Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Stuttering while not in safe mode

Started by xRigs , Mar 04 2015 08:36 PM

  • This topic is locked This topic is locked

#1
xRigs
Posted 04 March 2015 - 08:36 PM

xRigs

    New Member

  • Member
  • Pip
  • 2 posts
After an hour or so of use my PC begins to stutter. Very short clips of audio will loop for up to a second while the computer is unresponsive for the same amount of time. This happens when doing anything from web browsing to gaming. I've run memory diagnostics and they all passed. I figured it could be a problem with overheating; however, I've monitored GPU/CPU temps and they're both at normal temps during regular use and under load. The computer will stutter even while near idle temperatures. Stuttering seems to occur more frequently at certain events, for example beginning or ending a skype call. I've recently updated video and audio drivers as well as Windows. This problem has been ongoing for about 2 months. Restarting the PC gives about an hour or so grace period before the stuttering begins to occur again. 
 
Basic Specs
 
3.3Ghz AMD Hexcore
Radeon HD 6950
16 GB ram
128 SSD / 1.5TB HDD
Win 7 64bit
Onboard Realtek audio
 
I've included a Hijackthis log just in case.
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:08:25 PM, on 3/4/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
 
FIREFOX: 36.0 (x86 en-US)
Boot mode: Normal
 
Running processes:
F:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
F:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
F:\Program Files (x86)\Rocketfish HD Webcam Pro\Live! Central\RfLVCentral2.exe
F:\Windows\V0740Mon.exe
C:\Program Files (x86)\Avast\avastui.exe
F:\Program Files (x86)\iTunes\iTunesHelper.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Skype\Phone\Skype.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\Users\Nick\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files (x86)\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RoccatKoneXTD] "F:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE"
O4 - HKLM\..\Run: [Rocket Live! Central 2] "F:\Program Files (x86)\Rocketfish HD Webcam Pro\Live! Central\RFLVCentral2.exe" /mode2
O4 - HKLM\..\Run: [V0740Mon.exe] F:\Windows\V0740Mon.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files (x86)\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "F:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "F:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Unified Remote v2] F:\Program Files (x86)\Unified Remote\RemoteServer.exe
O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] "F:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN32RBXGKC05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "F:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_7266E4D0D19C85A5D2B50C57005C13C2] "F:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://F:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @F:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @F:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: f:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: f:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - F:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - F:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - F:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - F:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - F:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files (x86)\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files (x86)\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - F:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - F:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - F:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - F:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Users\Nick\Documents\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - F:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - F:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - F:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - F:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - F:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - F:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - F:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - F:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - F:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - F:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - F:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - F:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - F:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - F:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - F:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 12813 bytes
 

  • 0

Advertisements

#2
zep516
Posted 05 March 2015 - 08:50 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

 

I can check for Malware just in case, after that I may need to send you to a tech.

 

Please just post the log reports. Do not put in code or quotes boxes.

 

Download the version of this tool for your operating system. 64Bit for you..
Farbar Recovery Scan Tool (64 bit)
farbar-recovery-scan-tool/dl/81/Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please also paste it to your reply.


