Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Disfunctional Computer

Started by martysfish2000 , Feb 11 2015 12:21 AM
Infected

  • Please log in to reply

#1
martysfish2000
Posted 11 February 2015 - 12:21 AM

martysfish2000

    New Member

  • Member
  • Pip
  • 3 posts

Operation of pc is complicated and most often not work.Click  mouse and seldom works.Looking for any answers to what has happened to my computer.! Whatever I try to do on this PC clicking mouse one has no effect.Multiple clicks and if may work as intended .Any any all help preventing me from pulling my hair out in frustration..Thank you for looking into...Marty

 

OTL logfile created on: 2/10/2015 10:18:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MTB\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 21.16% Memory free
7.99 Gb Paging File | 2.91 Gb Available in Paging File | 36.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 893.63 Gb Free Space | 95.94% Space Free | Partition Type: NTFS
Drive D: | 164.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MTB-PC | User Name: MTB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/02/10 22:16:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MTB\Downloads\OTL.exe
PRC - [2015/02/10 21:17:35 | 002,632,336 | ---- | M] (© 2013 Microsoft Corporation) -- C:\Users\MTB\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe
PRC - [2015/02/04 02:02:55 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/01/19 12:06:46 | 000,126,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2015/01/19 12:06:40 | 000,182,520 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2015/01/15 23:41:11 | 002,585,744 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/01/15 23:41:08 | 001,706,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/11/24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/11/24 10:23:21 | 000,702,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/07/02 10:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/05/25 04:25:02 | 006,595,928 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/12/23 14:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/08/04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/08/04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/02/07 01:08:33 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\478dc7fd10cabd3376199e7e857d4b5a\System.ServiceModel.ni.dll
MOD - [2015/02/07 01:08:17 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\88b27ec2125720e652224a1fb387ed23\System.IdentityModel.ni.dll
MOD - [2015/02/07 01:08:11 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\5ee6d68d64d1e33d113d5089cb2fb2d3\System.Xml.Linq.ni.dll
MOD - [2015/02/07 01:07:48 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\232495ea0368dada2d208c51f0e5349c\UIAutomationTypes.ni.dll
MOD - [2015/02/07 01:07:45 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\27e8f505ddb7718933b9c029f6f7a3c4\PresentationFramework-SystemXml.ni.dll
MOD - [2015/02/07 01:07:45 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\fd83da7db20206084d886b7ce3b55ec9\PresentationFramework-SystemData.ni.dll
MOD - [2015/02/07 01:07:45 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\da921af82cd6e90dd073b24caf27ac56\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2015/02/06 18:24:00 | 018,753,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\613fd0f86fc699adfe3184b2e746aa18\PresentationFramework.ni.dll
MOD - [2015/02/06 18:23:52 | 000,218,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\db1c3cbe2929192ad0361f64a25481d5\System.ServiceProcess.ni.dll
MOD - [2015/02/06 18:23:51 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\add15017f88a7eccb8676d7239297d1c\System.Data.ni.dll
MOD - [2015/02/06 18:23:49 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ac38cb30c15eb9e4a54459ee01e9f8e6\System.Windows.Forms.ni.dll
MOD - [2015/02/06 18:23:49 | 011,014,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\eed4ad7c1049e7cf47606479d68ec1de\PresentationCore.ni.dll
MOD - [2015/02/06 18:23:49 | 002,521,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\47023d8fd33b3bd9ab4c3ce84c19d201\System.Data.Linq.ni.dll
MOD - [2015/02/06 18:23:48 | 001,033,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\46eb45905e7c97cf10f74a15879700aa\System.ComponentModel.Composition.ni.dll
MOD - [2015/02/06 18:23:46 | 007,785,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\668bc5e53fd656dc16c9f40ea15e872e\System.Xml.ni.dll
MOD - [2015/02/06 18:23:45 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e0fea191b75897ec38735bfc31b89fe0\System.Core.ni.dll
MOD - [2015/02/06 18:23:44 | 002,804,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\6184c7705ab9c508cde1318f284afa33\System.Runtime.Serialization.ni.dll
MOD - [2015/02/06 18:23:43 | 003,904,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a40acfa4a0c4bb0dbf824ace588583ba\WindowsBase.ni.dll
MOD - [2015/02/06 18:23:43 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ce11900fa489575613dc777c7fbb0d7d\System.Drawing.ni.dll
MOD - [2015/02/06 18:23:43 | 000,788,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7203a9da55580016b826a4cade6c5139\System.ServiceModel.Internals.ni.dll
MOD - [2015/02/06 18:23:43 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\72f5d3ff58e143354c4c48149eba08d9\SMDiagnostics.ni.dll
MOD - [2015/02/06 18:23:42 | 001,873,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f246b71bfd9c1537167b7f6d4f18cd01\System.Xaml.ni.dll
MOD - [2015/02/06 18:23:42 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7ece7799d670cdfc1393b98b0668a046\System.Configuration.ni.dll
MOD - [2015/02/06 18:23:41 | 010,067,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\b75ba99f72f116d8951b0f2bba8c276a\System.ni.dll
MOD - [2015/02/06 18:23:41 | 000,458,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\422aaa813823622198be87739142c44e\PresentationFramework.Aero.ni.dll
MOD - [2015/02/06 18:23:37 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2015/02/06 18:23:37 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\de2a832558f95db343e443c365bd3575\System.Numerics.ni.dll
MOD - [2015/02/04 02:02:53 | 014,965,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
MOD - [2015/02/04 02:02:51 | 009,170,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
MOD - [2015/02/04 02:02:47 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
MOD - [2015/02/04 02:02:45 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2012/05/25 04:25:00 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
MOD - [2009/07/30 18:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015/01/15 23:41:08 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015/01/15 23:41:06 | 021,833,360 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2012/05/31 22:16:34 | 000,349,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009/07/13 18:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 18:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 18:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2009/07/13 18:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 18:39:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2009/07/13 18:39:21 | 000,065,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nfsclnt.exe -- (NfsClnt)
SRV:64bit: - [2009/07/13 18:39:20 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2009/07/13 18:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 18:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/07/13 18:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2015/02/09 11:25:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/02/05 17:55:53 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/01/19 12:06:40 | 000,182,520 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2015/01/15 23:41:08 | 001,706,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/24 10:23:31 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/11/24 10:23:22 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/07/02 10:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/05 08:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2009/12/23 14:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/08/04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/07/13 18:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 18:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 18:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/13 18:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/07/13 18:14:39 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/02/05 19:10:20 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2015/01/15 23:41:06 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/11/24 10:23:23 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014/11/24 10:23:22 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014/11/24 10:23:21 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014/11/22 03:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/09/23 10:56:58 | 000,083,656 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2014/09/23 10:56:58 | 000,043,720 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2014/02/16 09:23:54 | 000,060,640 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2013/07/24 08:02:55 | 000,034,816 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2013/03/04 05:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2012/09/21 12:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/09/21 12:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/09/29 02:30:34 | 000,646,248 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/09 02:41:02 | 001,394,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 17:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2009/07/13 16:35:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psxdrv.sys -- (PsxDrv)
DRV:64bit: - [2009/07/13 16:24:45 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rpcxdr.sys -- (RpcXdr)
DRV:64bit: - [2009/07/13 16:24:23 | 000,262,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\nfsrdr.sys -- (NfsRdr)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/04 09:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/04/27 18:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/04/27 18:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2015/02/08 20:32:25 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2015/02/07 15:17:07 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2015/02/07 14:22:19 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://binkiland.com...r=652130072&ir=
IE:64bit: - HKLM\..\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/custom?clien [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/e...70&ocid=U270DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 30 26 B7 9D 41 D0 01  [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {B4875CC9-0013-417f-A67A-7BA02DDE6901}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{B4875CC9-0013-417f-A67A-7BA02DDE6901}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{BEB9640B-4C6D-4178-A2CE-261A36974EB6}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2015/02/05 16:49:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MTB\AppData\Roaming\Mozilla\Firefox\Profiles\a5TuXOey.default\extensions
[2015/02/05 16:49:52 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\MTB\AppData\Roaming\Mozilla\Firefox\Profiles\a5TuXOey.default\extensions\[email protected]
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.4_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SFAUpdater] C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (Filefacts.net)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKLM..\RunOnce: [GBTUpd] C:\Program Files (x86)\Gigabyte\GBTUpd\PreRun.exe (PreRun)
O4 - HKCU..\RunOnce: [!DefaultSetup] C:\Users\MTB\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe (© 2013 Microsoft Corporation)
O4 - Startup: C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx (Dldrv2 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C162D443-312D-4D2D-9C3A-9D0F8F86D723}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/16 17:01:33 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2006/08/16 16:57:44 | 000,724,992 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2006/08/16 17:00:02 | 000,003,638 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2006/08/16 16:59:46 | 000,000,153 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2006/08/16 17:01:33 | 000,593,920 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O33 - MountPoints2\{742969ba-ad96-11e4-9119-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{742969ba-ad96-11e4-9119-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{c4736cc0-ada7-11e4-b4b2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c4736cc0-ada7-11e4-b4b2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2006/08/16 16:57:44 | 000,724,992 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/10 21:59:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2015/02/10 19:51:41 | 000,000,000 | ---D | C] -- C:\70267f7707ffca11ac
[2015/02/10 19:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2015/02/10 18:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2015/02/10 18:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2015/02/10 18:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015/02/10 18:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015/02/10 18:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2015/02/10 16:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2015/02/10 16:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2015/02/10 15:48:15 | 000,000,000 | ---D | C] -- C:\cd9c602c094e53f854b4215e819a
[2015/02/09 20:00:52 | 000,000,000 | ---D | C] -- C:\Users\MTB\Desktop\2015-02-09 20-00-52
[2015/02/09 19:44:09 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Logitech® Webcam Software
[2015/02/09 19:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2015/02/09 19:39:34 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Leadertech
[2015/02/09 19:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2015/02/09 19:38:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2015/02/09 17:51:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2015/02/09 17:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2015/02/09 17:50:52 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2015/02/09 17:50:50 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015/02/09 17:50:50 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015/02/09 17:50:50 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015/02/09 17:50:50 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015/02/09 17:50:23 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015/02/09 17:50:22 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015/02/09 17:50:22 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015/02/09 17:50:22 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015/02/09 17:50:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015/02/09 17:50:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015/02/09 17:49:45 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015/02/09 17:49:44 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2015/02/09 17:49:42 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015/02/09 17:49:26 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015/02/09 17:49:15 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015/02/09 13:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/02/09 13:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/02/09 13:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015/02/09 13:05:28 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\NVIDIA Corporation
[2015/02/09 11:09:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2015/02/09 11:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2015/02/09 11:06:15 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\GlarySoft
[2015/02/09 11:06:12 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\DiskDefrag
[2015/02/09 11:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 4
[2015/02/09 03:00:53 | 000,000,000 | ---D | C] -- C:\f8b710b6c347e72bb2
[2015/02/08 20:07:45 | 000,000,000 | ---D | C] -- C:\Windows\SUA
[2015/02/08 20:07:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2015/02/08 20:07:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq
[2015/02/08 20:07:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2015/02/08 20:06:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsystem for UNIX-based Applications
[2015/02/08 20:06:42 | 000,000,000 | ---D | C] -- C:\inetpub
[2015/02/08 20:02:53 | 000,000,000 | ---D | C] -- C:\Users\MTB\Desktop\drivers
[2015/02/08 19:49:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2015/02/08 06:14:12 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\7CA05ADA.sys
[2015/02/07 15:13:54 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015/02/07 10:39:52 | 000,646,248 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015/02/07 10:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2015/02/07 10:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2015/02/07 10:17:53 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\NVIDIA
[2015/02/07 10:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2015/02/07 10:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2015/02/07 10:15:12 | 000,075,040 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015/02/07 10:15:12 | 000,061,912 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015/02/07 10:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2015/02/07 10:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2015/02/07 09:45:59 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\driveridentifier
[2015/02/07 08:24:29 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Roxio
[2015/02/07 08:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2015/02/07 08:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2015/02/07 08:12:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2015/02/07 08:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2015/02/07 08:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
[2015/02/07 08:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2015/02/07 08:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2015/02/07 08:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2015/02/07 08:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2015/02/07 07:36:52 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\Tiger Woods PGA TOUR 08
[2015/02/07 07:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2015/02/07 07:35:38 | 000,000,000 | RH-D | C] -- C:\Users\MTB\AppData\Roaming\SecuROM
[2015/02/07 07:35:29 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2015/02/07 07:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015/02/06 23:58:40 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\CrashDumps
[2015/02/06 23:00:44 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\AdobeUM
[2015/02/06 23:00:37 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\My eBooks
[2015/02/06 22:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015/02/06 22:53:54 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Adobe
[2015/02/06 22:29:26 | 000,000,000 | ---D | C] -- C:\Windows\GBD
[2015/02/06 22:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\DriverAssist
[2015/02/06 19:02:32 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\AMD
[2015/02/06 19:01:40 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\ATI
[2015/02/06 19:01:40 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\ATI
[2015/02/06 18:18:18 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2015/02/06 18:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2015/02/06 18:03:05 | 000,000,000 | ---D | C] -- C:\AMD
[2015/02/06 17:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2015/02/06 17:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigabyte
[2015/02/06 17:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigabyte
[2015/02/06 16:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Informer Technologies, Inc
[2015/02/06 15:42:29 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2015/02/06 13:16:36 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Yahoo!
[2015/02/06 03:08:36 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2015/02/06 01:24:43 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\Tiger Woods PGA TOUR 07
[2015/02/06 01:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
[2015/02/06 00:36:44 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\ElevatedDiagnostics
[2015/02/05 22:31:43 | 000,285,208 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2015/02/05 22:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015/02/05 22:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015/02/05 21:24:00 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Diagnostics
[2015/02/05 21:01:26 | 000,000,000 | ---D | C] -- C:\Users\MTB\Documents\Alcohol 120%
[2015/02/05 20:40:02 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2015/02/05 20:38:00 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2015/02/05 20:38:00 | 000,327,680 | ---- | C] (On2.com Inc.) -- C:\Windows\SysWow64\vp6dec.ax
[2015/02/05 20:38:00 | 000,168,960 | ---- | C] (Xceed Software Inc.     1-450-442-2626     [email protected]     www.xceedsoft.com) -- C:\Windows\SysWow64\XCDZIP35.OCX
[2015/02/05 20:38:00 | 000,118,832 | ---- | C] (MicroQuill Software Publishing, Inc.) -- C:\Windows\SysWow64\SHW32.DLL
[2015/02/05 20:20:35 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DeviceVM
[2015/02/05 19:59:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2015/02/05 19:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor
[2015/02/05 19:37:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart File Advisor
[2015/02/05 19:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2015/02/05 19:30:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2015/02/05 19:30:02 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Macromedia
[2015/02/05 19:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports
[2015/02/05 19:10:20 | 000,386,680 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2015/02/05 19:09:26 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Adobe
[2015/02/05 18:53:16 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/05 18:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/02/05 18:52:57 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/02/05 18:52:57 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/02/05 18:52:57 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/02/05 18:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/02/05 18:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/02/05 18:41:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2015/02/05 18:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2015/02/05 18:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2015/02/05 18:34:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2015/02/05 18:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2015/02/05 17:56:33 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\VS Revo Group
[2015/02/05 17:56:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2015/02/05 17:56:27 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2015/02/05 17:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2015/02/05 17:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2015/02/05 17:56:18 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Origin
[2015/02/05 17:56:16 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Origin
[2015/02/05 17:56:15 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Programs
[2015/02/05 17:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2015/02/05 17:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2015/02/05 17:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2015/02/05 17:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2015/02/05 17:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015/02/05 17:50:10 | 000,000,000 | ---D | C] -- C:\Windows\Cache
[2015/02/05 17:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/02/05 17:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/02/05 17:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2015/02/05 17:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2015/02/05 17:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2015/02/05 17:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2015/02/05 17:32:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2015/02/05 17:27:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/02/05 17:25:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2015/02/05 17:24:32 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2015/02/05 17:23:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2015/02/05 17:21:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2015/02/05 17:21:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2015/02/05 17:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2015/02/05 17:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2015/02/05 16:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2015/02/05 16:54:28 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2015/02/05 16:54:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2015/02/05 16:53:14 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Avira
[2015/02/05 16:51:07 | 000,043,064 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2015/02/05 16:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/02/05 16:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015/02/05 16:49:52 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Mozilla
[2015/02/05 16:49:44 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Google
[2015/02/05 16:49:04 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Apps
[2015/02/05 16:49:03 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Deployment
[2015/02/05 16:48:45 | 000,131,608 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2015/02/05 16:48:45 | 000,119,272 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2015/02/05 16:48:45 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2015/02/05 16:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2015/02/05 16:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2015/02/05 16:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2015/02/05 16:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2015/02/05 16:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2015/02/05 16:46:15 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2015/02/05 16:46:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015/02/05 16:45:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2015/02/05 16:39:48 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Microsoft Games
[2015/02/05 16:36:23 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015/02/05 16:36:23 | 000,000,000 | R--D | C] -- C:\Users\MTB\Searches
[2015/02/05 16:36:23 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015/02/05 16:36:22 | 000,000,000 | -H-D | C] -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/02/05 16:36:14 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Identities
[2015/02/05 16:36:12 | 000,000,000 | R--D | C] -- C:\Users\MTB\Contacts
[2015/02/05 16:36:11 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\VirtualStore
[2015/02/05 16:36:05 | 000,000,000 | --SD | C] -- C:\Users\MTB\AppData\Roaming\Microsoft
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Videos
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Saved Games
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Pictures
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Music
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Links
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Favorites
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Downloads
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Documents
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\Desktop
[2015/02/05 16:36:05 | 000,000,000 | R--D | C] -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\AppData\Local\Temporary Internet Files
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Templates
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Start Menu
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\SendTo
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Recent
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\PrintHood
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\NetHood
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Documents\My Videos
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Documents\My Pictures
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Documents\My Music
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\My Documents
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Local Settings
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\AppData\Local\History
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Cookies
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\Application Data
[2015/02/05 16:36:05 | 000,000,000 | -HSD | C] -- C:\Users\MTB\AppData\Local\Application Data
[2015/02/05 16:36:05 | 000,000,000 | -H-D | C] -- C:\Users\MTB\AppData
[2015/02/05 16:36:05 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Temp
[2015/02/05 16:36:05 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Local\Microsoft
[2015/02/05 16:36:05 | 000,000,000 | ---D | C] -- C:\Users\MTB\AppData\Roaming\Media Center Programs
[2015/02/05 16:36:00 | 000,000,000 | -HSD | C] -- C:\Recovery
 
