wow that was quick response
ok here we go
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Darren (administrator) on DARREN-PC on 16-01-2015 22:30:14
Running from C:\Users\Darren\Downloads
Loaded Profiles: Darren (Available profiles: Darren)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Alcatel-Lucent) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Joyent, Inc) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Curse) C:\Users\Darren\AppData\Local\Apps\2.0\WKCW819V.ZAB\7KO4R96G.X1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mathematical Applications) C:\ProgramData\yNihBy\ZXVLlHlG.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(MurGee.com) C:\ProgramData\Auto Keyboard\AutoKeyboard.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => c:\program files\realtek\audio\hda\rtkngui64.exe [7575768 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [btbb_McciTrayApp] => C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe [2860856 2013-11-11] (Alcatel-Lucent)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-233057431-3032299918-2474818732-1000\...\Run: [MurGee.com Auto Keyboard] => c:\programdata\auto keyboard\autokeyboard.exe [80176 2014-09-17] (MurGee.com)
HKU\S-1-5-21-233057431-3032299918-2474818732-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2426144 2014-11-25] (IObit)
Startup: C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-233057431-3032299918-2474818732-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
HKU\S-1-5-21-233057431-3032299918-2474818732-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://uk.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\b46mwoxu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\b46mwoxu.default\user.js
FF Extension: Ads Removal - C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\b46mwoxu.default\Extensions\
[email protected] [2014-12-10]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\b46mwoxu.default\Extensions\
[email protected] [2014-12-09]
FF Extension: GPU Accelerated Flash Player - C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\b46mwoxu.default\Extensions\
[email protected] [2014-10-01]
FF Extension: YouTube High Definition - C:\Users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\b46mwoxu.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-10-01]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.yahoo.co.uk/
CHR Profile: C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Profile: C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Drive) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\Darren\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 BT Help Wizard; C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe [321024 2014-04-09] (Alcatel-Lucent) [File not signed]
S3 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315240 2014-11-09] (Kingsoft Corporation)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2014-08-14] (DTS)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [467256 2013-11-11] (Alcatel-Lucent)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZXVLlHlG; C:\ProgramData\yNihBy\ZXVLlHlG.exe [2726216 2014-12-03] (Mathematical Applications)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2014-11-09] (Kingsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
R3 cpuz137; \??\C:\Users\Darren\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-16 22:30 - 2015-01-16 22:30 - 00016826 _____ () C:\Users\Darren\Downloads\FRST.txt
2015-01-16 22:28 - 2015-01-16 22:30 - 00000000 ____D () C:\FRST
2015-01-16 22:28 - 2015-01-16 22:28 - 02125312 _____ (Farbar) C:\Users\Darren\Downloads\FRST64.exe
2015-01-16 16:59 - 2015-01-16 16:59 - 00066460 _____ () C:\Users\Darren\Downloads\Extras.Txt
2015-01-16 16:58 - 2015-01-16 16:58 - 00072572 _____ () C:\Users\Darren\Downloads\OTL.Txt
2015-01-16 16:53 - 2015-01-16 16:53 - 00602112 _____ (OldTimer Tools) C:\Users\Darren\Downloads\OTL.exe
2015-01-16 16:17 - 2015-01-16 16:17 - 00064416 _____ () C:\Users\Darren\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-16 14:30 - 2015-01-16 14:30 - 00000000 __SHD () C:\Users\Darren\AppData\Local\EmieUserList
2015-01-16 14:30 - 2015-01-16 14:30 - 00000000 __SHD () C:\Users\Darren\AppData\Local\EmieSiteList
2015-01-16 14:30 - 2015-01-16 14:30 - 00000000 __SHD () C:\Users\Darren\AppData\Local\EmieBrowserModeList
2015-01-16 14:25 - 2015-01-16 22:27 - 00000000 ____D () C:\Users\Darren\AppData\Local\CrimeWatch
2015-01-13 18:50 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 18:50 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 18:50 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 18:50 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 18:50 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 18:49 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 18:49 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 18:49 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 18:49 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 18:49 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 18:49 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 18:49 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 18:49 - 2014-12-11 17:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-08 00:22 - 2015-01-08 00:22 - 17528608 _____ (IObit) C:\Users\Darren\Downloads\iobituninstaller.exe