  • 0

#3
xRigs
Posted 05 March 2015 - 09:05 PM

xRigs

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Nick (administrator) on NICK-PC on 05-03-2015 21:04:23
Running from F:\Users\Nick\Downloads
Loaded Profiles: Nick (Available profiles: Nick)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) F:\Windows\System32\atiesrxx.exe
(AMD) F:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files (x86)\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files (x86)\Avast\afwServ.exe
(Advanced Micro Devices, Inc.) F:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) F:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) F:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) F:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) F:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Users\Nick\Documents\xampp\mysql\bin\mysqld.exe
() F:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) F:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) F:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) F:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) F:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(DT Soft Ltd) F:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Hewlett-Packard Co.) F:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Adobe Systems Incorporated) F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ROCCAT GmbH) F:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(Creative Technology Ltd) F:\Program Files (x86)\Rocketfish HD Webcam Pro\Live! Central\RfLVCentral2.exe
(Creative Technology Ltd.) F:\Windows\V0740Mon.exe
(AVAST Software) C:\Program Files (x86)\Avast\avastui.exe
(Apple Inc.) F:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) F:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) F:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) F:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) F:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Skype Technologies S.A.) F:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) F:\Windows\System32\UI0Detect.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) F:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Piriform Ltd) F:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Azureus Software, Inc) C:\Program Files (x86)\Vuze\Azureus.exe
(Google Inc.) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) F:\Users\Nick\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => F:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [AsioReg] => REGSVR32 /S CTASIO.DLL
HKLM-x32\...\Run: [Adobe ARM] => F:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RoccatKoneXTD] => F:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [Rocket Live! Central 2] => F:\Program Files (x86)\Rocketfish HD Webcam Pro\Live! Central\RFLVCentral2.exe [430247 2011-01-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [V0740Mon.exe] => F:\Windows\V0740Mon.exe [28672 2011-02-28] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\Avast\AvastUI.exe [4085896 2014-12-01] (AVAST Software)
HKLM-x32\...\Run: [AsioReg] => REGSVR32 /S CTASIO.DLL
HKLM-x32\...\Run: [iTunesHelper] => F:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => F:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Run: [DAEMON Tools Pro Agent] => F:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3034432 2012-02-02] (DT Soft Ltd)
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Run: [HP Officejet Pro 8600 (NET)] => F:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Run: [Skype] => F:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Run: [GoogleChromeAutoLaunch_7266E4D0D19C85A5D2B50C57005C13C2] => F:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Run: [CCleaner Monitoring] => F:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: I - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: {09120ba3-0cbf-11e2-80eb-50e549b51f5c} - H:\setup.exe -a
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: {a6592c01-feca-11e1-b396-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: {b8eef8f2-31d5-11e2-a026-50e549b51f5c} - G:\setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1786869451-626087546-234629033-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKU\S-1-5-21-1786869451-626087546-234629033-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1786869451-626087546-234629033-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> F:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: HKLM-x32 {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - F:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: F:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\edfsfhut.default
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> F:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> F:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> F:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> F:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> F:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> F:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> F:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> F:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> F:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> F:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> F:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> F:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> F:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> F:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> F:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> F:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> F:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> F:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> F:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> F:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1786869451-626087546-234629033-1000: ubisoft.com/uplaypc -> F:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: ActiveGS - F:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\edfsfhut.default\Extensions\[email protected] [2014-03-05]