========== Files - Modified Within 30 Days ==========
 
[2015/02/10 22:02:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/10 21:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/10 21:20:03 | 000,214,078 | ---- | M] () -- C:\Users\MTB\Desktop\Reliability Report.XML
[2015/02/10 21:17:00 | 000,016,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/10 21:17:00 | 000,016,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/10 19:15:59 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/10 19:13:55 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/10 19:13:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/10 19:13:21 | 3218,202,624 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/10 18:44:28 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2015/02/10 17:50:51 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2015/02/10 17:50:51 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2015/02/10 16:56:10 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2015/02/10 01:36:08 | 000,000,231 | ---- | M] () -- C:\Users\MTB\Documents\ax_files.xml
[2015/02/09 20:19:42 | 000,901,490 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/09 20:19:42 | 000,747,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/09 20:19:42 | 000,152,650 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/09 19:39:35 | 000,001,108 | ---- | M] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2015/02/09 19:38:39 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2015/02/09 16:34:10 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2015/02/09 16:34:09 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job
[2015/02/08 20:09:22 | 000,852,882 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/02/08 20:06:13 | 000,000,862 | ---- | M] () -- C:\Windows\SysNative\termcap
[2015/02/08 19:56:21 | 000,002,144 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2015/02/08 19:56:21 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2015/02/08 11:11:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015/02/08 06:14:12 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\7CA05ADA.sys
[2015/02/07 15:17:07 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2015/02/07 15:17:07 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2015/02/07 10:36:26 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2015/02/07 08:12:03 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2015/02/07 07:35:29 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2015/02/07 07:26:36 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2015/02/06 01:23:09 | 000,002,246 | ---- | M] () -- C:\Users\Public\Desktop\Tiger Woods PGA TOUR 07.lnk
[2015/02/06 00:44:06 | 000,201,422 | ---- | M] () -- C:\Users\MTB\AppData\Local\census.cache
[2015/02/06 00:42:59 | 000,149,168 | ---- | M] () -- C:\Users\MTB\AppData\Local\ars.cache
[2015/02/05 22:48:14 | 000,000,010 | ---- | M] () -- C:\Users\MTB\AppData\Local\sponge.last.runtime.cache
[2015/02/05 22:31:34 | 000,000,036 | ---- | M] () -- C:\Users\MTB\AppData\Local\housecall.guid.cache
[2015/02/05 19:30:46 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk
[2015/02/05 19:10:24 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/02/05 19:10:20 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2015/02/05 18:52:59 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/05 18:41:18 | 000,001,161 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2015/02/05 18:41:18 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2015/02/05 17:56:28 | 000,001,101 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2015/02/05 17:56:28 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2015/02/05 17:54:02 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2015/02/05 17:42:11 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/02/05 17:29:05 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2015/02/05 17:29:05 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2015/02/05 16:56:49 | 000,002,279 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/02/05 16:55:49 | 000,265,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/02/05 16:49:57 | 000,043,064 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2015/02/05 16:46:18 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2015/02/05 16:44:38 | 000,001,437 | ---- | M] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 
========== Files Created - No Company Name ==========
 