2014-12-26 10:38 - 2014-12-13 10:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-26 10:38 - 2014-12-13 10:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-26 10:38 - 2014-12-13 10:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-26 10:38 - 2014-10-09 17:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-26 10:38 - 2014-10-09 17:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-26 10:38 - 2014-10-09 07:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-12-24 10:50 - 2014-12-24 10:52 - 00000000 ____D () C:\Users\Darren\Documents\Heroes of the Storm
2014-12-24 07:53 - 2014-12-24 07:53 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-12-24 07:53 - 2014-12-24 07:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-12-24 07:49 - 2015-01-14 13:39 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-12-21 03:01 - 2014-12-21 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-12-21 02:45 - 2014-11-22 10:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-21 02:45 - 2014-11-22 10:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-21 02:45 - 2014-11-22 10:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-18 11:09 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 11:09 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 10:59 - 2014-12-18 10:59 - 00001082 _____ () C:\Users\Darren\Desktop\HearthstoneTracker.lnk
2014-12-18 10:59 - 2014-12-18 10:59 - 00000000 ____D () C:\Users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker
2014-12-18 10:59 - 2014-12-18 10:59 - 00000000 ____D () C:\Users\Darren\AppData\Local\HearthstoneTracker
2014-12-18 10:59 - 2014-12-18 10:59 - 00000000 ____D () C:\Program Files (x86)\HearthstoneTracker
2014-12-18 10:58 - 2014-12-18 10:59 - 10382707 _____ (HearthstoneTracker.com) C:\Users\Darren\Downloads\HearthstoneTracker-Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-16 22:22 - 2014-08-13 17:46 - 01310284 _____ () C:\Windows\WindowsUpdate.log
2015-01-16 22:19 - 2014-08-14 12:09 - 00000000 ____D () C:\Users\Darren\AppData\Local\Battle.net
2015-01-16 21:59 - 2014-12-09 05:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 21:41 - 2014-08-14 10:47 - 00000000 ____D () C:\Users\Darren\AppData\Local\Deployment
2015-01-16 17:41 - 2014-08-14 18:27 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-01-16 14:20 - 2014-08-13 17:51 - 00000000 ____D () C:\Users\Darren
2015-01-16 13:45 - 2009-07-14 04:45 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-16 13:45 - 2009-07-14 04:45 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-16 13:41 - 2014-12-09 06:49 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-16 13:37 - 2014-12-09 05:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 13:36 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-16 02:32 - 2014-12-05 16:41 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-14 18:57 - 2014-11-30 19:43 - 00002109 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-01-14 18:00 - 2014-12-09 05:55 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-14 13:38 - 2014-08-20 03:01 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-01-13 20:54 - 2014-08-14 10:35 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 20:51 - 2014-08-14 10:35 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 06:07 - 2014-08-19 17:56 - 00000000 ____D () C:\Users\Darren\AppData\Roaming\Ventrilo
2015-01-10 06:00 - 2014-09-11 19:15 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2015-01-09 19:24 - 2014-08-13 17:59 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-08 00:16 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-01 10:04 - 2014-10-31 03:50 - 00002038 _____ () C:\Users\Darren\Desktop\Sequeencesone.lua
2014-12-31 11:14 - 2014-08-14 10:04 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-26 10:40 - 2014-11-18 15:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-26 10:30 - 2009-07-14 05:08 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-24 10:50 - 2014-08-14 12:09 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-21 02:52 - 2014-08-14 18:31 - 00001236 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-20 10:52 - 2014-08-30 08:05 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-12-18 10:54 - 2014-08-14 12:11 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-18 03:46 - 2014-12-09 07:41 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 12:23
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Darren at 2015-01-16 22:30:40
Running from C:\Users\Darren\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1637796.2000442264.1946719294.32 - Audible, Inc.)
Auto Keyboard v1.6 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 1.6 - MurGee.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BT Desktop Help (HKLM-x32\...\BT Desktop Help) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Clean Master (HKLM-x32\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Curse Client (HKU\S-1-5-21-233057431-3032299918-2474818732-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Free YouTube Downloader 4.0.283 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 5.10 - Philipp Winterberg)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Tukui Client (HKLM-x32\...\{6517882E-E5E0-40DC-B3B0-A531FF2A06E8}) (Version: 2.4.5 - Tukui)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (03/31/2014 10.0.0.288) (HKLM\...\E411CAC42F905EEA57E543B641DDB9D855AF075A) (Version: 03/31/2014 10.0.0.288 - Qualcomm Atheros Communications Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-233057431-3032299918-2474818732-1000_Classes\CLSID\{7cca65f0-833f-4acc-b00b-a54936638896}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2014-12-10 00:40 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03051B16-BB61-4D90-B7E4-A0FDB4E76502} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-09] (Google Inc.)