FF Extension: EPUBReader - F:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\edfsfhut.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-02-14]
FF Extension: Skype Click to Call - F:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files (x86)\Avast\WebRep\FF [2014-12-01]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-26]
CHR Extension: (Adblock Plus) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-11]
CHR Extension: (Google Search) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-26]
CHR Extension: (Hangouts) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2014-10-22]
CHR Extension: (Google Wallet) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - F:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - F:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; F:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S4 Apache2.2; C:\Users\Nick\Documents\xampp\apache\bin\httpd.exe [24640 2009-08-05] (Apache Software Foundation) [File not signed]
R2 avast! Antivirus; C:\Program Files (x86)\Avast\AvastSvc.exe [50344 2014-12-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files (x86)\Avast\afwServ.exe [106488 2014-12-01] (AVAST Software)
S4 BstHdAndroidSvc; F:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-06] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; F:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-06] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; F:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-06] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; F:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; F:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 MySQL; C:\Users\Nick\Documents\xampp\mysql\bin\mysqld.exe [5497856 2009-08-05] () [File not signed]
R2 PnkBstrA; F:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-30] ()
R2 TeamViewer; F:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S4 WinDefend; F:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; F:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; F:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-01] ()
R1 aswKbd; F:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-01] (AVAST Software)
R2 aswMonFlt; F:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-12-01] (AVAST Software)
R0 aswNdisFlt; F:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-12-01] (AVAST Software)
R1 aswRdr; F:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-01] (AVAST Software)
R0 aswRvrt; F:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-01] ()
R1 aswSnx; F:\Windows\system32\drivers\aswSnx.sys [1041168 2014-12-01] (AVAST Software)
R1 aswSP; F:\Windows\system32\drivers\aswSP.sys [427360 2014-12-01] (AVAST Software)
R2 aswStm; F:\Windows\system32\drivers\aswStm.sys [92008 2014-12-01] (AVAST Software)
R0 aswVmm; F:\Windows\System32\Drivers\aswVmm.sys [224896 2014-12-01] ()
R2 BstHdDrv; F:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-06] (BlueStack Systems)
R1 dtsoftbus01; F:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-19] (DT Soft Ltd)
S3 pbfilter; F:\Program Files\PeerBlock\pbfilter.sys [22600 2013-11-18] ()
R0 Pnp680; F:\Windows\System32\DRIVERS\pnp680.sys [80424 2007-11-12] (Silicon Image, Inc)
S3 pwdrvio; F:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; F:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
R0 PxHlpa64; F:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 V0740Vid; F:\Windows\System32\DRIVERS\V0740Vid.sys [397600 2011-02-28] (Creative Technology Ltd.)
S2 AODDriver4.2.0; \??\F:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-05 21:04 - 2015-03-05 21:04 - 02092544 _____ (Farbar) F:\Users\Nick\Downloads\FRST64 (1).exe
2015-03-05 21:04 - 2015-03-05 21:04 - 00020412 _____ () F:\Users\Nick\Downloads\FRST.txt
2015-03-05 21:04 - 2015-03-05 21:04 - 00000000 ____D () F:\FRST
2015-03-05 21:02 - 2015-03-05 21:03 - 02092544 _____ (Farbar) F:\Users\Nick\Downloads\FRST64.exe
2015-03-05 20:34 - 2015-03-05 20:34 - 00001069 _____ () F:\Users\Public\Desktop\VLC media player.lnk
2015-03-05 02:00 - 2015-03-05 02:00 - 00284914 _____ () F:\Users\Nick\Documents\cc_20150305_020021.reg
2015-03-05 01:54 - 2015-03-05 01:54 - 05325696 _____ (Piriform Ltd) F:\Users\Nick\Downloads\ccsetup503.exe
2015-03-05 01:54 - 2015-03-05 01:54 - 00002770 _____ () F:\Windows\System32\Tasks\CCleanerSkipUAC
2015-03-05 01:54 - 2015-03-05 01:54 - 00000785 _____ () F:\Users\Public\Desktop\CCleaner.lnk
2015-03-05 01:54 - 2015-03-05 01:54 - 00000000 ____D () F:\Program Files\CCleaner
2015-03-04 20:25 - 2015-03-04 20:25 - 00013825 _____ () F:\Users\Nick\Desktop\New Text Document.txt
2015-03-04 20:06 - 2015-03-04 20:06 - 00388608 _____ (Trend Micro Inc.) F:\Users\Nick\Downloads\HijackThis (1).exe