[2015/02/10 21:20:02 | 000,214,078 | ---- | C] () -- C:\Users\MTB\Desktop\Reliability Report.XML
[2015/02/10 18:44:28 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2015/02/10 16:56:10 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2015/02/09 19:39:35 | 000,001,108 | ---- | C] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2015/02/09 19:38:39 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
[2015/02/09 17:50:15 | 001,099,203 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015/02/08 20:07:10 | 000,000,862 | ---- | C] () -- C:\Windows\SysNative\termcap
[2015/02/08 19:49:29 | 000,002,144 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2015/02/08 19:49:29 | 000,002,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2015/02/08 19:49:29 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2015/02/08 12:07:10 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2015/02/08 12:07:10 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2015/02/08 11:11:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015/02/07 14:14:07 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2015/02/07 14:14:07 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2015/02/07 10:39:52 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2015/02/07 10:15:26 | 003,826,628 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2015/02/07 09:44:39 | 000,000,402 | ---- | C] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job
[2015/02/07 08:12:03 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\Roxio Creator Home.lnk
[2015/02/07 07:26:36 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2015/02/07 07:26:35 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2015/02/07 00:14:53 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2015/02/06 18:21:16 | 000,852,882 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/02/06 01:23:09 | 000,002,246 | ---- | C] () -- C:\Users\Public\Desktop\Tiger Woods PGA TOUR 07.lnk
[2015/02/06 00:44:05 | 000,201,422 | ---- | C] () -- C:\Users\MTB\AppData\Local\census.cache
[2015/02/06 00:42:59 | 000,149,168 | ---- | C] () -- C:\Users\MTB\AppData\Local\ars.cache
[2015/02/05 22:48:14 | 000,000,010 | ---- | C] () -- C:\Users\MTB\AppData\Local\sponge.last.runtime.cache
[2015/02/05 22:31:34 | 000,000,036 | ---- | C] () -- C:\Users\MTB\AppData\Local\housecall.guid.cache
[2015/02/05 19:54:48 | 000,000,231 | ---- | C] () -- C:\Users\MTB\Documents\ax_files.xml
[2015/02/05 19:30:46 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Alcohol 120%.lnk
[2015/02/05 18:52:59 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/05 18:41:38 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/05 18:41:18 | 000,001,161 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2015/02/05 18:41:18 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2015/02/05 17:56:28 | 000,001,101 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2015/02/05 17:56:28 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2015/02/05 17:54:02 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2015/02/05 17:42:11 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/02/05 17:28:57 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2015/02/05 17:28:42 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2015/02/05 17:24:31 | 3218,202,624 | -HS- | C] () -- C:\hiberfil.sys
[2015/02/05 17:20:33 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2015/02/05 16:50:56 | 000,002,279 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/02/05 16:50:56 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/02/05 16:49:59 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/05 16:49:57 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/05 16:46:18 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2015/02/05 16:44:38 | 000,001,437 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/02/05 16:36:28 | 000,001,409 | ---- | C] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2015/02/05 16:36:25 | 000,001,443 | ---- | C] () -- C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015/02/05 16:36:05 | 000,000,290 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2015/02/05 16:36:05 | 000,000,272 | ---- | C] () -- C:\Users\MTB\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 18:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 18:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 18:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2015/02/09 11:06:12 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\DiskDefrag
[2015/02/07 09:46:17 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\driveridentifier
[2015/02/10 14:23:50 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\GlarySoft
[2015/02/09 19:39:34 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\Leadertech
[2015/02/05 18:04:33 | 000,000,000 | ---D | M] -- C:\Users\MTB\AppData\Roaming\Origin
 
========== Purity Check ==========
 
 
 
< End of report >

Attached Files

  • Attached File  OTL.Txt   137.64KB   231 downloads

  • 0

Advertisements

#2
RKinner
Posted 12 February 2015 - 07:05 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
    •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
    •  
     
     

    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
     

    • 0

    #3
    martysfish2000
    Posted 14 February 2015 - 07:28 AM

    martysfish2000

      New Member

    • Topic Starter
    • Member
    • Pip
    • 3 posts
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.2 (02.02.2015:1)
    OS: Windows 7 Ultimate x64
    Ran by MTB on Sat 02/14/2015 at  5:36:18.32
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
     
     
    ~~~ Registry Keys
     
     
     