Task: {0ABBDE4C-2619-453E-B933-06709A7C9C07} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: {3491387A-FE1A-4707-AC4C-DB1C7D4478E5} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-26] (IObit)
Task: {3E72DD44-2F8F-4534-859C-6879F2CB998C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {4071FEE8-C07B-4C5F-8D25-F63D052E1CDC} - System32\Tasks\ASC8_SkipUac_Darren => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
Task: {5555C634-C575-48DD-9B06-5E10C0DBCEE2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {63F93DF5-F779-4D67-B8F1-2CB5985B5991} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {65B23287-26C1-42B8-9393-983977C0B030} - System32\Tasks\Driver Booster Beta SkipUAC (Darren) => C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe
Task: {79FCE03B-E63A-434C-B5D4-392E67D4FA5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-08] (Adobe Systems Incorporated)
Task: {863458F7-1211-418F-AB15-48276FD91955} - System32\Tasks\{B5810AF7-DAB9-421F-A1DC-E74D3779C145} => pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare 7\SecurityHole_Backup\KB2565063.exe" -d C:\Windows\system32 -c /quiet /norestart
Task: {871204D4-48D8-4F8A-BACA-7F4356C3080D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-10-19] ()
Task: {88A0265E-78C7-46B7-B07C-A315A9A7DEB2} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {A0CE6664-7D83-45C7-B3C3-658DD14AD5B5} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {AB3540C9-B55B-4760-BC32-E35B3DF4F682} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-09] (Google Inc.)
Task: {CB2C5B36-5415-4B24-8654-D0EA79FCC1A4} - System32\Tasks\Uninstaller_SkipUac_Darren => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {CFCE8327-2D8E-4002-B25D-95B2AF16C6D3} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-11-18] (IObit)
Task: {D36238D2-6E4A-485B-8609-20D0513E3B7F} - System32\Tasks\{4C2F3B49-220E-4BE2-9687-63D509ED3F18} => pcalua.exe -a "C:\Users\Darren\Downloads\setup (1).exe" -d C:\Users\Darren\Downloads
Task: {DCECA23C-B962-4929-9446-33A131B89AA3} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {DFFAEC23-72DF-4404-B9F7-B37DB5C23E2F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {E6868CD2-3922-4854-9D90-7FC590A97DA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {E70CCF96-E5B0-4838-B350-8C0204760F0E} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-28] (IObit)
Task: {ECDA8A70-F9B9-44E3-A461-FCC05397AF51} - System32\Tasks\{C1E12354-F84A-4AF5-B0F6-12FDB8E972A4} => pcalua.exe -a "C:\Users\Darren\Downloads\ActiveSetupN (1).exe" -d C:\Users\Darren\Downloads
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-11-18 15:12 - 2014-12-13 08:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-09 20:15 - 2014-10-09 20:15 - 00016384 ____N () C:\Users\Darren\AppData\Local\Apps\2.0\WKCW819V.ZAB\7KO4R96G.X1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
2014-08-18 01:56 - 2014-08-18 01:56 - 00035840 _____ () C:\Users\Darren\AppData\Local\Apps\2.0\WKCW819V.ZAB\7KO4R96G.X1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
2014-10-09 20:15 - 2014-10-09 20:14 - 00099840 ____N () C:\Users\Darren\AppData\Local\Apps\2.0\WKCW819V.ZAB\7KO4R96G.X1P\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll
2014-11-30 19:43 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2013-11-07 17:58 - 2013-11-07 17:58 - 00244736 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-11-07 17:58 - 2013-11-07 17:58 - 00271360 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2013-11-07 17:57 - 2013-11-07 17:57 - 00237056 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2013-04-24 07:55 - 2013-04-24 07:55 - 01581056 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\libxmljs\build\Release\xmljs.node
2013-04-18 16:55 - 2013-04-18 16:55 - 00068608 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
2014-11-30 19:43 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-11-30 19:43 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-11-30 19:43 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-11-30 19:43 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
2014-11-30 19:43 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2014-12-09 07:41 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-09 07:41 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-09 07:41 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-30 19:43 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-11-30 19:43 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-11-30 19:43 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-01-14 18:00 - 2015-01-09 00:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-14 18:00 - 2015-01-09 00:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-14 18:00 - 2015-01-09 00:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-14 18:00 - 2015-01-09 00:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-14 18:00 - 2015-01-09 00:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Darren^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupreg: Battle.net => "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe" --autostarted
MSCONFIG\startupreg: cmsc => "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => c:\program files (x86)\divx\divx media server\divxmediaserver.exe
MSCONFIG\startupreg: DivXUpdate => "c:\program files (x86)\divx\divx update\divxupdate.exe" /checknow
MSCONFIG\startupreg: NvBackend => c:\program files (x86)\nvidia corporation\update core\nvbackend.exe
MSCONFIG\startupreg: Raptr => c:\progra~2\raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RtHDVBg_DTS => "c:\program files\realtek\audio\hda\ravbg64.exe" /fordtsuptbt
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => c:\program files (x86)\common files\java\java update\jusched.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-233057431-3032299918-2474818732-500 - Administrator - Disabled)
Darren (S-1-5-21-233057431-3032299918-2474818732-1000 - Administrator - Enabled) => C:\Users\Darren
Guest (S-1-5-21-233057431-3032299918-2474818732-501 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Qualcomm Atheros AR9285 Wireless Network Adapter #2
Description: Qualcomm Atheros AR9285 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/16/2015 04:15:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 6.0.3.19342 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1b78
Start Time: 01d031a4ae3ec788
Termination Time: 520
Application Path: C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Report Id:
Error: (01/16/2015 03:23:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 6.0.3.19342 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1970
Start Time: 01d0319faef541e1
Termination Time: 335
Application Path: C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Report Id:
Error: (01/16/2015 02:13:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc015000f
Fault offset: 0x000000000006f7ba
Faulting process id: 0x554
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (01/16/2015 02:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: SHELL32.dll, version: 6.1.7601.18517, time stamp: 0x53aa2e07
Exception code: 0xc0000005
Fault offset: 0x0000000000050506
Faulting process id: 0x554
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (01/16/2015 01:38:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2008) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Darren\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (01/15/2015 11:01:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 39.0.2171.99 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 11ec
Start Time: 01d030513f732ba5
Termination Time: 19
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report Id:
Error: (01/15/2015 07:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 6.0.3.19342 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1600
Start Time: 01d03078d76fbd45
Termination Time: 174
Application Path: C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Report Id:
Error: (01/15/2015 04:06:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 6.0.3.19342 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 660
Start Time: 01d0304f817db47e
Termination Time: 301
Application Path: C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Report Id:
Error: (01/14/2015 08:22:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Wow-64.exe version 6.0.3.19342 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1350
Start Time: 01d0302e78bb5c0c
Termination Time: 587
Application Path: C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Report Id:
Error: (01/12/2015 05:52:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1760) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Darren\AppData\Local\Microsoft\Windows\WebCache\V01.log.
System errors:
=============
Error: (01/16/2015 10:26:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The IMF Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/16/2015 01:38:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (01/16/2015 01:38:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (01/16/2015 01:37:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (01/16/2015 01:37:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (01/15/2015 05:49:29 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
Error: (01/15/2015 07:09:52 AM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
Error: (01/12/2015 06:37:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (01/12/2015 06:37:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (01/12/2015 06:36:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Microsoft Office Sessions:
=========================
Error: (01/16/2015 04:15:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.0.3.193421b7801d031a4ae3ec788520C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Error: (01/16/2015 03:23:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.0.3.19342197001d0319faef541e1335C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Error: (01/16/2015 02:13:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c015000f000000000006f7ba55401d031917d942d6eC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlld73eaffc-9d89-11e4-bb1c-14dae933f642
Error: (01/16/2015 02:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4SHELL32.dll6.1.7601.1851753aa2e07c0000005000000000005050655401d031917d942d6eC:\Windows\Explorer.EXEC:\Windows\system32\SHELL32.dlld4cc7f03-9d89-11e4-bb1c-14dae933f642
Error: (01/16/2015 01:38:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost2008WebCacheLocal: C:\Users\Darren\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)
Error: (01/15/2015 11:01:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.9911ec01d030513f732ba519C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Error: (01/15/2015 07:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.0.3.19342160001d03078d76fbd45174C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Error: (01/15/2015 04:06:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.0.3.1934266001d0304f817db47e301C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Error: (01/14/2015 08:22:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.0.3.19342135001d0302e78bb5c0c587C:\Program Files (x86)\World of Warcraft\Wow-64.exe
Error: (01/12/2015 05:52:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1760WebCacheLocal: C:\Users\Darren\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)
CodeIntegrity Errors:
===================================
Date: 2014-08-21 14:16:35.456
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-14 22:16:44.577
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-14 21:32:59.145
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-14 19:15:09.854
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-14 18:36:22.304
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-14 18:33:44.668
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Phenom II X6 1090T Processor
Percentage of memory in use: 19%
Total physical RAM: 16345.34 MB
Available physical RAM: 13202.9 MB
Total Pagefile: 31343.53 MB
Available Pagefile: 27974.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:725.81 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4CF687C7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================