2015-03-04 19:28 - 2015-03-04 20:08 - 00012815 _____ () F:\Users\Nick\Downloads\hijackthis.log
2015-03-04 19:28 - 2015-03-04 19:28 - 00388608 _____ (Trend Micro Inc.) F:\Users\Nick\Downloads\HijackThis.exe
2015-03-02 19:19 - 2015-03-02 19:20 - 00000000 ____D () F:\Users\Nick\Documents\OpenTTD
2015-03-02 18:29 - 2015-03-02 18:29 - 00000759 _____ () F:\Users\Public\Desktop\OpenTTD.lnk
2015-03-02 18:29 - 2015-03-02 18:29 - 00000000 ____D () F:\Users\Nick\Desktop\Dungelot
2015-03-02 18:29 - 2015-03-02 18:29 - 00000000 ____D () F:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
2015-03-02 18:29 - 2015-03-02 18:29 - 00000000 ____D () F:\Program Files\OpenTTD
2015-03-02 18:28 - 2015-03-02 18:28 - 07781026 _____ (OpenTTD Developers) F:\Users\Nick\Downloads\openttd-1.4.4-windows-win64.exe
2015-03-02 18:27 - 2015-03-02 18:28 - 18535048 _____ () F:\Users\Nick\Downloads\dungelotPC.zip
2015-02-28 04:17 - 2015-02-28 04:17 - 07255712 _____ (IPVanish.com) F:\Users\Nick\Downloads\ipvanish-setup (2).exe
2015-02-28 04:17 - 2015-02-28 04:17 - 07255712 _____ (IPVanish.com) F:\Users\Nick\Downloads\ipvanish-setup (1).exe
2015-02-28 02:15 - 2015-02-23 12:13 - 00000000 ____D () F:\Users\Nick\Desktop\Sunless Sea
2015-02-28 01:32 - 2015-02-28 01:32 - 00000945 _____ () F:\Users\Public\Desktop\IPVanish.lnk
2015-02-28 01:32 - 2015-02-28 01:32 - 00000000 ____D () F:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2015-02-26 02:45 - 2015-02-28 19:14 - 00000000 ____D () F:\Users\Nick\AppData\Local\PokerStars
2015-02-26 02:45 - 2015-02-28 19:14 - 00000000 ____D () F:\Program Files (x86)\PokerStars
2015-02-26 02:45 - 2015-02-26 02:45 - 00000000 ____D () F:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2015-02-26 02:43 - 2015-02-26 02:45 - 112270880 _____ (PokerStars) F:\Users\Nick\Downloads\PokerStarsInstall.exe
2015-02-24 21:48 - 2015-03-05 01:59 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\Media Player Classic
2015-02-24 04:48 - 2015-02-24 05:09 - 00000000 ____D () F:\Users\Nick\Desktop\New folder (2)
2015-02-24 01:15 - 2015-02-24 01:16 - 22892794 _____ (Audacity Team ) F:\Users\Nick\Downloads\audacity-win-2.0.6 (1).exe
2015-02-24 01:14 - 2015-02-24 01:15 - 22892794 _____ (Audacity Team ) F:\Users\Nick\Downloads\audacity-win-2.0.6.exe
2015-02-23 21:53 - 2015-02-23 21:53 - 00000833 _____ () F:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-02-23 21:52 - 2015-02-23 21:52 - 01742416 _____ (BitTorrent Inc.) F:\Users\Nick\Downloads\uTorrent (2).exe
2015-02-23 21:47 - 2015-03-05 01:59 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\uTorrent
2015-02-23 21:47 - 2015-02-23 21:47 - 01742416 _____ (BitTorrent Inc.) F:\Users\Nick\Downloads\uTorrent (1).exe
2015-02-23 21:46 - 2015-02-23 21:46 - 01742416 _____ (BitTorrent Inc.) F:\Users\Nick\Downloads\uTorrent.exe
2015-02-23 21:18 - 2015-02-24 21:56 - 00000000 ____D () F:\Users\Nick\AppData\Local\Popcorn-Time
2015-02-23 21:18 - 2015-02-23 21:18 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-02-23 21:18 - 2015-02-23 21:18 - 00000000 ____D () F:\Users\Nick\AppData\Local\Popcorn Time
2015-02-23 21:17 - 2015-02-23 21:17 - 23315064 _____ (Popcorn Official) F:\Users\Nick\Downloads\Popcorn-Time-0.3.7.2-Setup.exe
2015-02-22 06:19 - 2015-02-22 06:19 - 00000000 __SHD () F:\Users\Nick\AppData\Local\EmieUserList
2015-02-22 06:19 - 2015-02-22 06:19 - 00000000 __SHD () F:\Users\Nick\AppData\Local\EmieSiteList
2015-02-22 06:19 - 2015-02-22 06:19 - 00000000 __SHD () F:\Users\Nick\AppData\Local\EmieBrowserModeList
2015-02-20 06:04 - 2015-02-20 06:04 - 11449665 _____ () F:\Users\Nick\Downloads\Outlook.com.zip
2015-02-19 18:46 - 2015-02-19 18:46 - 00000000 ____D () F:\Users\Nick\AppData\Local\Steam
2015-02-11 22:57 - 2015-02-11 22:57 - 14350576 _____ () F:\Users\Nick\Downloads\attachments.zip
2015-02-07 19:22 - 2015-02-07 19:22 - 00792480 _____ (Dnldstr_Aggregator) F:\Users\Nick\Downloads\Free_Download_Setup.exe
2015-02-07 02:33 - 2015-02-07 02:40 - 301762210 _____ () F:\Users\Nick\Downloads\l4d2_the_hive_2.1.zip
2015-02-07 02:10 - 2015-02-07 02:17 - 552046947 _____ () F:\Users\Nick\Downloads\l4d2_resident_evil_outbreak___file_1_6.2.zip
2015-02-06 01:39 - 2015-02-06 01:43 - 00000000 ____D () F:\Program Files (x86)\SystemRequirementsLab
2015-02-06 01:39 - 2015-02-06 01:39 - 00831488 _____ () F:\Users\Nick\Downloads\Detection.msi
2015-02-04 23:36 - 2015-02-04 23:36 - 10150809 _____ () F:\Users\Nick\Downloads\dolphin-x64-4.0.2.exe
2015-02-04 23:35 - 2013-09-23 12:20 - 13477888 _____ () F:\Users\Nick\Downloads\Dolphin.exe
2015-02-04 23:35 - 2013-09-23 12:20 - 00806912 _____ () F:\Users\Nick\Downloads\DSPTool.exe
2015-02-04 23:35 - 2013-09-23 12:20 - 00000000 ____D () F:\Users\Nick\Downloads\Sys
2015-02-04 23:35 - 2013-09-23 12:20 - 00000000 ____D () F:\Users\Nick\Downloads\Languages
2015-02-04 23:35 - 2013-09-22 12:28 - 00057168 _____ (Microsoft Corporation) F:\Users\Nick\Downloads\vcomp100.dll
2015-02-04 23:35 - 2013-09-19 17:01 - 00417320 _____ () F:\Users\Nick\Downloads\OpenAL32.dll
2015-02-04 23:35 - 2013-01-04 07:09 - 00000451 _____ () F:\Users\Nick\Downloads\cpack_package_description.txt
2015-02-04 23:35 - 2011-09-28 16:53 - 00397824 _____ () F:\Users\Nick\Downloads\SDL.dll
2015-02-04 23:35 - 2011-09-28 16:53 - 00018326 _____ () F:\Users\Nick\Downloads\license.txt