    ~~~ Files
     
    Successfully deleted: [File] C:\Windows\Tasks\DriverNavigator Scheduled Scan.job
    Successfully deleted: [File] "C:\Windows\wininit.ini"
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Folder] "C:\ProgramData\pc1data"
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 02/14/2015 at  5:39:42.66
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
    Ran by MTB (administrator) on MTB-PC on 14-02-2015 05:51:28
    Running from C:\Users\MTB\Desktop
    Loaded Profiles: MTB (Available profiles: MTB & Classic .NET AppPool)
    Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
    Internet Explorer Version 8 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Microsoft Corporation) C:\Windows\System32\psxss.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    (Microsoft Corporation) C:\Windows\System32\CISVC.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
    (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
    (Microsoft Corporation) C:\Windows\System32\snmp.exe
    (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    (Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
    () C:\Program Files (x86)\Automatic USB Backup\AutomaticUSBBackupDriver.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    (Filefacts.net) C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
    (Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774552 1999-12-31] (Realtek Semiconductor)
    HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2015-02-04] (Filefacts.net)
    HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655984 2015-02-04] (Filefacts.net)
    HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-09-11] (Macrovision Corporation)
    HKLM-x32\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
    HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
    HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-19] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\RunOnce: [GBTUpd] => C:\Program Files (x86)\Gigabyte\GBTUpd\PreRun.exe [297480 2008-04-03] (PreRun)
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\...\MountPoints2: {742969ba-ad96-11e4-9119-806e6f6e6963} - D:\Run.exe
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\...\MountPoints2: {75335856-aee5-11e4-9489-806e6f6e6963} - D:\Autorun.exe
    HKU\S-1-5-18\...\RunOnce: [AOD] => C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe AutoTune
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-02-13] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Autorun Utility.lnk
    ShortcutTarget: USB Autorun Utility.lnk -> C:\Program Files (x86)\Automatic USB Backup\AutomaticUSBBackupDriver.exe ()
    BootExecute: autocheck autochk * 狴矆
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/e...70&ocid=U270DHP
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.co...RID:1&hl=en&q=
    URLSearchHook: HKU\S-1-5-21-1779603141-557174507-836119912-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-1779603141-557174507-836119912-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.co...q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1779603141-557174507-836119912-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
    SearchScopes: HKU\S-1-5-21-1779603141-557174507-836119912-1000 -> {B4875CC9-0013-417f-A67A-7BA02DDE6901} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-1779603141-557174507-836119912-1000 -> {BEB9640B-4C6D-4178-A2CE-261A36974EB6} URL = https://www.google.c...q={searchTerms}
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
    DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\MTB\AppData\Roaming\Mozilla\Firefox\Profiles\a5TuXOey.default
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: Avira Browser Safety - C:\Users\MTB\AppData\Roaming\Mozilla\Firefox\Profiles\a5TuXOey.default\Extensions\[email protected] [2015-02-05]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://binkiland.com/?f=1&a=bnk_ir_15_06&cd=2XzuyEtN2Y1L1QzuyC0C0FtDyEzytDyDyCyE0ByEyCtDtDtCtN0D0Tzu0StCtCtAtCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyEyBtC0B0A0A0DtG0CyB0D0CtGzztByEyDtG0C0FyE0DtGtA0A0FtAtAzzyDyE0E0C0D0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByEyEyByE0D0C0DtG0BzytC0CtGyEtD0EyCtG0B0FtDtBtGtCtByE0FyBtA0AtB0F0CtAtD2Q&cr=652130072&ir=
    CHR StartupUrls: Default -> "hxxp://www.msn.com/", "hxxp://www.googlesearch.com.my/"
    CHR DefaultSearchKeyword: Default -> google
    CHR DefaultSuggestURL: Default -> 
    CHR Profile: C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
    CHR Extension: (Google Docs) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
    CHR Extension: (Google Drive) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-05]
    CHR Extension: (TV) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-02-14]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-05]
    CHR Extension: (YouTube) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-05]
    CHR Extension: (Google Search) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-05]
    CHR Extension: (SafeSearch) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofpbgmibkabhhihnomcmmijlkhaeilm [2015-02-13]
    CHR Extension: (Google Sheets) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
    CHR Extension: (Avira Browser Safety) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-05]
    CHR Extension: (Elite Unzip) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogkcceegdcidimjaaembojgcnobnddk [2015-02-12]
    CHR Extension: (Avira SafeSearch) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2015-02-11]
    CHR Extension: (Google Wallet) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-05]
    CHR Extension: (Gmail) - C:\Users\MTB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-05]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-19] (Advanced Micro Devices, Inc.) [File not signed]
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
    S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
    S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
    R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [349184 2012-05-31] (Microsoft Corporation)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-15] (NVIDIA Corporation)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15360 2009-07-13] (Microsoft Corporation)
    U2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
    R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
    R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2009-07-13] (Microsoft Corporation)
    R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65024 2009-07-13] (Microsoft Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-15] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-15] (NVIDIA Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-05] (Electronic Arts)
    R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
    R2 SNMP; C:\Windows\System32\snmp.exe [49664 2009-07-13] (Microsoft Corporation)
    R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2009-07-13] (Microsoft Corporation)
    R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
    S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
    R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-13] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
    S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
    S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-02-07] ()
    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-02-14] ()
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
    R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [262656 2009-07-13] (Microsoft Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-15] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)
    R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104448 2009-07-13] (Microsoft Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-02-05] (Duplex Secure Ltd.)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [158024 2013-12-25] (MCCI Corporation)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2015-02-14] ()
    U3 azceuq04; C:\Windows\System32\Drivers\azceuq04.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
    S3 AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-14 05:48 - 2015-02-14 05:51 - 00020529 _____ () C:\Users\MTB\Desktop\FRST.txt
    2015-02-14 05:47 - 2015-02-14 05:51 - 00000000 ____D () C:\FRST
    2015-02-14 05:46 - 2015-02-14 05:45 - 02134528 _____ (Farbar) C:\Users\MTB\Desktop\FRST64.exe
    2015-02-14 05:45 - 2015-02-14 05:45 - 02134528 _____ (Farbar) C:\Users\MTB\Downloads\FRST64.exe
    2015-02-14 05:39 - 2015-02-14 05:39 - 00000825 _____ () C:\Users\MTB\Desktop\JRT.txt
    2015-02-14 05:32 - 2015-02-14 05:32 - 01388274 _____ (Thisisu) C:\Users\MTB\Downloads\JRT.exe
    2015-02-14 05:27 - 2015-02-14 05:28 - 00000168 _____ () C:\Windows\setupact.log
    2015-02-14 05:27 - 2015-02-14 05:27 - 00001110 _____ () C:\Windows\PFRO.log
    2015-02-14 05:27 - 2015-02-14 05:27 - 00000000 _____ () C:\Windows\setuperr.log
    2015-02-14 05:24 - 2015-02-14 05:24 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\MTB\Downloads\procexp.exe
    2015-02-14 05:17 - 2015-02-14 05:15 - 00415232 _____ (Farbar) C:\Users\MTB\Desktop\FSS.exe
    2015-02-14 05:15 - 2015-02-14 05:15 - 00415232 _____ (Farbar) C:\Users\MTB\Downloads\FSS.exe
    2015-02-14 05:13 - 2015-02-14 05:14 - 01388274 _____ (Thisisu) C:\Users\MTB\Desktop\JRT.exe
    2015-02-14 05:09 - 2015-02-14 05:25 - 00000000 ____D () C:\AdwCleaner
    2015-02-14 05:08 - 2015-02-14 05:08 - 02112512 _____ () C:\Users\MTB\Downloads\AdwCleaner.exe
    2015-02-14 04:21 - 2015-02-14 05:27 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
    2015-02-14 04:20 - 2015-02-14 04:20 - 01014232 _____ (SlimWare Utilities, Inc.) C:\Users\MTB\Downloads\SlimCleanerPlus-setup.exe
    2015-02-14 04:12 - 2015-02-14 04:12 - 05500712 _____ (PC Cleaners) C:\ProgramData\pclunst.exe
    2015-02-14 04:11 - 2015-02-14 04:12 - 05500712 _____ (PC Cleaners) C:\Users\MTB\Downloads\app3_Install_eng.exe
    2015-02-14 02:02 - 2015-02-14 02:02 - 00002299 _____ () C:\Users\MTB\Desktop\Chrome App Launcher.lnk
    2015-02-14 02:02 - 2015-02-14 02:02 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-02-14 01:48 - 2015-02-14 01:48 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
    2015-02-14 01:42 - 2015-02-14 01:42 - 00001926 _____ () C:\Windows\system32\.crusader
    2015-02-14 01:39 - 2015-02-14 01:39 - 00000460 _____ () C:\Windows\Tasks\SlimDrivers Scan.job
    2015-02-14 01:36 - 2015-02-14 01:36 - 00000000 ____D () C:\Program Files\HitmanPro
    2015-02-14 01:34 - 2015-02-14 01:35 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\MTB\Downloads\autodetectutility.exe
    2015-02-13 17:12 - 2015-02-13 17:13 - 00000000 ____D () C:\Users\MTB\Desktop\USB
    2015-02-13 17:10 - 2015-02-13 17:26 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\AutomaticUSBBackup
    2015-02-13 17:10 - 2015-02-13 17:10 - 00002059 _____ () C:\Users\Public\Desktop\Backup all connected drives.lnk
    2015-02-13 17:10 - 2015-02-13 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Automatic USB Backup
    2015-02-13 17:10 - 2015-02-13 17:10 - 00000000 ____D () C:\Program Files (x86)\Automatic USB Backup
    2015-02-13 17:09 - 2015-02-13 17:10 - 02615402 _____ (Neitsoft, Inc.) C:\Users\MTB\Downloads\AutomaticUSBBackup.exe
    2015-02-13 16:13 - 2015-02-13 16:13 - 00000000 ____D () C:\Windows\system32\SPReview
    2015-02-13 15:40 - 2015-02-14 01:43 - 00000000 ____D () C:\ProgramData\HitmanPro
    2015-02-13 15:39 - 2015-02-13 15:40 - 11227888 _____ (SurfRight B.V.) C:\Users\MTB\Downloads\HitmanPro_x64.exe
    2015-02-13 15:28 - 2015-02-13 15:46 - 00000000 ____D () C:\Users\MTB\AppData\Local\LogMeIn Rescue Applet
    2015-02-13 15:03 - 2015-02-13 15:03 - 00003288 ____N () C:\bootsqm.dat
    2015-02-13 14:39 - 2015-02-13 14:43 - 242743296 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\dotnetfx35.exe
    2015-02-13 13:44 - 2015-02-13 13:44 - 00347816 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\MicrosoftFixit.wu.LB.1347279989137060.1.1.Run.exe
    2015-02-13 13:28 - 2015-02-13 13:28 - 00000000 ____D () C:\MGADiagToolOutput
    2015-02-13 13:26 - 2015-02-13 13:26 - 00002626 _____ () C:\Users\MTB\Downloads\legitcheck.hta
    2015-02-13 11:43 - 2015-02-13 11:43 - 02031992 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\MGADiag.exe
    2015-02-13 11:43 - 2015-02-13 11:43 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
    2015-02-13 02:22 - 2015-02-13 02:22 - 00000000 ____D () C:\92ab4f35b3eb347c51faaf
    2015-02-13 00:36 - 2015-02-13 00:30 - 00002760 _____ () C:\Users\MTB\ipconfig.all.txt
    2015-02-13 00:36 - 2015-02-13 00:30 - 00002760 _____ () C:\Users\MTB\Desktop\ipconfig.all.txt
    2015-02-12 23:49 - 2015-02-12 23:49 - 00347816 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\MicrosoftFixit.wu.Run.exe
    2015-02-12 23:44 - 2015-02-12 23:44 - 01178272 _____ (Magical Jelly Bean ) C:\Users\MTB\Downloads\KeyFinderInstaller.exe
    2015-02-12 21:57 - 2015-02-12 21:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
    2015-02-12 21:57 - 2015-02-12 21:57 - 00000000 ____D () C:\Program Files\Realtek
    2015-02-12 21:56 - 1999-12-31 17:00 - 04290520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2015-02-12 21:56 - 1999-12-31 17:00 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 02823024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2015-02-12 21:56 - 1999-12-31 17:00 - 01485163 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
    2015-02-12 21:56 - 1999-12-31 17:00 - 01289944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00960728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
    2015-02-12 21:56 - 1999-12-31 17:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
    2015-02-12 21:55 - 1999-12-31 17:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
    2015-02-12 21:55 - 1999-12-31 17:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
    2015-02-12 21:55 - 1999-12-31 17:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
    2015-02-12 21:22 - 2009-07-13 18:15 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Difxf1ec.rra
    2015-02-12 21:18 - 2015-02-12 21:18 - 00000000 ____D () C:\Users\MTB\Downloads\1ff24812577e0198d08993c95f83bc83
    2015-02-12 21:16 - 2015-02-12 21:16 - 02216331 _____ () C:\Users\MTB\Downloads\1ff24812577e0198d08993c95f83bc83.zip
    2015-02-12 20:27 - 2015-02-12 20:27 - 00061704 _____ () C:\Windows\SysWOW64\CCCInstall_201502122027468041.log
    2015-02-12 20:27 - 2015-02-12 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
    2015-02-12 20:27 - 1999-12-31 17:00 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
    2015-02-12 20:26 - 2015-02-12 20:26 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
    2015-02-12 20:24 - 2015-02-12 20:27 - 00000000 ____D () C:\Program Files\ATI Technologies
    2015-02-12 20:20 - 2015-02-12 20:20 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
    2015-02-12 20:19 - 2015-02-14 01:38 - 00013920 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
    2015-02-12 20:19 - 2015-02-12 20:19 - 00002467 _____ () C:\Users\Public\Desktop\SlimDrivers.lnk
    2015-02-12 20:18 - 2015-02-12 20:18 - 00928072 _____ (SlimWare Utilities, Inc.) C:\Users\MTB\Downloads\SlimDrivers-setup.exe
    2015-02-12 19:40 - 2015-02-12 19:45 - 564744309 _____ () C:\Users\MTB\Downloads\Windows6.1-KB947821-v34-x64.msu
    2015-02-12 18:25 - 2015-02-12 18:25 - 00031200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0.bak
    2015-02-12 18:25 - 2015-02-12 18:25 - 00031200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0.bak
    2015-02-12 18:25 - 2015-02-12 18:25 - 00000552 _____ () C:\Windows\system32\spsys.log
    2015-02-12 16:54 - 2015-02-12 16:54 - 00003004 _____ () C:\Windows\System32\Tasks\{B98FAD60-4FB5-4FF9-8802-6926EA0765E5}
    2015-02-12 16:54 - 2015-02-12 16:54 - 00003004 _____ () C:\Windows\System32\Tasks\{596F346A-7620-4E66-AA02-4391952890F6}
    2015-02-12 16:53 - 2015-02-12 16:53 - 00003004 _____ () C:\Windows\System32\Tasks\{90EDC952-A378-439C-840B-074798A1ED83}
    2015-02-12 16:52 - 2015-02-12 16:52 - 00003000 _____ () C:\Windows\System32\Tasks\{D6A013E7-692E-4455-8D70-70F571E406AC}
    2015-02-12 16:52 - 2015-02-12 16:52 - 00003000 _____ () C:\Windows\System32\Tasks\{802242B8-751D-4B8F-99D8-A7A98ECD435C}
    2015-02-12 16:51 - 2015-02-12 16:51 - 00003000 _____ () C:\Windows\System32\Tasks\{FA057727-D3E0-4545-852F-C56C8ED089C1}
    2015-02-12 16:51 - 2015-02-12 16:51 - 00003000 _____ () C:\Windows\System32\Tasks\{0AB6EFA4-3C34-49DD-98AA-B2B9F944B4C6}
    2015-02-12 16:49 - 2015-02-12 16:49 - 00003000 _____ () C:\Windows\System32\Tasks\{BB8186E3-5B0C-439C-8016-F48F10A60267}
    2015-02-12 16:34 - 2015-02-14 05:30 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
    2015-02-12 15:22 - 2015-02-12 15:22 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
    2015-02-12 15:22 - 2015-02-12 15:22 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
    2015-02-12 15:22 - 2015-02-12 15:22 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
    2015-02-12 15:22 - 2015-02-12 15:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
    2015-02-12 15:22 - 2015-02-12 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
    2015-02-12 15:21 - 2012-07-25 21:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
    2015-02-12 15:21 - 2012-07-25 21:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
    2015-02-12 15:21 - 2012-07-25 19:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
    2015-02-12 15:21 - 2012-06-02 07:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    2015-02-12 15:20 - 2015-02-12 15:20 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
    2015-02-12 06:23 - 2015-02-12 06:23 - 00000000 ____D () C:\6f9b4b038d7a784a0261f2cb4b68152f
    2015-02-12 06:22 - 2010-01-19 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
    2015-02-12 06:22 - 2010-01-19 02:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
    2015-02-12 06:22 - 2010-01-19 02:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
    2015-02-12 06:22 - 2010-01-19 02:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
    2015-02-12 06:22 - 2010-01-19 02:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
    2015-02-12 06:22 - 2010-01-19 02:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
    2015-02-12 06:22 - 2010-01-19 02:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
    2015-02-12 06:22 - 2010-01-19 02:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
    2015-02-12 06:22 - 2010-01-18 16:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
    2015-02-12 06:22 - 2010-01-18 16:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
    2015-02-12 06:22 - 2010-01-18 16:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
    2015-02-12 06:22 - 2010-01-18 16:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
    2015-02-12 06:22 - 2010-01-18 16:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
    2015-02-12 06:22 - 2010-01-18 16:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
    2015-02-12 06:22 - 2010-01-18 16:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
    2015-02-12 06:22 - 2010-01-18 16:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
    2015-02-12 06:16 - 2015-02-12 06:38 - 00000362 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - MTB).job
    2015-02-12 06:16 - 2015-02-12 06:16 - 00003016 _____ () C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - MTB)
    2015-02-12 06:10 - 2015-02-12 06:11 - 00895600 _____ (SlimWare Utilities, Inc.) C:\Users\MTB\Downloads\DriverUpdate-setup.exe
    2015-02-12 06:00 - 2015-02-12 05:59 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-02-12 05:59 - 2015-02-12 05:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-02-12 05:59 - 2015-02-12 05:59 - 00000000 ____D () C:\Program Files (x86)\Java
    2015-02-12 05:44 - 2013-12-25 22:41 - 00188232 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdm.sys
    2015-02-12 05:44 - 2013-12-25 22:41 - 00169288 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdbus.sys
    2015-02-12 05:44 - 2013-12-25 22:41 - 00158024 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdserd.sys
    2015-02-12 05:44 - 2013-12-25 22:41 - 00021320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdfl.sys
    2015-02-12 05:44 - 2013-12-25 22:41 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwhnt.sys
    2015-02-12 05:44 - 2013-12-25 22:41 - 00017736 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwh.sys
    2015-02-12 05:44 - 2013-12-25 22:41 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcmnt.sys
    2015-02-12 05:44 - 2013-12-25 22:41 - 00017224 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcm.sys
    2015-02-12 05:26 - 2015-02-12 05:44 - 00000000 ____D () C:\Program Files\SAMSUNG
    2015-02-12 05:25 - 2015-02-12 05:25 - 00000000 ____D () C:\ProgramData\Samsung
    2015-02-12 05:01 - 2015-02-12 05:01 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
    2015-02-12 05:00 - 2015-02-14 04:21 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
    2015-02-12 05:00 - 2015-02-14 04:21 - 00000000 ____D () C:\Users\MTB\AppData\Local\SlimWare Utilities Inc
    2015-02-12 04:30 - 2015-02-12 04:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    2015-02-11 22:29 - 2015-02-11 22:29 - 55151725 _____ (Igor Pavlov) C:\Users\MTB\Downloads\motherboard_utility_gbttools_gbt_et6_v1.7.exe
    2015-02-11 22:13 - 2015-02-11 22:14 - 06063409 _____ () C:\Users\MTB\Downloads\mb_utility_game-controller.zip
    2015-02-11 22:12 - 2015-02-11 22:12 - 04143028 _____ (Igor Pavlov) C:\Users\MTB\Downloads\mb_utility_lan-optimizer_realtek.exe
    2015-02-11 21:57 - 2015-02-11 21:57 - 03937559 _____ () C:\Users\MTB\Downloads\mb_utility_oc-button.zip
    2015-02-11 21:31 - 2015-02-11 21:31 - 00007732 _____ () C:\Users\MTB\Downloads\EthoStream.html
    2015-02-11 21:31 - 2015-02-11 21:31 - 00000000 ____D () C:\Users\MTB\Downloads\EthoStream_files
    2015-02-11 21:03 - 2015-02-11 21:03 - 00003000 _____ () C:\Windows\System32\Tasks\{EF079B77-0153-4DE4-AFBC-06935EF02F51}
    2015-02-11 21:02 - 2015-02-11 21:02 - 00003000 _____ () C:\Windows\System32\Tasks\{77033619-3F2A-47D1-8EAE-FFCF4B160E46}
    2015-02-11 20:58 - 2015-02-11 20:58 - 00003000 _____ () C:\Windows\System32\Tasks\{12277236-97E4-4368-9BF5-DF8D9F909681}
    2015-02-11 14:23 - 2015-02-11 14:23 - 00000000 ____D () C:\ProgramData\Kingsoft
    2015-02-11 14:21 - 2015-02-11 14:40 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\kingsoft
    2015-02-11 14:21 - 2015-02-11 14:40 - 00000000 ____D () C:\Users\MTB\AppData\Local\kingsoft
    2015-02-11 14:19 - 2015-02-14 05:25 - 00000000 ____D () C:\Windows\system32\log
    2015-02-11 00:32 - 2015-02-11 00:32 - 00022776 _____ () C:\Users\MTB\Desktop\Addition.txt
    2015-02-11 00:31 - 2015-02-11 00:31 - 00022776 _____ () C:\Users\MTB\Downloads\Addition.txt
    2015-02-10 21:36 - 2015-02-10 21:36 - 03086960 _____ () C:\Users\MTB\Downloads\Windows6.0-KB942288-v2-x64.msu
    2015-02-10 21:20 - 2015-02-10 21:20 - 00214078 _____ () C:\Users\MTB\Desktop\Reliability Report.XML
    2015-02-10 21:17 - 2015-02-10 21:17 - 02238600 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\DefaultPack.EXE
    2015-02-10 20:58 - 2015-02-10 20:59 - 39739064 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\Windows-KB890830-x64-V5.21.exe
    2015-02-10 20:39 - 2015-02-10 20:40 - 00347816 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\MicrosoftFixit.IEAddon.Run.exe
    2015-02-10 19:51 - 2015-02-10 19:52 - 00000000 ____D () C:\70267f7707ffca11ac
    2015-02-10 19:51 - 2015-02-10 19:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
    2015-02-10 18:44 - 2015-02-10 18:44 - 00001250 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
    2015-02-10 18:42 - 2015-02-10 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
    2015-02-10 18:42 - 2015-02-10 18:42 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
    2015-02-10 18:40 - 2015-02-10 18:40 - 01640984 _____ () C:\Users\MTB\Downloads\SetupVCD5470.exe
    2015-02-10 18:21 - 2015-02-10 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-02-10 18:20 - 2015-02-10 18:20 - 13087456 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\Silverlight_x64.exe
    2015-02-10 18:20 - 2015-02-10 18:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-02-10 18:20 - 2015-02-10 18:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2015-02-10 17:57 - 2015-02-10 17:57 - 00058368 _____ () C:\Users\MTB\Downloads\isxunpack.exe
    2015-02-10 16:54 - 2015-02-10 16:55 - 05135288 _____ (Piriform Ltd) C:\Users\MTB\Downloads\spsetup128.exe
    2015-02-10 15:48 - 2015-02-10 15:49 - 00000000 ____D () C:\cd9c602c094e53f854b4215e819a
    2015-02-10 14:03 - 2015-02-03 20:04 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-02-10 14:03 - 2015-02-03 20:03 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-02-10 14:03 - 2015-02-03 20:03 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-02-10 14:03 - 2015-02-03 20:03 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-02-10 14:03 - 2015-02-03 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-02-10 14:03 - 2015-02-03 20:01 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-02-10 14:03 - 2015-01-27 16:23 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2015-02-10 02:51 - 2015-02-10 02:49 - 00000108 _____ () C:\Users\Public\Documents\Examples of....txt  Examples of
    2015-02-09 20:00 - 2015-02-09 20:01 - 00000000 ____D () C:\Users\MTB\Desktop\2015-02-09 20-00-52
    2015-02-09 19:44 - 2015-02-09 19:44 - 00000000 ____D () C:\Users\MTB\AppData\Local\Logitech® Webcam Software
    2015-02-09 19:39 - 2015-02-09 19:39 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Leadertech
    2015-02-09 19:39 - 2015-02-09 19:39 - 00000000 ____D () C:\ProgramData\LogiShrd
    2015-02-09 19:38 - 2015-02-09 19:39 - 00000000 ____D () C:\Program Files (x86)\Logitech
    2015-02-09 19:38 - 2015-02-09 19:38 - 00001624 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
    2015-02-09 19:38 - 2015-02-09 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2015-02-09 19:36 - 2015-02-09 19:37 - 74637872 _____ (Logitech, Inc.) C:\Users\MTB\Downloads\lws251.exe
    2015-02-09 16:28 - 2015-02-09 16:29 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\MTB\Downloads\realtek_high_definition_audio_6.0.1.7246.exe
    2015-02-09 13:05 - 2015-02-09 16:39 - 00000000 ____D () C:\Users\MTB\AppData\Local\NVIDIA Corporation
    2015-02-09 13:04 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2015-02-09 13:04 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2015-02-09 13:04 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2015-02-09 13:04 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2015-02-09 13:04 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2015-02-09 13:04 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2015-02-09 13:03 - 2015-01-15 23:40 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2015-02-09 13:03 - 2015-01-15 23:40 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2015-02-09 13:03 - 2015-01-15 23:39 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2015-02-09 13:03 - 2015-01-15 23:39 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2015-02-09 13:03 - 2014-11-22 03:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2015-02-09 13:03 - 2014-11-22 03:46 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
    2015-02-09 13:03 - 2014-11-22 03:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2015-02-09 13:01 - 2015-02-09 13:02 - 34603752 _____ (NVIDIA Corporation) C:\Users\MTB\Downloads\GeForce_Experience_v2.2.2.0.exe
    2015-02-09 11:09 - 2015-02-09 11:09 - 17541296 _____ (Adobe Systems Incorporated) C:\Users\MTB\Downloads\Adobe_Flash_Player_(IE)_v16.0.0.296.exe
    2015-02-09 11:09 - 2015-02-09 11:09 - 00000000 ____D () C:\Windows\system32\Macromed
    2015-02-09 11:08 - 2015-02-10 14:23 - 00000000 ____D () C:\ProgramData\GlarySoft
    2015-02-09 11:06 - 2015-02-10 14:23 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\GlarySoft
    2015-02-09 11:06 - 2015-02-09 11:08 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
    2015-02-09 11:06 - 2015-02-09 11:06 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\DiskDefrag
    2015-02-09 06:54 - 2015-02-09 06:54 - 00057735 _____ () C:\Windows\SysWOW64\CCCInstall_201502090654026955.log
    2015-02-09 03:00 - 2015-02-09 03:01 - 00000000 ____D () C:\f8b710b6c347e72bb2
    2015-02-09 00:54 - 2012-05-31 22:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
    2015-02-09 00:54 - 2012-05-31 22:16 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
    2015-02-09 00:54 - 2012-05-31 22:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
    2015-02-09 00:54 - 2012-05-31 22:15 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
    2015-02-09 00:54 - 2012-05-31 22:15 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
    2015-02-09 00:54 - 2012-05-31 22:14 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
    2015-02-09 00:54 - 2012-05-31 21:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
    2015-02-09 00:54 - 2012-05-31 21:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
    2015-02-09 00:54 - 2012-05-31 21:44 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
    2015-02-09 00:54 - 2012-05-31 21:43 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
    2015-02-09 00:54 - 2012-05-31 21:43 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
    2015-02-09 00:54 - 2012-05-31 21:42 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
    2015-02-08 20:15 - 2009-05-04 09:30 - 00016440 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie.sys
    2015-02-08 20:09 - 2015-02-13 00:50 - 00000000 ____D () C:\Users\Classic .NET AppPool
    2015-02-08 20:09 - 2015-02-08 20:09 - 00000020 ___SH () C:\Users\Classic .NET AppPool\ntuser.ini
    2015-02-08 20:09 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-02-08 20:09 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-02-08 20:07 - 2015-02-08 20:07 - 00000000 ____D () C:\Windows\SysWOW64\BestPractices
    2015-02-08 20:07 - 2015-02-08 20:07 - 00000000 ____D () C:\Windows\system32\msmq
    2015-02-08 20:07 - 2015-02-08 20:07 - 00000000 ____D () C:\Windows\system32\BestPractices
    2015-02-08 20:07 - 2015-02-08 20:07 - 00000000 ____D () C:\Windows\SUA
    2015-02-08 20:07 - 2015-02-08 20:06 - 00000862 _____ () C:\Windows\system32\termcap
    2015-02-08 20:06 - 2015-02-08 20:09 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsystem for UNIX-based Applications
    2015-02-08 20:06 - 2015-02-08 20:06 - 00000000 ____D () C:\inetpub
    2015-02-08 19:49 - 2015-02-08 19:56 - 00002132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
    2015-02-08 19:49 - 2015-02-08 19:56 - 00002120 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
    2015-02-08 19:49 - 2015-02-08 19:49 - 00000000 ____D () C:\Program Files (x86)\Belarc
    2015-02-08 19:28 - 2015-02-12 17:00 - 00004278 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CCEE87A4-A772-4139-A0A9-AFADBE81D0A6}
    2015-02-08 12:07 - 2015-02-10 17:50 - 00001908 _____ () C:\Windows\diagwrn.xml
    2015-02-08 12:07 - 2015-02-10 17:50 - 00001908 _____ () C:\Windows\diagerr.xml
    2015-02-08 11:21 - 2015-02-08 11:21 - 00985600 _____ () C:\Users\MTB\Downloads\MicrosoftFixit50123.msi
    2015-02-08 11:11 - 2015-02-08 11:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2015-02-08 06:14 - 2015-02-08 06:14 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7CA05ADA.sys
    2015-02-07 15:13 - 2015-02-12 01:16 - 00000000 ____D () C:\Windows\Minidump
    2015-02-07 14:22 - 2015-02-07 14:22 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\etdrv.sys
    2015-02-07 14:14 - 2015-02-07 15:17 - 00030528 _____ () C:\Windows\GVTDrv64.sys
    2015-02-07 14:14 - 2015-02-07 15:17 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
    2015-02-07 14:11 - 2015-02-08 20:32 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
    2015-02-07 10:39 - 2011-09-29 02:30 - 00646248 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2015-02-07 10:39 - 2011-09-29 02:30 - 00074272 _____ () C:\Windows\system32\RtNicProp64.dll
    2015-02-07 10:37 - 2015-02-07 10:37 - 00000000 ____D () C:\Program Files\GIGABYTE
    2015-02-07 10:20 - 2015-02-09 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-02-07 10:17 - 2015-02-09 13:06 - 00000000 ____D () C:\Users\MTB\AppData\Local\NVIDIA
    2015-02-07 10:15 - 2015-02-14 05:27 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-02-07 10:15 - 2015-02-09 13:03 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2015-02-07 10:15 - 2014-08-19 22:15 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2015-02-07 10:15 - 2014-08-19 22:15 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2015-02-07 10:15 - 2014-07-02 11:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2015-02-07 10:15 - 2014-07-02 11:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2015-02-07 10:15 - 2014-07-02 11:55 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2015-02-07 10:15 - 2014-07-02 11:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2015-02-07 10:15 - 2014-07-02 11:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2015-02-07 10:15 - 2014-07-02 11:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2015-02-07 10:15 - 2014-07-02 10:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
    2015-02-07 10:15 - 2014-07-02 03:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
    2015-02-07 10:14 - 2015-02-09 13:05 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2015-02-07 10:14 - 2015-02-09 13:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2015-02-07 09:45 - 2015-02-07 09:46 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\driveridentifier
    2015-02-07 09:44 - 2015-02-09 15:49 - 00003804 _____ () C:\Windows\System32\Tasks\DriverEasy Scheduled Scan
    2015-02-07 08:22 - 2015-02-07 08:22 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2015-02-07 08:12 - 2015-02-11 01:08 - 00000000 ____D () C:\ProgramData\Uninstall
    2015-02-07 08:12 - 2015-02-07 08:12 - 00000000 ____D () C:\ProgramData\Sonic
    2015-02-07 07:36 - 2015-02-07 07:39 - 00000000 ____D () C:\Users\MTB\Documents\Tiger Woods PGA TOUR 08
    2015-02-07 07:36 - 2015-02-07 07:36 - 00000000 ____D () C:\ProgramData\EA Core
    2015-02-07 07:35 - 2015-02-07 07:35 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
    2015-02-07 07:35 - 2015-02-07 07:35 - 00000000 __RHD () C:\Users\MTB\AppData\Roaming\SecuROM
    2015-02-07 07:26 - 2015-02-07 07:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-02-07 07:26 - 2015-02-07 07:26 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
    2015-02-07 07:26 - 2015-02-07 07:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2015-02-07 00:14 - 2015-02-09 15:49 - 00003834 _____ () C:\Windows\System32\Tasks\DriverNavigator Scheduled Scan
    2015-02-06 23:58 - 2015-02-13 11:33 - 00000000 ____D () C:\Users\MTB\AppData\Local\CrashDumps
    2015-02-06 23:50 - 2015-02-06 23:50 - 00003254 _____ () C:\Windows\System32\Tasks\{4DE1EC74-F5A7-47F9-A6C9-BF75F729556B}
    2015-02-06 23:00 - 2015-02-06 23:00 - 00000000 ____D () C:\Users\MTB\Documents\My eBooks
    2015-02-06 23:00 - 2015-02-06 23:00 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\AdobeUM
    2015-02-06 22:53 - 2015-02-07 07:30 - 00000000 ____D () C:\Users\MTB\AppData\Local\Adobe
    2015-02-06 22:29 - 2015-02-07 10:39 - 00000000 ____D () C:\Windows\GBD
    2015-02-06 22:19 - 2015-02-06 22:46 - 00000000 ____D () C:\Program Files\DriverAssist
    2015-02-06 19:02 - 2015-02-06 19:02 - 00000000 ____D () C:\Users\MTB\AppData\Local\AMD
    2015-02-06 19:01 - 2015-02-06 19:01 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\ATI
    2015-02-06 19:01 - 2015-02-06 19:01 - 00000000 ____D () C:\Users\MTB\AppData\Local\ATI
    2015-02-06 18:21 - 2015-02-08 20:09 - 00852882 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-02-06 18:13 - 2015-02-06 18:13 - 01118920 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\NDP452-KB2901954-Web.exe
    2015-02-06 18:08 - 2015-02-06 18:08 - 00064052 _____ () C:\Windows\SysWOW64\CCCInstall_201502061808328761.log
    2015-02-06 18:06 - 2015-02-12 20:26 - 00000000 ____D () C:\ProgramData\AMD
    2015-02-06 18:03 - 2015-02-07 09:15 - 00000000 ____D () C:\AMD
    2015-02-06 17:42 - 2015-02-06 17:45 - 302470552 _____ (AMD Inc.) C:\Users\MTB\Downloads\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe
    2015-02-06 17:17 - 2015-02-08 20:28 - 00000000 ____D () C:\Program Files (x86)\Gigabyte
    2015-02-06 17:17 - 2015-02-08 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigabyte
    2015-02-06 17:17 - 2015-02-06 17:17 - 00002064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
    2015-02-06 17:17 - 2015-02-06 17:17 - 00000000 ____D () C:\ProgramData\InstallShield
    2015-02-06 17:17 - 2005-02-17 07:15 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\SysWOW64\ISUSPM.cpl
    2015-02-06 16:38 - 2015-02-06 16:42 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
    2015-02-06 15:42 - 2015-02-06 15:42 - 00000000 ____D () C:\Windows\CheckSur
    2015-02-06 13:49 - 2015-02-06 13:49 - 00639400 _____ (Oracle Corporation) C:\Users\MTB\Downloads\chromeinstall-8u31.exe
    2015-02-06 13:16 - 2015-02-06 13:16 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Yahoo!
    2015-02-06 03:45 - 2015-02-06 03:45 - 00003414 _____ () C:\Windows\System32\Tasks\{4082AFDA-8B6C-4905-B99C-01F7E99EAB4E}
    2015-02-06 03:30 - 2015-02-06 03:31 - 00639912 _____ (Oracle Corporation) C:\Users\MTB\Downloads\JavaSetup8u31.exe
    2015-02-06 03:22 - 2015-02-06 03:22 - 00347816 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\MicrosoftFixit.wu.FISC.1346645155691609.3.1.Run.exe
    2015-02-06 03:15 - 2015-02-06 03:15 - 00347816 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\MicrosoftFixit.WinFileFolder.RNP.Run.exe
    2015-02-06 03:08 - 2015-02-06 03:08 - 00000000 ____D () C:\Windows\Sun
    2015-02-06 01:24 - 2015-02-06 01:28 - 00000000 ____D () C:\Users\MTB\Documents\Tiger Woods PGA TOUR 07
    2015-02-06 01:23 - 2015-02-11 21:01 - 00002246 _____ () C:\Users\Public\Desktop\Tiger Woods PGA TOUR 07.lnk
    2015-02-06 01:21 - 2015-02-07 07:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
    2015-02-06 00:44 - 2015-02-06 00:44 - 00201422 _____ () C:\Users\MTB\AppData\Local\census.cache
    2015-02-06 00:42 - 2015-02-06 00:42 - 00149168 _____ () C:\Users\MTB\AppData\Local\ars.cache
    2015-02-06 00:32 - 2015-02-06 00:33 - 00347816 _____ (Microsoft Corporation) C:\Users\MTB\Downloads\MicrosoftFixit.Performance.FISC.9346635134660963.1.1.Run.exe
    2015-02-05 22:48 - 2015-02-05 22:48 - 00000010 _____ () C:\Users\MTB\AppData\Local\sponge.last.runtime.cache
    2015-02-05 22:31 - 2015-02-05 22:31 - 00000036 _____ () C:\Users\MTB\AppData\Local\housecall.guid.cache
    2015-02-05 22:31 - 2013-09-27 19:56 - 00285208 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
    2015-02-05 22:30 - 2015-02-05 22:31 - 02494944 _____ (Trend Micro Inc.) C:\Users\MTB\Downloads\HousecallLauncher64.exe
    2015-02-05 22:22 - 2015-02-05 22:22 - 00000000 ____D () C:\ProgramData\Sun
    2015-02-05 22:21 - 2015-02-06 03:37 - 00000000 ____D () C:\ProgramData\Oracle
    2015-02-05 21:01 - 2015-02-05 21:41 - 00000000 ____D () C:\Users\MTB\Documents\Alcohol 120%
    2015-02-05 20:40 - 2015-02-05 20:40 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
    2015-02-05 20:38 - 2007-04-12 15:01 - 00118832 _____ (MicroQuill Software Publishing, Inc.) C:\Windows\SysWOW64\SHW32.DLL
    2015-02-05 20:38 - 2007-04-12 15:00 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
    2015-02-05 20:38 - 2007-04-12 15:00 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
    2015-02-05 20:38 - 2007-04-12 14:59 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
    2015-02-05 20:38 - 2004-12-10 10:06 - 00327680 _____ (On2.com Inc.) C:\Windows\SysWOW64\vp6dec.ax
    2015-02-05 20:38 - 2004-08-30 14:25 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
    2015-02-05 20:38 - 2003-09-10 12:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
    2015-02-05 20:38 - 2003-09-05 12:07 - 00168960 _____ (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) C:\Windows\SysWOW64\XCDZIP35.OCX
    2015-02-05 20:38 - 2002-12-20 14:02 - 01077336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
    2015-02-05 20:37 - 2000-05-22 00:00 - 00647872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
    2015-02-05 19:59 - 2015-02-05 19:59 - 00000000 ____D () C:\Windows\system32\EventProviders
    2015-02-05 19:54 - 2015-02-14 03:59 - 00000231 _____ () C:\Users\MTB\Documents\ax_files.xml
    2015-02-05 19:37 - 2015-02-05 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor
    2015-02-05 19:37 - 2015-02-05 19:37 - 00000000 ____D () C:\Program Files (x86)\Smart File Advisor
    2015-02-05 19:30 - 2015-02-05 19:30 - 00001074 _____ () C:\Users\Public\Desktop\Alcohol 120%.lnk
    2015-02-05 19:30 - 2015-02-05 19:30 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Macromedia
    2015-02-05 19:30 - 2015-02-05 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
    2015-02-05 19:30 - 2015-02-05 19:30 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft
    2015-02-05 19:22 - 2015-02-07 07:18 - 00000000 ____D () C:\Program Files (x86)\EA Sports
    2015-02-05 19:10 - 2015-02-05 19:10 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
    2015-02-05 19:09 - 2015-02-06 23:00 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Adobe
    2015-02-05 19:09 - 2015-02-05 19:09 - 07725608 _____ (Alcohol Soft Development Team) C:\Users\MTB\Downloads\Alcohol120_FE_2.0.3.6951_062ea53b0581c2a2a20c2fb4dc4a7ed8.exe
    2015-02-05 19:06 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2015-02-05 19:06 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
    2015-02-05 19:06 - 2007-01-08 15:30 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2015-02-05 19:06 - 2007-01-08 15:30 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
    2015-02-05 19:06 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
    2015-02-05 19:06 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2015-02-05 19:06 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2015-02-05 19:06 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
    2015-02-05 19:06 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2015-02-05 19:06 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
    2015-02-05 19:06 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
    2015-02-05 19:06 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2015-02-05 19:06 - 2006-09-28 16:04 - 00091928 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2015-02-05 19:06 - 2006-09-28 16:04 - 00068888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2015-02-05 19:06 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2015-02-05 19:06 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2015-02-05 19:06 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
    2015-02-05 19:06 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
    2015-02-05 19:06 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
    2015-02-05 19:06 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2015-02-05 19:06 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2015-02-05 19:06 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2015-02-05 19:06 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2015-02-05 19:06 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2015-02-05 19:05 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2015-02-05 19:05 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2015-02-05 19:05 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2015-02-05 19:05 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
    2015-02-05 19:05 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2015-02-05 19:05 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
    2015-02-05 19:05 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2015-02-05 19:05 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2015-02-05 19:03 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2015-02-05 19:03 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
    2015-02-05 19:03 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2015-02-05 19:03 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
    2015-02-05 19:03 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2015-02-05 19:03 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
    2015-02-05 19:03 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2015-02-05 19:03 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
    2015-02-05 19:03 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2015-02-05 19:03 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
    2015-02-05 18:55 - 2015-02-05 18:56 - 00757184 _____ (Internet ) C:\Users\MTB\Downloads\downloader_for_Alcohol120_FE_2.0.3.6951.exe
    2015-02-05 18:53 - 2015-02-14 05:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-05 18:52 - 2015-02-05 18:52 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-02-05 18:52 - 2015-02-05 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-02-05 18:52 - 2015-02-05 18:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-02-05 18:52 - 2015-02-05 18:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-02-05 18:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-02-05 18:52 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-02-05 18:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-02-05 18:51 - 2015-02-05 18:52 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\MTB\Downloads\mbam-setup-2.0.4.1028.exe
    2015-02-05 18:41 - 2015-02-14 05:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-05 18:41 - 2015-02-09 11:25 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-05 18:41 - 2015-02-09 11:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-05 18:41 - 2015-02-09 11:25 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-05 18:41 - 2015-02-06 22:50 - 00000000 ____D () C:\ProgramData\Yahoo!
    2015-02-05 18:41 - 2015-02-05 20:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
    2015-02-05 18:41 - 2015-02-05 18:41 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
    2015-02-05 18:41 - 2015-02-05 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
    2015-02-05 18:34 - 2015-02-06 22:50 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
    2015-02-05 18:33 - 2015-02-05 18:33 - 00691576 _____ (Yahoo! Inc.) C:\Users\MTB\Downloads\msgr11us.exe
    2015-02-05 18:04 - 2015-02-05 18:04 - 00000000 ____D () C:\Program Files (x86)\Origin Games
    2015-02-05 17:56 - 2015-02-05 18:04 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Origin
    2015-02-05 17:56 - 2015-02-05 18:04 - 00000000 ____D () C:\Users\MTB\AppData\Local\Origin
    2015-02-05 17:56 - 2015-02-05 17:56 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
    2015-02-05 17:56 - 2015-02-05 17:56 - 00000000 ____D () C:\Users\MTB\AppData\Local\VS Revo Group
    2015-02-05 17:56 - 2015-02-05 17:56 - 00000000 ____D () C:\ProgramData\VS Revo Group
    2015-02-05 17:56 - 2015-02-05 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
    2015-02-05 17:56 - 2015-02-05 17:56 - 00000000 ____D () C:\Program Files\VS Revo Group
    2015-02-05 17:56 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
    2015-02-05 17:55 - 2015-02-05 17:55 - 10801472 _____ (VS Revo Group ) C:\Users\MTB\Downloads\RevoUninProSetup.exe
    2015-02-05 17:54 - 2015-02-14 02:32 - 00000000 ____D () C:\ProgramData\Origin
    2015-02-05 17:54 - 2015-02-05 17:54 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
    2015-02-05 17:54 - 2015-02-05 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2015-02-05 17:54 - 2015-02-05 17:54 - 00000000 ____D () C:\ProgramData\Electronic Arts
    2015-02-05 17:53 - 2015-02-14 02:32 - 00000000 ____D () C:\Program Files (x86)\Origin
    2015-02-05 17:52 - 2015-02-05 17:53 - 17011744 _____ (Electronic Arts, Inc.) C:\Users\MTB\Downloads\OriginThinSetup.exe
    2015-02-05 17:51 - 2015-02-07 08:21 - 00000000 ____D () C:\ProgramData\Adobe
    2015-02-05 17:50 - 2015-02-05 17:50 - 00000000 ____D () C:\Windows\Cache
    2015-02-05 17:42 - 2015-02-05 17:42 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
    2015-02-05 17:42 - 2015-02-05 17:42 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-02-05 17:42 - 2015-02-05 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-02-05 17:42 - 2015-02-05 17:42 - 00000000 ____D () C:\Program Files\CCleaner
    2015-02-05 17:41 - 2015-02-05 17:41 - 05325208 _____ (Piriform Ltd) C:\Users\MTB\Downloads\ccsetup502.exe
    2015-02-05 17:34 - 2015-02-05 17:43 - 00000000 ____D () C:\ProgramData\Norton
    2015-02-05 17:33 - 2015-02-05 17:33 - 00000000 ____D () C:\Program Files\ATI
    2015-02-05 17:32 - 2015-02-05 17:32 - 00000000 ____D () C:\Program Files\DIFX
    2015-02-05 17:32 - 2011-09-29 02:30 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
    2015-02-05 17:32 - 2009-04-27 18:03 - 00067128 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
    2015-02-05 17:32 - 2009-04-27 18:03 - 00028216 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
    2015-02-05 17:28 - 2015-02-05 17:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2015-02-05 17:28 - 2015-02-05 17:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2015-02-05 17:27 - 2015-02-14 05:26 - 01602727 _____ () C:\Windows\WindowsUpdate.log
    2015-02-05 17:23 - 2015-02-05 17:42 - 00000000 ____D () C:\Windows\Panther
    2015-02-05 17:21 - 2015-02-13 14:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-05 17:21 - 2015-02-12 21:57 - 00000000 ___HD () C:\Program Files (x86)\Temp
    2015-02-05 17:21 - 2015-02-09 16:30 - 00000000 ____D () C:\Program Files (x86)\Realtek
    2015-02-05 17:21 - 1999-12-31 17:00 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
    2015-02-05 17:20 - 2015-02-07 10:36 - 00000010 _____ () C:\Windows\GSetup.ini
    2015-02-05 16:57 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2015-02-05 16:57 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
    2015-02-05 16:57 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
    2015-02-05 16:57 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
    2015-02-05 16:57 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
    2015-02-05 16:57 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
    2015-02-05 16:57 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
    2015-02-05 16:57 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
    2015-02-05 16:57 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
    2015-02-05 16:57 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
    2015-02-05 16:54 - 2015-02-10 14:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-02-05 16:54 - 2015-02-10 14:35 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-02-05 16:53 - 2015-02-05 16:53 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Avira
    2015-02-05 16:51 - 2015-02-05 16:49 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
    2015-02-05 16:50 - 2015-02-05 19:10 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2015-02-05 16:50 - 2015-02-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-02-05 16:49 - 2015-02-14 05:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-05 16:49 - 2015-02-14 05:02 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-05 16:49 - 2015-02-06 02:57 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-05 16:49 - 2015-02-06 02:57 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-02-05 16:49 - 2015-02-05 16:50 - 00000000 ____D () C:\Users\MTB\AppData\Local\Google
    2015-02-05 16:49 - 2015-02-05 16:50 - 00000000 ____D () C:\Program Files (x86)\Google
    2015-02-05 16:49 - 2015-02-05 16:49 - 00000000 ____D () C:\Users\MTB\AppData\Roaming\Mozilla
    2015-02-05 16:49 - 2015-02-05 16:49 - 00000000 ____D () C:\Users\MTB\AppData\Local\Deployment
    2015-02-05 16:49 - 2015-02-05 16:49 - 00000000 ____D () C:\Users\MTB\AppData\Local\Apps\2.0
    2015-02-05 16:48 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
    2015-02-05 16:48 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
    2015-02-05 16:48 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
    2015-02-05 16:46 - 2015-02-12 20:26 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-05 16:46 - 2015-02-12 15:52 - 00057952 _____ () C:\Users\MTB\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-02-05 16:46 - 2015-02-10 16:56 - 00012000 _____ () C:\Windows\system32\lvcoinst.log
    2015-02-05 16:46 - 2015-02-09 19:39 - 00000000 ____D () C:\Program Files\Common Files\logishrd
    2015-02-05 16:46 - 2015-02-05 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2015-02-05 16:46 - 2015-02-05 16:48 - 00000000 ____D () C:\ProgramData\Avira
    2015-02-05 16:46 - 2015-02-05 16:48 - 00000000 ____D () C:\Program Files (x86)\Avira
    2015-02-05 16:46 - 2015-02-05 16:46 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
    2015-02-05 16:46 - 2014-12-23 00:41 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2015-02-05 16:45 - 2015-02-10 14:35 - 00000000 ____D () C:\Windows\system32\MRT
    2015-02-05 16:45 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-02-05 16:44 - 2014-12-03 19:31 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-02-05 16:44 - 2014-09-14 17:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-02-05 16:44 - 2011-04-08 23:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2015-02-05 16:44 - 2011-04-08 23:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-02-05 16:44 - 2011-04-08 23:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-02-05 16:44 - 2011-04-08 23:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-02-05 16:44 - 2011-04-08 22:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2015-02-05 16:42 - 2012-06-02 15:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-02-05 16:42 - 2012-06-02 15:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-02-05 16:42 - 2012-06-02 15:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-02-05 16:42 - 2012-06-02 15:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-02-05 16:41 - 2012-06-02 15:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-02-05 16:41 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-02-05 16:41 - 2012-06-02 15:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-02-05 16:41 - 2012-06-02 15:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-02-05 16:41 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-02-05 16:39 - 2015-02-05 16:41 - 00000000 ____D () C:\Users\MTB\AppData\Local\Microsoft Games
    2015-02-05 16:36 - 2015-02-13 00:58 - 00000000 __SHD () C:\Recovery
    2015-02-05 16:36 - 2015-02-13 00:50 - 00000000 ____D () C:\Users\MTB
    2015-02-05 16:36 - 2015-02-11 21:04 - 00000000 ____D () C:\Users\MTB\AppData\Local\VirtualStore
    2015-02-05 16:36 - 2015-02-05 16:36 - 00001443 _____ () C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-02-05 16:36 - 2015-02-05 16:36 - 00001409 _____ () C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
    2015-02-05 16:36 - 2015-02-05 16:36 - 00000020 ___SH () C:\Users\MTB\ntuser.ini
    2015-02-05 16:36 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-02-05 16:36 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-02-14 05:29 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\inetsrv
    2015-02-14 05:27 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-14 05:25 - 2009-07-13 21:45 - 00009072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-14 05:25 - 2009-07-13 21:45 - 00009072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-13 17:13 - 2009-07-13 22:13 - 00901618 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-02-13 14:21 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system
    2015-02-13 12:35 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
    2015-02-13 02:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
    2015-02-13 02:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Globalization
    2015-02-13 00:50 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-02-12 16:32 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
    2015-02-12 15:49 - 2009-07-13 21:45 - 00266992 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-02-11 15:15 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\Offline Web Pages
    2015-02-11 12:34 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Speech
    2015-02-09 03:28 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
    2015-02-08 20:07 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\0409
    2015-02-08 20:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2015-02-08 20:07 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2015-02-07 10:15 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
    2015-02-07 08:21 - 2009-07-13 22:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2015-02-05 17:28 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-02-05 17:28 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-02-05 17:28 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep
    2015-02-05 17:25 - 2009-07-14 00:46 - 00000000 ____D () C:\Windows\CSC
    2015-02-05 17:22 - 2009-07-13 22:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
    2015-02-05 17:22 - 2009-07-13 22:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
    2015-02-05 16:54 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
    2015-02-05 16:41 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\restore
    2015-02-05 16:36 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Recovery
     
    ==================== Files in the root of some directories =======
     
    2015-02-06 00:42 - 2015-02-06 00:42 - 0149168 _____ () C:\Users\MTB\AppData\Local\ars.cache
    2015-02-06 00:44 - 2015-02-06 00:44 - 0201422 _____ () C:\Users\MTB\AppData\Local\census.cache
    2015-02-05 22:31 - 2015-02-05 22:31 - 0000036 _____ () C:\Users\MTB\AppData\Local\housecall.guid.cache
    2015-02-05 22:48 - 2015-02-05 22:48 - 0000010 _____ () C:\Users\MTB\AppData\Local\sponge.last.runtime.cache
    2015-02-14 04:12 - 2015-02-14 04:12 - 5500712 _____ (PC Cleaners) C:\ProgramData\pclunst.exe
     
    Files to move or delete:
    ====================
    C:\ProgramData\pclunst.exe
     
     
    Some content of TEMP:
    ====================
    C:\Users\MTB\AppData\Local\Temp\AutoRunGUI.dll
    C:\Users\MTB\AppData\Local\Temp\avgnt.exe
    C:\Users\MTB\AppData\Local\Temp\drm_dyndata_7330014.dll
    C:\Users\MTB\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-02-13 12:27
     
    ==================== End Of Log ============================
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
    Ran by MTB at 2015-02-11 00:31:10
    Running from C:\Users\MTB\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
    AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    @BIOS Ver.2.06 (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.06 - GIGABYTE)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 10.2.0.22 - Adobe Systems, Inc.)
    ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.)
    Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
    Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
    Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
    Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
    Browser Configuration Utility (HKLM-x32\...\{5B363E1D-8C36-4458-BAE4-D5081999E094}) (Version: 1.1.11.0 - DeviceVM) <==== ATTENTION
    CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
    DMIView B8.0717.01 (HKLM-x32\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte)
    EA SPORTS online 2008 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version:  - )
    erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
    Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
    Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
    SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
    Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
    Smart File Advisor 1.1.7 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.1.7 - Filefacts.net)
    Smart Recovery B09.0911.1  (x64) (HKLM-x32\...\InstallShield_{FAE188FD-A941-49E9-A5E9-F6D88517EC40}) (Version:  - )
    Smart Recovery B09.0911.1  (x64) (Version: 1.00.0002 - GIGABYTE) Hidden
    Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
    Tiger Woods PGA TOUR 07 (HKLM-x32\...\{B6829D65-F5C5-47F0-00BC-F5906EA94F4C}) (Version:  - )
    Tiger Woods PGA TOUR 08 (HKLM-x32\...\{2FEA102C-F535-4513-009B-57B165013C18}) (Version:  - Electronic Arts)
    Update Manager B09.0908.1 (HKLM-x32\...\InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}) (Version: 1.00.0000 - GIGABYTE)
    Update Manager B09.0908.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
     
    ==================== Restore Points  =========================
     
    10-02-2015 15:31:46 Automatic creation
    10-02-2015 19:47:10 Automatic creation
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {05345030-5226-4750-B8AC-6A9861B2C4D1} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
    Task: {1AB11A7B-8BE3-4642-8471-ADA917B5F318} - System32\Tasks\{4DE1EC74-F5A7-47F9-A6C9-BF75F729556B} => pcalua.exe -a "C:\Users\MTB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTA8EV93\InstallOBJ[1].exe" -d C:\Users\MTB\Desktop
    Task: {2EE06578-0374-4D72-9B0E-3742BA9CBE43} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
    Task: {84D43B87-85A8-4006-B079-C97EA4AC5649} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
    Task: {9A73C8B4-AB62-402A-A6DB-2ADDDF6BDD30} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
    Task: {9F5A1EAB-C8A5-47E9-B424-4D6A72961AF8} - System32\Tasks\{4082AFDA-8B6C-4905-B99C-01F7E99EAB4E} => pcalua.exe -a "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe" -d C:\Windows\system32 -c /uinstall=ORJ-SPE /cbid=BBJ /dtid=^OSJ000^YY^US /guid=6388DFF9-72AB-46EE-BC5E-144D582212E5 /pvresion=12.23.0.15 /platform=V7
    Task: {AD3964CB-84D5-46A4-9691-AE09615C7481} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
    Task: {AED2F924-DCEB-499E-B218-D5CBBD88812A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated)
    Task: {F66860D8-0EA6-4B85-B784-1B9805E69361} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\SmartRecovery\SrCmdCLR.exe" -c 1
    Task: {FAE3B2A2-76AC-4906-BD44-C87F68796C41} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\SmartRecovery\SRFilter.exe" /GBSMART6 -kdl
    Task: {FE520152-A52F-44BB-90EB-47D4359F35E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
    Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2015-02-07 10:15 - 2014-07-02 11:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-02-05 20:20 - 2009-07-30 18:15 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
    2015-02-05 16:50 - 2015-02-04 02:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
    2015-02-05 16:50 - 2015-02-04 02:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
    2015-02-05 16:50 - 2015-02-04 02:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
    2015-02-05 16:50 - 2015-02-04 02:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Registry Areas =====================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-1779603141-557174507-836119912-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MTB\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-1779603141-557174507-836119912-500 - Administrator - Disabled)
    Guest (S-1-5-21-1779603141-557174507-836119912-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1779603141-557174507-836119912-1002 - Limited - Enabled)
    MTB (S-1-5-21-1779603141-557174507-836119912-1000 - Administrator - Enabled) => C:\Users\MTB
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (02/10/2015 07:47:09 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.
     
     
    Operation:
       Gathering Writer Data
     
    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {fb175ba7-f87f-4d14-a665-a848dd20f816}
     
    Error: (02/10/2015 03:31:46 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.
     
     
    Operation:
       Gathering Writer Data
     
    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {546831fd-8e8e-4d29-b137-1f27c317fac5}
     
    Error: (02/10/2015 02:19:28 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.
     
     
    Operation:
       Gathering Writer Data
     
    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {740ef146-097b-46f0-bbce-27cb5cc29336}
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.
     
    Context: Windows Application
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: The gatherer object cannot be initialized.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
     
    Error: (02/10/2015 01:56:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.JetPropStore> cannot be initialized.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (02/10/2015 01:56:52 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: The Windows Search Service cannot load the property store information.
     
    Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
     
    Error: (02/10/2015 01:56:52 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
     
    System errors:
    =============
    Error: (02/10/2015 09:59:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
     
    Error: (02/10/2015 08:43:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
     
    Error: (02/10/2015 07:52:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
     
    Error: (02/10/2015 07:13:55 PM) (Source: SNMP) (EventID: 1500) (User: )
    Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
     
    Error: (02/10/2015 07:00:48 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: 490@01010004
     
    Error: (02/10/2015 07:00:48 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: 490@01010004
     
    Error: (02/10/2015 07:00:48 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: 490@01010004
     
    Error: (02/10/2015 03:49:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
     
    Error: (02/10/2015 03:02:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
     
    Error: (02/10/2015 03:01:55 PM) (Source: SNMP) (EventID: 1500) (User: )
    Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (02/10/2015 07:47:09 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Access is denied.
     
     
    Operation:
       Gathering Writer Data
     
    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {fb175ba7-f87f-4d14-a665-a848dd20f816}
     
    Error: (02/10/2015 03:31:46 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Access is denied.
     
     
    Operation:
       Gathering Writer Data
     
    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {546831fd-8e8e-4d29-b137-1f27c317fac5}
     
    Error: (02/10/2015 02:19:28 PM) (Source: VSS) (EventID: 8194) (User: )
    Description: 0x80070005, Access is denied.
     
     
    Operation:
       Gathering Writer Data
     
    Context:
       Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
       Writer Name: System Writer
       Writer Instance ID: {740ef146-097b-46f0-bbce-27cb5cc29336}
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: 
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: Context: Windows Application
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
     
    Error: (02/10/2015 01:56:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
    Search.TripoliIndexer
     
    Error: (02/10/2015 01:56:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
    Search.JetPropStore
     
    Error: (02/10/2015 01:56:52 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: Context: Windows Application, SystemIndex Catalog
     
     
    Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
     
    Error: (02/10/2015 01:56:52 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: 
    Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
    The catalog is corrupt
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2015-02-07 09:54:20.463
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2015-02-07 09:54:20.432
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: AMD Phenom™ II X6 1090T Processor
    Percentage of memory in use: 58%
    Total physical RAM: 4092.16 MB
    Available physical RAM: 1694.08 MB
    Total Pagefile: 8182.46 MB
    Available Pagefile: 4356.55 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:931.41 GB) (Free:894.24 GB) NTFS
    Drive d: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
    Drive e: (TW07) (CDROM) (Total:1.79 GB) (Free:0 GB) UDF
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 62894F4E)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    • 0

    #4
    martysfish2000
    Posted 14 February 2015 - 07:31 AM

    martysfish2000

      New Member

    • Topic Starter
    • Member
    • Pip
    • 3 posts

    Think you for looking at this PC..! Hope these txt and logs are as you wanted..


    • 0

    #5
    RKinner
    Posted 14 February 2015 - 08:24 AM

    RKinner

      Malware Expert

    • Expert
    • 24,625 posts
    • MVP

    Missing the AdwCleaner log and also the Process Explorer log.

     

    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that. 
     
    Is there a reason you are running an FTP server?  Simple tcp services?  SNMP?  Is binkiland.com your normal home page in Chrome?
     
     
     
    1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
    2. Click Properties, and then click Tools.
    3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
    4. Check both boxes and then click Start.
    You will receive the following message:
    The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
    Click Yes to schedule the disk check, but don't restart yet.
     
    Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
     
     
    Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
     
    sfc /scannow
     
    (SPACE after sfc.  This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
     
    Copy the next two lines:
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
    notepad \windows\logs\cbs\junk.txt 
     
    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close nOtepad.  Close the Command Window.
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.
     
     

    • 0
    Back to Virus, Spyware, Malware Removal · Next Unread Topic →




    Similar Topics


    Also tagged with one or more of these keywords: Infected

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    1. Geeks to Go Community
    2. Security
    3. Virus, Spyware, Malware Removal

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP