
Running from C:\Users\nuthatch\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
APB Reloaded (HKLM\...\APB Reloaded) (Version: 1.6.4.649692 - )
Arc (HKLM\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
COMODO Firewall (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Exploit version 0.10.0.1000 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 0.10.0.1000 - Malwarebytes)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
TERA (HKLM\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.5.2014.1 - BillP Studios)
YTD Video Downloader 4.7.4 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.4 - GreenTree Applications SRL)
==================== Restore Points =========================
10-02-2014 14:52:34 Scheduled Checkpoint
11-02-2014 08:37:02 Windows Update
12-02-2014 22:56:13 Windows Update
17-02-2014 13:11:00 Scheduled Checkpoint
18-02-2014 17:09:18 Windows Update
20-02-2014 16:48:31 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
22-02-2014 09:11:14 Windows Update
25-02-2014 16:24:42 Windows Update
27-02-2014 15:55:39 Scheduled Checkpoint
28-02-2014 18:36:02 Windows Update
04-03-2014 16:38:35 Windows Update
07-03-2014 17:54:41 Installed Java 7 Update 51
07-03-2014 18:08:05 Removed Java 7 Update 51
07-03-2014 18:23:32 Installed Java 7 Update 51
07-03-2014 18:37:10 Removed Java 7 Update 51
10-03-2014 20:01:21 Windows Update
14-03-2014 08:07:09 Windows Update
18-03-2014 15:11:11 Windows Update
18-03-2014 19:51:28 Installed DirectX
18-03-2014 19:53:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
19-03-2014 21:48:23 Scheduled Checkpoint
21-03-2014 20:08:50 Windows Update
25-03-2014 12:17:41 Device Driver Package Install: Logitech Keyboards
25-03-2014 12:18:10 Device Driver Package Install: Logitech Mice and other pointing devices
25-03-2014 12:46:10 Windows Update
27-03-2014 20:34:00 Scheduled Checkpoint
28-03-2014 18:13:33 Windows Update
31-03-2014 18:15:13 Scheduled Checkpoint
01-04-2014 06:16:53 Windows Update
03-04-2014 11:01:17 OTL Restore Point - 03/04/2014 12:01:16
03-04-2014 11:20:35 Tweaking.com - Windows Repair
==================== Hosts content: ==========================
2014-03-17 11:22 - 2014-03-18 08:23 - 00517864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {036C84A6-5530-4948-AF4B-086AC02038B9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-23] (AVAST Software)
Task: {12CC8796-DACA-4702-B98D-D3876307FD94} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {201B2D9E-AA35-4468-BE31-CD4A240556D7} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-31] (COMODO)
Task: {39FCD413-EAD8-4F76-9C58-0A984AF0BA82} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-31] (COMODO)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {6436AB12-ECE6-4CAD-A439-0F202724236B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-23] (Google Inc.)
Task: {8AC8152A-F689-47F5-BF73-1CDEAD5F494C} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {AA8F349D-9687-4A52-A13E-2E926282C5B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {C5B771B7-707B-42F8-A7C5-7D64D2A1A9EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-23] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-03 12:17 - 2014-04-03 08:47 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14040300\algo.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2009-02-18 22:32 - 2009-02-18 22:32 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-02-18 22:31 - 2014-02-18 04:46 - 00643948 _____ () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2014-03-16 09:00 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-16 09:00 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-16 09:00 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-16 09:00 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/03/2014 11:55:24 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 33.0.1750.154 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1664
Start Time: 01cf4f2b133c3983
Termination Time: 3
Error: (04/02/2014 05:05:50 PM) (Source: Windows Search Service) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.
Context: Application, SystemIndex Catalog
Error: (04/02/2014 02:55:53 PM) (Source: Application Error) (User: )
Description: Faulting application wmplayer.exe, version 11.0.6002.18311, time stamp 0x4c8e2d72, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x8000010c,
process id 0x101c, application start time 0xwmplayer.exe0.
Error: (03/30/2014 10:06:34 PM) (Source: Application Error) (User: )
Description: Faulting application eReg.exe, version 1.38.0.0, time stamp 0x490f6f0f, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000001,
process id 0x32c, application start time 0xeReg.exe0.
Error: (03/30/2014 10:06:29 PM) (Source: Application Error) (User: )
Description: Faulting application KeyScrambler.exe, version 3.3.0.0, time stamp 0x52851364, faulting module KeyScrambler.exe, version 3.3.0.0, time stamp 0x52851364, exception code 0x40000015, fault offset 0x000155bc,
process id 0xedc, application start time 0xKeyScrambler.exe0.
Error: (03/30/2014 05:08:09 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (03/30/2014 04:59:56 PM) (Source: Application Error) (User: )
Description: Faulting application wmplayer.exe, version 11.0.6002.18311, time stamp 0x4c8e2d72, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000178,
process id 0x1568, application start time 0xwmplayer.exe0.
Error: (03/27/2014 10:00:31 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (03/26/2014 06:21:02 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (03/25/2014 00:59:16 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index metadata cannot be read. (0xc0041801)
System errors:
=============
Error: (04/03/2014 01:29:22 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 13:28:02 on 03/04/2014 was unexpected.
Error: (04/03/2014 00:01:05 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Service1
Error: (04/03/2014 08:27:19 AM) (Source: i8042prt) (User: )
Description: Could not set the mouse sample rate.
Error: (04/02/2014 00:34:23 PM) (Source: i8042prt) (User: )
Description: An error occurred while trying to determine the number of mouse buttons.
Error: (04/01/2014 10:49:55 PM) (Source: i8042prt) (User: )
Description: An error occurred while enabling the mouse to transmit information. The device has been reset in an attempt to make the device functional.
Error: (03/27/2014 11:57:16 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (03/25/2014 01:00:30 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service
Error: (03/25/2014 01:00:30 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)
Error: (03/25/2014 00:48:49 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (03/25/2014 00:48:30 PM) (Source: DCOM) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}
Microsoft Office Sessions:
=========================
Error: (04/03/2014 11:55:24 AM) (Source: Application Hang)(User: )
Description: chrome.exe33.0.1750.154166401cf4f2b133c39833
Error: (04/02/2014 05:05:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Error: (04/02/2014 02:55:53 PM) (Source: Application Error)(User: )
Description: wmplayer.exe11.0.6002.183114c8e2d72unknown0.0.0.000000000c00000058000010c101c01cf4e63112c7229
Error: (03/30/2014 10:06:34 PM) (Source: Application Error)(User: )
Description: eReg.exe1.38.0.0490f6f0funknown0.0.0.000000000c00000050000000132c01cf4c5bec01a80a
Error: (03/30/2014 10:06:29 PM) (Source: Application Error)(User: )
Description: KeyScrambler.exe3.3.0.052851364KeyScrambler.exe3.3.0.05285136440000015000155bcedc01cf4c5be863b12a
Error: (03/30/2014 05:08:09 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (03/30/2014 04:59:56 PM) (Source: Application Error)(User: )
Description: wmplayer.exe11.0.6002.183114c8e2d72unknown0.0.0.000000000c000000500000178156801cf4be006d34cd2
Error: (03/27/2014 10:00:31 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (03/26/2014 06:21:02 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (03/25/2014 00:59:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
Details:
The content index metadata cannot be read. (0xc0041801)
CodeIntegrity Errors:
===================================
Date: 2014-04-03 14:10:27.304
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:10:27.234
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:10:27.163
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:10:27.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:10:27.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:10:26.948
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:10:26.878
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:10:26.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-31 16:29:59.285
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-31 16:29:59.214
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 3581.63 MB
Available physical RAM: 2100.08 MB
Total Pagefile: 7374.16 MB
Available Pagefile: 5779.37 MB
Total Virtual: 3071.88 MB
Available Virtual: 2945.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:746.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 93D0ECF1)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================