2015-02-04 23:34 - 2015-02-04 23:34 - 04463952 _____ (Igor Pavlov) F:\Users\Nick\Downloads\dolphin-4.0-win64.exe
2015-02-04 22:20 - 2015-02-04 22:29 - 00000000 ____D () F:\Users\Nick\Documents\Dolphin Emulator
2015-02-04 22:18 - 2015-02-04 22:27 - 967657627 _____ () F:\Users\Nick\Downloads\Gauntlet_Dark_Legacy_USA_NGC-MOONCUBE.rar
2015-02-04 22:17 - 2015-02-04 22:17 - 09731263 _____ () F:\Users\Nick\Downloads\dolphin-x86-4.0.2.exe
2015-02-04 22:14 - 2015-02-04 22:14 - 00867785 _____ () F:\Users\Nick\Downloads\zsnesw151.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-05 21:03 - 2012-09-16 01:32 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\Azureus
2015-03-05 20:58 - 2012-09-15 16:25 - 00000830 _____ () F:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-05 20:56 - 2012-09-19 21:28 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\Skype
2015-03-05 20:37 - 2012-12-26 03:10 - 00000898 _____ () F:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-05 20:34 - 2013-10-17 03:10 - 00000000 ____D () F:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-05 19:14 - 2012-09-14 16:26 - 01432913 _____ () F:\Windows\WindowsUpdate.log
2015-03-05 01:59 - 2014-04-30 12:47 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\TeamViewer
2015-03-05 01:59 - 2014-03-15 08:39 - 00000000 ____D () F:\ProgramData\BlueStacksSetup
2015-03-05 01:59 - 2014-01-09 17:51 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\TS3Client
2015-03-05 01:59 - 2012-11-19 16:27 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\DAEMON Tools Pro
2015-03-05 01:59 - 2012-10-11 11:20 - 00000000 ____D () F:\Users\Nick\Tracing
2015-03-05 01:59 - 2012-09-14 19:07 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\Ventrilo
2015-03-05 01:58 - 2013-01-23 14:47 - 00000000 ____D () F:\Windows\Minidump
2015-03-05 01:58 - 2012-09-14 19:16 - 00000000 ____D () F:\Windows\Panther
2015-03-05 01:06 - 2012-10-28 19:12 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\vlc
2015-03-05 00:37 - 2012-12-26 03:10 - 00000894 _____ () F:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-04 19:46 - 2009-07-13 22:45 - 00026352 ____H () F:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 19:46 - 2009-07-13 22:45 - 00026352 ____H () F:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 19:44 - 2009-07-13 23:13 - 00782470 _____ () F:\Windows\system32\PerfStringBackup.INI
2015-03-04 19:40 - 2014-08-11 20:24 - 00000000 ___RD () F:\Program Files (x86)\Skype
2015-03-04 19:40 - 2013-02-28 05:27 - 00000000 ____D () F:\ProgramData\Skype
2015-03-04 19:39 - 2009-07-13 23:08 - 00000006 ____H () F:\Windows\Tasks\SA.DAT
2015-03-04 00:32 - 2014-04-10 18:39 - 00015872 _____ () F:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-02 17:57 - 2014-11-17 19:34 - 00000000 ____D () F:\Users\Nick\AppData\Local\IPVanish
2015-03-02 00:02 - 2014-10-07 15:34 - 00000000 ____D () F:\Users\Nick\Desktop\scip
2015-03-01 18:46 - 2014-12-01 23:45 - 00004164 _____ () F:\Windows\System32\Tasks\avast! Emergency Update
2015-02-28 19:13 - 2012-09-14 16:29 - 00000000 ___HD () F:\Program Files (x86)\InstallShield Installation Information
2015-02-28 19:12 - 2013-06-08 17:01 - 00000000 ____D () F:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-02-28 19:12 - 2013-01-23 15:35 - 00000000 ____D () F:\Program Files (x86)\R-Studio
2015-02-28 19:12 - 2009-07-13 23:32 - 00000000 ___RD () F:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-28 18:09 - 2013-12-11 02:59 - 00000000 ____D () F:\Users\Nick\AppData\Local\Battle.net
2015-02-28 03:33 - 2014-11-19 22:42 - 00000000 ____D () F:\Program Files (x86)\IPVanish
2015-02-28 03:06 - 2012-09-16 01:36 - 00000000 ____D () F:\Users\Nick\Documents\My Games
2015-02-28 01:34 - 2014-06-11 18:58 - 00000000 ____D () F:\Program Files (x86)\Heroes of the Storm
2015-02-28 01:32 - 2013-11-29 06:55 - 00000000 ____D () F:\ProgramData\Package Cache
2015-02-28 01:29 - 2013-12-11 02:58 - 00000000 ____D () F:\Program Files (x86)\Battle.net
2015-02-28 00:20 - 2014-08-19 16:27 - 00000000 ____D () F:\Users\Nick\AppData\Local\Adobe
2015-02-28 00:20 - 2012-09-15 16:25 - 00701616 _____ (Adobe Systems Incorporated) F:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-28 00:20 - 2012-09-15 16:25 - 00071344 _____ (Adobe Systems Incorporated) F:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-28 00:20 - 2012-09-15 16:25 - 00003768 _____ () F:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-27 04:35 - 2012-09-14 18:09 - 00000000 ____D () F:\Program Files (x86)\Mozilla Maintenance Service
2015-02-24 22:33 - 2014-12-09 21:29 - 00000000 ____D () F:\Program Files (x86)\Mozilla Firefox
2015-02-18 00:39 - 2014-03-30 15:24 - 00000000 ____D () F:\Program Files (x86)\Diablo III
2015-02-10 00:54 - 2009-07-13 23:09 - 00000000 ____D () F:\Windows\System32\Tasks\WPD
2015-02-10 00:51 - 2013-01-06 04:31 - 00000000 ____D () F:\ProgramData\TEMP
2015-02-10 00:23 - 2013-05-22 07:15 - 00000000 ____D () F:\Users\Nick\AppData\Local\CAPCOM
2015-02-09 19:05 - 2012-12-12 14:29 - 00007649 _____ () F:\Users\Nick\AppData\Local\resmon.resmoncfg
2015-02-07 19:05 - 2013-01-24 20:27 - 00000000 ____D () F:\Users\Nick\AppData\Roaming\Tibia
2015-02-05 00:32 - 2012-12-26 03:10 - 00003894 _____ () F:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 00:32 - 2012-12-26 03:10 - 00003642 _____ () F:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== Files in the root of some directories =======
 
2012-12-16 02:12 - 2014-11-08 19:01 - 0000132 _____ () F:\Users\Nick\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-04-10 18:39 - 2015-03-04 00:32 - 0015872 _____ () F:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-14 17:57 - 2014-10-14 17:57 - 0000841 _____ () F:\Users\Nick\AppData\Local\recently-used.xbel
2012-12-12 14:29 - 2015-02-09 19:05 - 0007649 _____ () F:\Users\Nick\AppData\Local\resmon.resmoncfg
2013-02-09 21:06 - 2013-02-09 21:06 - 0259360 _____ () F:\ProgramData\1360458300.bdinstall.bin
2013-02-09 21:22 - 2013-02-09 21:22 - 0515289 _____ () F:\ProgramData\1360465936.bdinstall.bin
2013-09-18 06:31 - 2013-09-18 06:32 - 0002854 _____ () F:\ProgramData\1379507499.1268.bin
2013-09-18 06:31 - 2013-09-18 06:36 - 0023654 _____ () F:\ProgramData\1379507499.3204.bin
2013-09-18 06:31 - 2013-09-18 06:31 - 0000879 _____ () F:\ProgramData\1379507499.5640.bin
2013-09-18 06:31 - 2013-09-18 06:35 - 0092202 _____ () F:\ProgramData\1379507499.640.bin
2013-10-03 14:47 - 2013-10-03 14:48 - 0113050 _____ () F:\ProgramData\1380833193.5388.bin
2013-10-03 14:46 - 2013-10-03 14:48 - 0010101 _____ () F:\ProgramData\1380833193.7360.bin
2013-10-03 14:46 - 2013-10-03 14:48 - 0101772 _____ () F:\ProgramData\1380833193.8896.bin
2013-10-03 14:46 - 2013-10-03 14:47 - 0001945 _____ () F:\ProgramData\1380833193.9036.bin
2013-10-02 06:19 - 2013-10-02 06:19 - 0000057 _____ () F:\ProgramData\Ament.ini
2013-12-21 22:50 - 2013-12-21 22:53 - 0000007 _____ () F:\ProgramData\ctpN.tst
 
Some content of TEMP:
====================
F:\Users\Nick\AppData\Local\Temp\vlc-2.1.5-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
F:\Windows\System32\winlogon.exe => File is digitally signed
F:\Windows\System32\wininit.exe => File is digitally signed
F:\Windows\SysWOW64\wininit.exe => File is digitally signed
F:\Windows\explorer.exe => File is digitally signed
F:\Windows\SysWOW64\explorer.exe => File is digitally signed
F:\Windows\System32\svchost.exe => File is digitally signed
F:\Windows\SysWOW64\svchost.exe => File is digitally signed
F:\Windows\System32\services.exe => File is digitally signed
F:\Windows\System32\User32.dll => File is digitally signed
F:\Windows\SysWOW64\User32.dll => File is digitally signed
F:\Windows\System32\userinit.exe => File is digitally signed
F:\Windows\SysWOW64\userinit.exe => File is digitally signed
F:\Windows\System32\rpcss.dll => File is digitally signed
F:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-05 03:53
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Nick at 2015-03-05 21:04:51
Running from F:\Users\Nick\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\uTorrent) (Version: 3.4.2.38758 - BitTorrent Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8789EB72-635E-4A91-95DB-3FC11CBE7725}) (Version: 0.8.7.3066 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.0.0316.0317 - DT Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
ElfBot NG 4.5.9 (HKLM-x32\...\ElfBot NG_is1) (Version:  - NGSoft, LLC)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
FrostWire 6.0.3 (HKLM-x32\...\FrostWire 6) (Version: 6.0.3.1 - FrostWire LLC)
FTL version 1.03.1 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.03.1 - Subset Games)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
IPVanish (x32 Version: 2.0.5507.29332 - IPVanish.com) Hidden
IPVanish VPN (HKLM-x32\...\{072f0988-e40d-45d9-b85b-9c68bb7c31fe}) (Version: 2.0.5507.29332 - IPVanish.com)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KeyboardTest V3.0 (HKLM-x32\...\KeyboardTest_is1) (Version:  - PassMark Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 7.5 (HKLM-x32\...\{160479AF-4A05-4EE5-B3E7-1625227567EB}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 en-US)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NewsBin Pro (HKLM-x32\...\NewsBin5) (Version: 5.50 - DJI Interprises, LLC)
NewsLeecher v4.0 Final (HKLM-x32\...\NewsLeecher_is1) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenTTD 1.4.4 (HKLM-x32\...\OpenTTD) (Version: 1.4.4 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2142 - Electronic Arts, Inc.)
PeerBlock 1.1+ (r677) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.677 - PeerBlock, LLC)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Play withSIX (HKLM-x32\...\{310CC2FA-5EC5-48B6-BB31-5551B78449BA}) (Version: 1.00.0214 - SIX Networks)
Popcorn Time (HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Popcorn Time) (Version:  - Popcorn Official)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version:  - Lukewarm Media)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
rebox.NET 1.9.5.0 (HKLM-x32\...\rebox.NET 1.9.5.0) (Version: 1.9.5.0 - clone.AD)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Rocketfish HD Webcam Pro Driver (1.00.06.00) (HKLM\...\Rocketfish VF0740) (Version:  - Rocketfish)
Rocketfish Live! Central (HKLM-x32\...\Rocketfish Live! Central) (Version: 2.01.05 - Creative Technology Ltd)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
SABnzbd 0.7.6 (HKLM-x32\...\SABnzbd) (Version: 0.7.6 - The SABnzbd Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
SuperNZB v4.0.8 (HKLM-x32\...\SuperNZB_is1) (Version:  - )
System Requirements Lab Detection (HKLM-x32\...\{53086D2B-A6DE-41A9-B52D-254A5FE55DB7}) (Version: 6.1.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Tibia (HKLM-x32\...\Tibia_is1) (Version: 9.82 - CipSoft GmbH)
TS3 Admin Tool Beta 3 (HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\9415a935419c1e66) (Version: 1.0.0.1 - TS3 Admin Tool Beta 3)
Unclaimed World (HKLM-x32\...\Steam App 284100) (Version:  - Refactored Games OÜ)
Unified Remote (HKLM-x32\...\{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}) (Version: 2.14.2.0 - Unified Remote)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1786869451-626087546-234629033-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> F:\Users\Nick\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1786869451-626087546-234629033-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> F:\Users\Nick\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1786869451-626087546-234629033-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> F:\Users\Nick\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1786869451-626087546-234629033-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> F:\Users\Nick\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
28-02-2015 00:00:01 Scheduled Checkpoint
28-02-2015 01:31:54 IPVanish VPN
28-02-2015 01:32:12 IPVanish VPN
28-02-2015 19:13:30 Removed Respondus LockDown Browser
01-03-2015 21:20:30 Installed DirectX
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A F:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0B51A53B-A7EE-4C6D-9B28-AB42C830B23D} - System32\Tasks\avast! Emergency Update => C:\Program Files (x86)\Avast\AvastEmUpdate.exe [2014-12-01] (AVAST Software)
Task: {2608643A-3EEE-4EE5-9906-32264486D5E2} - System32\Tasks\Apple\AppleSoftwareUpdate => F:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {276DC061-90ED-4AAB-9583-B20C7B1B2111} - System32\Tasks\{73EBA138-44DB-4AF2-A666-7A4BBADAD963} => Firefox.exe http://ui.skype.com/...all?page=tsMain
Task: {3C82D74B-8C59-4671-8E5C-64BD338BA541} - System32\Tasks\ProPCCleaner_Start => F:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {47864A8D-D2F4-4476-90D8-6BE305FE06C1} - System32\Tasks\CCleanerSkipUAC => F:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {4FF9F8F0-87FB-4DFE-9F80-27F477B09384} - System32\Tasks\ProPCCleaner_Popup => F:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {660ACF77-DA7C-437C-AF44-C34F80CFD491} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9C063AD9-43DC-4BB1-ADEA-93986281CC49} - System32\Tasks\GoogleUpdateTaskMachineUA => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {A28E2E8B-AE7F-49D0-A968-CA3DF62C6AE2} - System32\Tasks\{FDFF514C-371F-4972-81C8-2B59B3F58937} => pcalua.exe -a F:\Users\Nick\Downloads\chromeinstall-8u25.exe -d F:\Users\Nick\Downloads
Task: {B01F2F52-D20A-4F24-BA7C-A8CA9BB44F1C} - System32\Tasks\Adobe Flash Player Updater => F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-28] (Adobe Systems Incorporated)
Task: {B9C1FA15-3B79-4EB2-86A0-C2CA7197120A} - System32\Tasks\GoogleUpdateTaskMachineCore => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-26] (Google Inc.)
Task: {BA74772F-D42C-47A2-BFC7-32130E5BC8C3} - System32\Tasks\IPVanish => B:\IPVanishVPN\ElevateClient.exe
Task: {BAA29F80-3B0F-4AB6-A488-6DEC70ACF793} - System32\Tasks\AutoKMS => F:\Windows\AutoKMS.exe
Task: F:\Windows\Tasks\Adobe Flash Player Updater.job => F:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: F:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: F:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => F:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () F:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () F:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () F:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2010-04-30 19:27 - 2009-08-05 23:00 - 05497856 _____ () C:\Users\Nick\Documents\xampp\mysql\bin\mysqld.exe
2013-11-29 11:52 - 2014-01-30 18:39 - 00076888 _____ () F:\Windows\SysWOW64\PnkBstrA.exe
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () F:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-12-01 23:45 - 2014-12-01 23:45 - 00301152 _____ () C:\Program Files (x86)\Avast\aswProperty.dll
2015-01-19 19:15 - 2015-01-19 19:15 - 02911744 _____ () C:\Program Files (x86)\Avast\defs\15011901\algo.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () F:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () F:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-02 12:09 - 2012-06-17 11:20 - 00061440 _____ () F:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2014-12-01 23:45 - 2014-12-01 23:45 - 19329904 _____ () C:\Program Files (x86)\Avast\libcef.dll
2013-03-12 16:10 - 2014-11-11 12:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 16:15 - 2014-12-01 18:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 16:15 - 2014-12-01 18:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 16:15 - 2014-12-01 18:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 14:20 - 2015-02-18 17:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 23:26 - 2014-12-01 15:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 23:26 - 2014-12-01 15:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 23:26 - 2014-12-01 15:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 23:26 - 2014-12-01 15:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 23:26 - 2014-12-01 15:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2011-07-12 21:05 - 2015-02-18 17:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2010-07-21 01:02 - 2015-01-27 19:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-14 19:26 - 2015-01-27 19:30 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-02-19 18:38 - 2015-02-17 16:44 - 01117512 _____ () F:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-19 18:38 - 2015-02-17 16:44 - 00211272 _____ () F:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-19 18:38 - 2015-02-17 16:44 - 09171272 _____ () F:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2011-12-03 21:55 - 2014-04-25 13:02 - 00086840 _____ () C:\Program Files (x86)\Vuze\aereg.dll
2015-02-19 18:38 - 2015-02-17 16:44 - 14965064 _____ () F:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: F:\ProgramData\TEMP:47E35D9B
AlternateDataStreams: F:\ProgramData\TEMP:6BE50C2B
AlternateDataStreams: F:\ProgramData\TEMP:BC359956
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1786869451-626087546-234629033-1000\Control Panel\Desktop\\Wallpaper -> F:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Apache2.2 => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fsssvc => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WMZuneComm => 3
MSCONFIG\Services: ZuneNetworkSvc => 3
MSCONFIG\Services: ZuneWlanCfgSvc => 3
MSCONFIG\startupfolder: F:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => F:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: F:^Users^Nick^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => F:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: BlueStacks Agent => F:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: fssui => "F:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
MSCONFIG\startupreg: Raptr => F:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Unified Remote v2 => F:\Program Files (x86)\Unified Remote\RemoteServer.exe
MSCONFIG\startupreg: Zune Launcher => "F:\Program Files\Zune\ZuneLauncher.exe"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1786869451-626087546-234629033-500 - Administrator - Disabled)
Guest (S-1-5-21-1786869451-626087546-234629033-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1786869451-626087546-234629033-1003 - Limited - Enabled)
Nick (S-1-5-21-1786869451-626087546-234629033-1000 - Administrator - Enabled) => F:\Users\Nick
 
==================== Faulty Device Manager Devices =============
 
Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/04/2015 08:39:07 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (03/04/2015 07:40:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/04/2015 07:20:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/02/2015 06:17:14 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (03/01/2015 06:48:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (03/01/2015 06:46:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/01/2015 06:44:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program csgo.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a30
 
Start Time: 01d0547c18d5c11e
 
Termination Time: 30
 
Application Path: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
 
Report Id:
 
Error: (03/01/2015 06:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.0.5531, time stamp: 0x54eb029a
Faulting module name: mozalloc.dll, version: 36.0.0.5531, time stamp: 0x54eaf3b7
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x1160
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
 
Error: (03/01/2015 06:01:21 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (02/28/2015 06:15:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (03/04/2015 07:40:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (03/04/2015 07:39:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.
 
Error: (03/04/2015 07:39:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
%%3
 
Error: (03/04/2015 07:26:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Multimedia Class Scheduler service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/04/2015 07:20:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (03/04/2015 07:19:34 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084SkypeUpdate/ComService{CC957078-B838-47C4-A7CF-626E7A82FC58}
 
Error: (03/04/2015 07:18:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (03/04/2015 07:18:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (03/04/2015 07:18:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (03/04/2015 07:18:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
 
Microsoft Office Sessions:
=========================
Error: (03/04/2015 08:39:07 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (03/04/2015 07:40:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/04/2015 07:20:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/02/2015 06:17:14 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (03/01/2015 06:48:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (03/01/2015 06:46:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/01/2015 06:44:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: csgo.exe0.0.0.01a3001d0547c18d5c11e30C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
 
Error: (03/01/2015 06:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e02116001d053b5a80dba67F:\Program Files (x86)\Mozilla Firefox\plugin-container.exeF:\Program Files (x86)\Mozilla Firefox\mozalloc.dll66916958-c071-11e4-b8ff-50e549b51f5c
 
Error: (03/01/2015 06:01:21 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
 
Error: (02/28/2015 06:15:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X6 1100T Processor
Percentage of memory in use: 27%
Total physical RAM: 16381.34 MB
Available physical RAM: 11816.79 MB
Total Pagefile: 32760.86 MB
Available Pagefile: 27832.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive b: (B) (Fixed) (Total:1863.01 GB) (Free:1513.85 GB) NTFS
Drive c: () (Fixed) (Total:390.63 GB) (Free:34.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:75.13 GB) (Free:9.3 GB) NTFS
Drive f: (SSD) (Fixed) (Total:167.68 GB) (Free:25.68 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 193CDA7B)
Partition 1: (Not Active) - (Size=167.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DB84BCE3)
Partition 1: (Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=75.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: FCC0ED46)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#4
zep516
Posted 05 March 2015 - 09:52 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts

Hello,

 

Not seeing much, basic clean up.

 

From a security stand point your Avast is out of date.

I have also noticed in your log file you are using µTorrent,Vuze,FrostWire 6.0.3. P2P program. We at Geeks to go ! Recommend removing these type of programs, they are a known cause of Malware infections. When you use file sharing programs like this you can never be sure of the file content and you are put at a much greater risk for infection. I strongly recommend you remove these programs.

 

Next

Please "Move" farber (FRST) to the desktop, it's currently running from--> Running from F:\Users\Nick\Downloads

 

To do that:

  • Navagate to your downloads folder--> F:\Users\Nick\Downloads
  • In the downloads folder find FRST (Farber recovery scan tool)
  • Right click on it,Choose cut.
  • Go back to the desktop.
  • On an empty space right click, choose paste.
  • Farber will now have been successfully moved to desktop.

 

No need to do another scan, you may run the fix below now:

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
CloseProcesses:
CreateRestorePoint:
AlternateDataStreams: F:\ProgramData\TEMP:47E35D9B
AlternateDataStreams: F:\ProgramData\TEMP:6BE50C2B
AlternateDataStreams: F:\ProgramData\TEMP:BC359956
S2 AODDriver4.2.0; \??\F:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
FF Plugin HKU\S-1-5-21-1786869451-626087546-234629033-1000: ubisoft.com/uplaypc -> F:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> F:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: I - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: {09120ba3-0cbf-11e2-80eb-50e549b51f5c} - H:\setup.exe -a
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: {a6592c01-feca-11e1-b396-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-1786869451-626087546-234629033-1000\...\MountPoints2: {b8eef8f2-31d5-11e2-a026-50e549b51f5c} - G:\setup.exe
Task: {3C82D74B-8C59-4671-8E5C-64BD338BA541} - System32\Tasks\ProPCCleaner_Start => F:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {4FF9F8F0-87FB-4DFE-9F80-27F477B09384} - System32\Tasks\ProPCCleaner_Popup => F:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end

Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.


Next

Please download Malwarebytes Anti-Malwareto your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Post that log.

 

In your next reply post:
1- Fixlog.txt, that log will be found on the desktop.
2- Malwarebytes log report.


  • 0

#5
zep516
Posted 29 March 2015 - 11:39 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP