Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Extremely bogged down system, browser issues, performance overall [Clo

Performance browsers

  • This topic is locked This topic is locked

#1
Ategenos

Ategenos

    Member

  • Member
  • PipPip
  • 63 posts

Yall have been such great help in the past that I am back. I'm having a whole lot of issues. My system is just really acting poorly in performance like it's moving through quicksand. My internet browsers run slow as can be no matter which one I use. Usually I have to stop a page from loading and reload to get it to go. I'm also a WOW gamer and after being logged on for a certain amount of time I start getting serious frame rate lag to the point I need to relog. When I do it takes FOREVER to close the game. Normally it takes seconds. But ya it's just really acting really crappy if anyone would be willign to take a look see I'd greatly appreciate it. I've tried Avast, CCleaner and Iobit Advanced system care, check my drivers with driver booster and I cannot figure it out. Thank you again.

 

Sincerely,

AO3 Palmer, TY USN


Edited by Ategenos, 26 March 2015 - 02:59 PM.

  • 0

Advertisements


#2
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Please Click here!, and follow the recommendations in the guide.

Someone will be along to tell you what steps to take after you post the contents of the scan results.
  • 0

#3
Ategenos

Ategenos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts

ok thank you kindly.


  • 0

#4
Ategenos

Ategenos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by [bleep] Jones (administrator) on MOTHER[bleep]ERJON on 29-03-2015 13:58:06
Running from C:\Users\[bleep] Jones\Downloads
Loaded Profiles: [bleep] Jones (Available profiles: [bleep] Jones & Administrator)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Logitech©) C:\Program Files (x86)\Logitech\G930\G930.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Curse) C:\Users\[bleep] Jones\AppData\Local\Apps\2.0\OVL1M8M5.362\ZG529JZ6.B9H\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [uTorrent] => C:\Users\[bleep] Jones\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-27] (BitTorrent Inc.)
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Run: [uTorrent] => C:\Users\[bleep] Jones\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-27] (BitTorrent Inc.)
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\MountPoints2: {f9ebe1d4-cbf1-11e3-824c-806e6f6e6963} - "D:\setup.exe"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\avastSS.scr [43112 2015-03-13] (Avast Software s.r.o.)
Startup: C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://duckduckgo.com/
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-444016094-2512616490-1840167777-1001 -> DefaultScope {C0589868-7986-461D-90A3-6FD0FEFE78B4} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-444016094-2512616490-1840167777-1001 -> {C0589868-7986-461D-90A3-6FD0FEFE78B4} URL = https://search.yahoo...p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-02-27] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-13] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-13] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-444016094-2512616490-1840167777-1001 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
ShellExecuteHooks-x32:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\Firefox\Profiles\v61utz8k.default
FF SelectedSearchEngine: Yahoo!
FF Homepage: https://duckduckgo.com/
FF Keyword.URL: https://search.yahoo...&type=282369&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\[bleep] Jones\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @talk.google.com/O1DPlugin -> C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @tools.google.com/Google Update;version=3 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-444016094-2512616490-1840167777-1001: @tools.google.com/Google Update;version=9 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF user.js: detected! => C:\Users\[bleep] Jones\AppData\Roaming\Mozilla\Firefox\Profiles\v61utz8k.default\user.js [2015-03-02]
FF Plugin ProgramFiles/Appdata: C:\Users\[bleep] Jones\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\[bleep] Jones\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-06]

Chrome:
=======
CHR Profile: C:\Users\[bleep] Jones\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-13] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-19] (Microsoft Corporation)
S3 game assistant by-pass UAC; C:\Program Files (x86)\IObit\Game Assistant\gatsvc.exe [80728 2014-10-28] (IObit)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-03-05] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-10-10] (Realtek Semiconductor)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-03-05] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-13] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-13] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-13] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-13] ()
S3 cpuz138; No ImagePath
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-11-09] (DT Soft Ltd)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-13] (REALiX™)
S3 LADF_BakerCOnly; C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-03] ()
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29160 2014-07-15] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-14] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-01] (Basil Projects)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 13:58 - 2015-03-29 13:58 - 00016641 _____ () C:\Users\[bleep] Jones\Downloads\FRST.txt
2015-03-29 13:57 - 2015-03-29 13:58 - 00000000 ___DC () C:\FRST
2015-03-29 13:57 - 2015-03-29 13:57 - 02095616 _____ (Farbar) C:\Users\[bleep] Jones\Downloads\FRST64.exe
2015-03-29 13:55 - 2015-03-29 13:55 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Roaming\Curse Advertising
2015-03-29 13:54 - 2015-03-29 13:54 - 00000318 _____ () C:\Users\[bleep] Jones\Desktop\Curse Client.appref-ms
2015-03-29 13:54 - 2015-03-29 13:54 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-03-29 13:53 - 2015-03-29 13:55 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Local\Deployment
2015-03-29 13:53 - 2015-03-29 13:53 - 00402696 _____ () C:\Users\[bleep] Jones\Downloads\setup.exe
2015-03-29 13:50 - 2015-03-29 13:50 - 00002159 ____C () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-03-29 13:49 - 2015-02-03 18:00 - 00608072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-03-29 13:48 - 2015-03-29 13:48 - 00000000 ____D () C:\WINDOWS\LastGood
2015-03-29 13:47 - 2015-02-03 21:56 - 31515280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 24198856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 22993224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 18634072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 17559432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 16128576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 15294280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 14497568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 13916280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 13828032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 12894024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-03-29 13:47 - 2015-02-03 21:56 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 11209192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 04244680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 03987600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 03209736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 02823992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 00944328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 00907464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 00902344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 00870032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-03-29 13:47 - 2015-02-03 21:56 - 00026155 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-03-29 13:46 - 2015-03-29 13:46 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-29 13:46 - 2015-03-29 13:46 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-03-25 20:23 - 2015-02-03 20:21 - 06782152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-03-25 20:23 - 2015-02-03 20:21 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-03-25 20:21 - 2015-03-25 20:21 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2015-03-25 13:04 - 2015-03-25 13:09 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Let Us Prey (2014) [1080p]
2015-03-25 13:03 - 2015-03-26 02:14 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Stretch (2014) [1080p]
2015-03-22 06:29 - 2015-03-29 13:47 - 01141816 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-22 00:04 - 2015-03-22 00:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-21 10:25 - 2015-03-21 10:25 - 00000000 ___HC () C:\asc_rdflag
2015-03-19 11:12 - 2015-03-19 11:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ProductData
2015-03-17 01:30 - 2015-03-17 03:06 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Interstellar (2014) (2014) [1080p]
2015-03-15 04:09 - 2015-03-14 03:35 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-15 04:09 - 2015-03-14 03:35 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-15 04:07 - 2015-03-21 10:25 - 85368832 _____ () C:\WINDOWS\system32\config\SOFTWARE.iodefrag
2015-03-15 04:07 - 2015-03-21 10:25 - 00274432 _____ () C:\WINDOWS\system32\config\DEFAULT.iodefrag
2015-03-15 04:07 - 2015-03-21 10:25 - 00065536 _____ () C:\WINDOWS\system32\config\SAM.iodefrag
2015-03-15 04:07 - 2015-03-21 10:25 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag
2015-03-14 12:09 - 2015-03-14 12:09 - 00233844 _____ () C:\Users\[bleep] Jones\Downloads\CollectMe-v2.7.1.zip
2015-03-14 03:44 - 2015-03-14 03:44 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-14 03:44 - 2015-03-14 03:44 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-14 03:44 - 2015-03-14 03:44 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-14 03:44 - 2015-03-14 03:44 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-14 03:43 - 2015-03-14 03:43 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-14 03:43 - 2015-03-14 03:43 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-14 03:42 - 2015-03-14 03:42 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-14 03:41 - 2015-03-14 03:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-14 03:41 - 2015-03-14 03:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-14 03:41 - 2015-03-14 03:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-14 03:40 - 2015-03-14 03:40 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-14 03:40 - 2015-03-14 03:40 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-14 03:39 - 2015-03-14 03:39 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-14 03:39 - 2015-03-14 03:39 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-14 03:39 - 2015-03-14 03:39 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-14 03:39 - 2015-03-14 03:39 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-14 03:39 - 2015-03-14 03:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-14 03:38 - 2015-03-14 03:38 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-14 03:38 - 2015-03-14 03:38 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-14 03:37 - 2015-03-14 03:37 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-14 03:37 - 2015-03-14 03:37 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-14 03:36 - 2015-03-14 03:36 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-14 03:36 - 2015-03-14 03:36 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-14 03:36 - 2015-03-14 03:36 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-14 03:35 - 2015-03-14 03:35 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-14 03:34 - 2015-03-14 03:34 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-14 03:34 - 2015-03-14 03:34 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-14 03:34 - 2015-03-14 03:34 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-14 03:34 - 2015-03-14 03:34 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-14 03:34 - 2015-03-14 03:34 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-14 03:34 - 2015-03-14 03:34 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-14 03:34 - 2015-03-14 03:34 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-14 03:34 - 2015-03-14 03:34 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-14 03:33 - 2015-03-14 03:33 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-14 03:33 - 2015-03-14 03:33 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-14 03:33 - 2015-03-14 03:33 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-14 03:33 - 2015-03-14 03:33 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-14 03:33 - 2015-03-14 03:33 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-14 03:33 - 2015-03-14 03:33 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-14 03:33 - 2015-03-14 03:33 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-14 03:33 - 2015-03-14 03:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-14 03:32 - 2015-03-14 03:32 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-14 03:32 - 2015-03-14 03:32 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-14 03:31 - 2015-03-14 03:31 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-14 03:31 - 2015-03-14 03:31 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-14 03:31 - 2015-03-14 03:31 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-14 03:30 - 2015-03-14 03:30 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-14 03:30 - 2015-03-14 03:30 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-14 03:30 - 2015-03-14 03:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-14 03:30 - 2015-03-14 03:30 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-14 03:29 - 2015-03-14 03:29 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-14 03:29 - 2015-03-14 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-13 12:59 - 2015-03-13 12:59 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-444016094-2512616490-1840167777-500
2015-03-13 12:55 - 2015-03-13 12:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVAST Software
2015-03-13 12:54 - 2015-03-13 12:54 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DAEMON Tools Pro
2015-03-13 12:54 - 2015-03-13 12:54 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2015-03-13 12:54 - 2015-03-13 12:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2015-03-13 12:53 - 2015-03-13 12:59 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\IObit
2015-03-13 12:53 - 2015-03-13 12:55 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-03-13 12:53 - 2015-03-13 12:53 - 00001442 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-13 12:53 - 2015-03-13 12:53 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2015-03-13 12:53 - 2015-03-13 12:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2015-03-13 12:53 - 2015-03-13 12:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA
2015-03-13 12:53 - 2015-03-13 12:53 - 00000000 ____D () C:\Users\Administrator
2015-03-13 12:53 - 2014-12-30 16:09 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2015-03-13 12:53 - 2014-11-19 05:37 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 12:53 - 2014-11-19 05:37 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-13 12:53 - 2014-11-19 05:37 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-13 12:53 - 2014-02-21 22:37 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-13 12:53 - 2014-02-21 22:37 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-13 12:53 - 2013-08-22 09:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-13 12:23 - 2015-03-13 12:23 - 00000993 _____ () C:\WINDOWS\unins000.dat
2015-03-13 12:23 - 2015-03-13 12:22 - 01180529 _____ () C:\WINDOWS\unins000.exe
2015-03-13 12:16 - 2015-03-17 11:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-13 12:16 - 2015-03-13 12:16 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00441728 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-03-13 12:16 - 2015-03-13 12:16 - 00268640 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-03-13 12:16 - 2015-03-13 12:16 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-03-13 12:16 - 2015-03-13 12:16 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-03-13 11:37 - 2015-03-13 11:46 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\avast! Pro Antivirus+Internet Security+Premier 2015 10.2.2214 incl Zenix Lic -=TEAM OS=-{HKRG}
2015-03-13 04:20 - 2015-03-13 04:28 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Into the Woods (2014) [1080p]
2015-03-13 04:18 - 2015-03-13 06:15 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Exodus Gods and Kings (2014) [1080p]
2015-03-13 04:17 - 2015-03-13 04:22 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\A Bug's Life (1998) [1080p]
2015-03-11 23:24 - 2015-03-11 23:24 - 00138199 _____ () C:\Users\[bleep] Jones\Downloads\ThogarHelper_v1.6.zip
2015-03-10 11:33 - 2015-03-10 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2015-03-10 10:09 - 2015-03-10 10:11 - 09389104 _____ (IObit ) C:\Users\[bleep] Jones\Downloads\startmenu-setup.exe
2015-03-08 20:45 - 2015-03-08 20:45 - 00000000 ____H () C:\Users\[bleep] Jones\Documents\Default.rdp
2015-03-08 20:40 - 2015-03-08 21:00 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Blood In Blood Out (1993) DivXNL-Team inc NL Subs
2015-03-08 14:10 - 2015-03-08 14:41 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Brave (2012)
2015-03-08 00:42 - 2015-03-08 11:49 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\American Me 1992 DvDrip[Eng]-greenbud1969
2015-03-07 16:13 - 2015-03-07 16:13 - 00006148 ___HC () C:\Users\Public\Documents\.DS_Store
2015-03-07 16:10 - 2015-03-07 16:13 - 00010244 ____H () C:\Users\Public\.DS_Store
2015-03-07 15:04 - 2015-03-07 16:10 - 00000000 ____D () C:\Users\Public\Bones
2015-03-06 00:22 - 2015-03-06 00:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-04 21:53 - 2015-03-04 21:53 - 00001288 _____ () C:\Users\[bleep] Jones\Desktop\Smart RAM.lnk
2015-03-04 18:27 - 2015-03-04 18:27 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-04 18:27 - 2015-03-04 18:27 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-04 12:25 - 2015-03-04 12:42 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\The.Hobbit.Battle.Of.The.Five.Armies.2014.1080p.WEBRip.x264-tomcat12[ETRG]
2015-03-02 21:47 - 2015-03-02 22:37 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Foxcatcher (2014)
2015-03-01 11:18 - 2015-03-01 11:22 - 00003858 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2015-02-27 14:59 - 2015-03-06 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-27 14:59 - 2015-02-27 14:59 - 00000000 ____D () C:\Program Files\iPod
2015-02-27 14:50 - 2015-02-27 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-27 12:46 - 2015-02-27 12:46 - 00000917 _____ () C:\Users\[bleep] Jones\Desktop\µTorrent.lnk
2015-02-27 12:46 - 2015-02-27 12:46 - 00000897 _____ () C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-02-27 12:02 - 2015-02-27 12:02 - 00003192 _____ () C:\WINDOWS\System32\Tasks\ASC8_PerformanceMonitor
2015-02-27 11:59 - 2015-03-21 02:48 - 00000300 _____ () C:\WINDOWS\Tasks\ASC8_SkipUac_Mother[bleep]er Jones.job
2015-02-27 11:59 - 2015-02-27 11:59 - 00002426 _____ () C:\WINDOWS\System32\Tasks\ASC8_SkipUac_Mother[bleep]er Jones
2015-02-27 11:59 - 2015-02-27 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-02-27 11:42 - 2015-02-27 11:42 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-02-27 11:31 - 2015-02-27 11:33 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\IObit Advanced SystemCare PRO 8.0.3.588 Final Incl. Crack [ATOM]

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 13:55 - 2014-05-19 19:30 - 00000000 ___DC () C:\Program Files (x86)\World of Warcraft
2015-03-29 13:55 - 2014-04-24 15:18 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-444016094-2512616490-1840167777-1001
2015-03-29 13:53 - 2014-05-19 19:53 - 00000000 ___DC () C:\Users\[bleep] Jones\AppData\Local\._LiveCode_
2015-03-29 13:50 - 2014-04-24 16:04 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-29 13:50 - 2013-12-10 11:07 - 00000000 ___DC () C:\temp
2015-03-29 13:49 - 2014-11-10 00:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-29 13:49 - 2014-04-24 15:19 - 00000000 ___DC () C:\Program Files (x86)\NVIDIA Corporation
2015-03-29 13:48 - 2014-05-19 19:30 - 00000000 ___DC () C:\Users\[bleep] Jones\AppData\Local\Battle.net
2015-03-29 13:02 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-29 10:56 - 2014-11-10 00:45 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-29 10:53 - 2015-01-13 12:20 - 00002880 _____ () C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC ([bleep] Jones)
2015-03-29 10:52 - 2014-11-12 12:05 - 00000000 ___DO () C:\Users\[bleep] Jones\OneDrive
2015-03-29 10:51 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-29 03:22 - 2013-08-22 07:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-28 10:46 - 2014-04-27 12:39 - 00000000 ___DC () C:\Program Files (x86)\Steam
2015-03-27 00:03 - 2014-04-24 15:34 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Roaming\uTorrent
2015-03-26 00:32 - 2014-11-23 14:35 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Roaming\Mumble
2015-03-26 00:23 - 2014-05-03 10:48 - 00000000 ___DC () C:\Users\[bleep] Jones\AppData\Local\CrashDumps
2015-03-24 14:35 - 2015-02-03 12:25 - 00000000 ____D () C:\Users\[bleep] Jones\Desktop\memes
2015-03-24 14:25 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-24 14:20 - 2014-04-24 15:13 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Local\Packages
2015-03-24 01:46 - 2014-11-10 00:27 - 00000000 ____D () C:\Users\[bleep] Jones
2015-03-23 23:07 - 2014-04-24 15:42 - 00000000 ___DC () C:\ProgramData\ProductData
2015-03-22 20:06 - 2014-12-02 16:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-22 03:23 - 2014-07-14 11:46 - 00000000 ___DC () C:\Program Files (x86)\CCleaner
2015-03-21 10:25 - 2014-11-13 13:27 - 04943872 _____ () C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2015-03-21 10:25 - 2014-11-10 01:24 - 85368832 _____ () C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2015-03-21 10:25 - 2014-11-10 01:24 - 00274432 _____ () C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2015-03-21 10:25 - 2014-11-10 01:24 - 00065536 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak
2015-03-21 10:25 - 2014-11-10 01:24 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2015-03-20 22:31 - 2014-05-19 19:29 - 00000000 ___DC () C:\Program Files (x86)\Battle.net
2015-03-20 11:39 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-18 11:30 - 2014-07-18 21:37 - 00000830 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-17 19:11 - 2014-07-18 21:37 - 00003720 ____C () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-15 04:09 - 2013-08-22 08:44 - 00486336 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-15 03:49 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-15 03:49 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-15 03:49 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-15 03:49 - 2013-08-22 09:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-15 03:49 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-15 03:49 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-15 03:49 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-15 03:48 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-14 03:45 - 2013-08-22 09:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-13 12:24 - 2015-02-06 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-10 11:33 - 2014-04-24 15:41 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Roaming\IObit
2015-03-08 17:54 - 2014-12-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2015-03-08 15:37 - 2014-12-01 17:20 - 00000000 ____D () C:\Program Files\KMSpico
2015-03-06 00:22 - 2015-01-29 21:49 - 00000000 ____D () C:\Program Files\iTunes
2015-03-06 00:22 - 2014-05-05 18:02 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2015-03-04 18:15 - 2014-12-01 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-04 18:15 - 2014-12-01 18:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-04 18:15 - 2014-12-01 18:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-04 12:41 - 2015-01-06 15:30 - 742194356 _____ () C:\Users\[bleep] Jones\Downloads\Enter.the.Void.2009.BluRay.REMUX.1080p.mkv
2015-03-03 16:11 - 2015-01-09 15:03 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\Mark Ronson - Uptown Funk (feat. Bruno Mars) - Single
2015-03-03 10:09 - 2014-04-24 15:41 - 00000000 ___DC () C:\Program Files (x86)\IObit
2015-03-01 16:27 - 2014-04-24 15:42 - 00000000 ____D () C:\Users\[bleep] Jones\AppData\Roaming\Apple Computer
2015-03-01 11:22 - 2014-08-05 18:42 - 00003690 ____C () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series
2015-03-01 11:19 - 2015-02-03 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2015-02-27 14:59 - 2014-10-18 13:10 - 00000000 ___DC () C:\Program Files (x86)\iTunes
2015-02-27 12:38 - 2014-09-30 22:15 - 00001012 ____C () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA.job
2015-02-27 12:38 - 2014-09-30 22:15 - 00000990 ____C () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core.job
2015-02-27 12:27 - 2014-12-01 17:20 - 00003826 _____ () C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2015-02-27 12:27 - 2014-09-30 22:15 - 00003992 ____C () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA
2015-02-27 12:27 - 2014-09-30 22:15 - 00003642 ____C () C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core
2015-02-27 12:27 - 2014-07-12 02:54 - 00003188 _____ () C:\WINDOWS\System32\Tasks\Game_Booster_AutoUpdate
2015-02-27 11:42 - 2014-04-24 15:41 - 00000000 ___DC () C:\ProgramData\IObit
2015-02-27 02:15 - 2015-02-26 21:59 - 00000000 ____D () C:\Users\[bleep] Jones\Downloads\American Heist (2014)

==================== Files in the root of some directories =======

2015-02-04 19:27 - 2015-02-04 19:27 - 0000017 _____ () C:\Users\[bleep] Jones\AppData\Local\resmon.resmoncfg
2014-12-01 18:06 - 2014-12-01 18:06 - 0480144 _____ () C:\ProgramData\1417478495.bdinstall.bin
2014-12-02 16:18 - 2014-12-02 16:18 - 0487885 _____ () C:\ProgramData\1417558607.bdinstall.bin
2014-12-02 16:35 - 2014-12-02 16:35 - 0265645 _____ () C:\ProgramData\1417559654.bdinstall.bin
2014-08-05 18:41 - 2014-08-05 18:41 - 0000057 ____C () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-29 11:18

==================== End Of Log ============================


Edited by Ategenos, 29 March 2015 - 02:04 PM.

  • 0

#5
Ategenos

Ategenos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by [bleep] Jones at 2015-03-29 13:59:03
Running from C:\Users\[bleep] Jones\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast License by ZeNiX [2014-03-14] (HKLM-x32\...\Avast_2050_ZeNiX [2014-03-14]_is1) (Version:  - )
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Curse Client (HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Game Assistant 2 Beta (HKLM-x32\...\GameAssistant_is1) (Version: 2.0 - IObit)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{6457BD83-98CF-4267-93D7-F173FF3E7C25}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Product Improvement Study (HKLM\...\{5FB5B723-6B6E-45ED-BA73-F264D52AF916}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IObit Apps Toolbar v9.4 (HKLM-x32\...\{5FACD482-8CE2-41D5-B05F-9EE67D21ECE7}) (Version: 9.4 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Logitech G930 (HKLM\...\{91C4D79C-3579-48E8-ADFA-8818042AEB73}) (Version: 1.0.364 - Logitech)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.13.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
SlingPlayer for Web (HKLM-x32\...\{46994DA0-6572-4A02-9354-FC49ACE8C104}) (Version: 2.4.089 - Sling Media)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
SMPlayer 14.3.0 (HKLM-x32\...\SMPlayer) (Version: 14.3.0 - Ricardo Villalba)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.1.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{4a44fbf2-69ce-4a7f-b93d-510103af14db}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-444016094-2512616490-1840167777-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\[bleep] Jones\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

23-02-2015 03:57:38 Windows Modules Installer
04-03-2015 18:26:31 Windows Modules Installer
13-03-2015 12:15:19 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ___AC C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16E0661B-ABEC-401D-A67B-8BC1BA1DB966} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {1C66FBD5-9227-4C28-816D-9A08BBD041A3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-13] (Avast Software s.r.o.)
Task: {3049821B-D5AA-4C3D-BDE0-C84302B8D0F7} - System32\Tasks\ASC8_SkipUac_Mother[bleep]er Jones => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-07] (IObit)
Task: {383A2028-697D-4417-AF34-A9D75B5687F3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {4F2F21A6-AF66-48EC-982E-E351504B1AC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {5563739F-4EEB-41B0-8DB4-908739505F4F} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {5C8CB1E0-FC20-442E-985C-F160A67F1C1F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {62427079-CD92-45C4-9AA4-C3AC56C6E551} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-07] (IObit)
Task: {726DA86D-5BCA-405E-A7D1-A8B557461C7A} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-03] (IObit)
Task: {73023F17-6F41-4FD8-8864-784B9741B13C} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-07-12] ()
Task: {86500E74-C911-439D-B3D1-D8D33B91EEFE} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-04-24] ()
Task: {9F611BB3-4971-4A49-BB44-37590BE131B8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-30] (Facebook Inc.)
Task: {A4B1B35D-6133-4439-AF46-1428DDB0AC9A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit)
Task: {A4CFA5AD-C3FE-449B-9717-8B9A2876388B} - System32\Tasks\Driver Booster SkipUAC ([bleep] Jones) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {C56D6183-F782-4431-9EF8-506AE916A881} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CFB0EE10-6F24-4660-BF1D-CAA1B1234E17} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {E79720CC-2D33-40CB-9B15-EDEF0E63BBD0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-17] (Adobe Systems Incorporated)
Task: {F1887C98-030D-4B1C-B769-33C28A72FF73} - System32\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {F26B57BA-002E-4E9D-84CC-420E3402FD84} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {FF5EA5FD-2399-47B1-9FDA-7BE5099E9F68} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-30] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Mother[bleep]er Jones.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001Core.job => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-444016094-2512616490-1840167777-1001UA.job => C:\Users\[bleep] Jones\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Mother[bleep]er_Jones.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 ____C () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 ____C () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-02-27 11:59 - 2014-07-11 17:04 - 01106720 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
2014-11-10 00:24 - 2015-02-03 20:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-29 13:54 - 2015-03-29 13:54 - 00016384 ____C () C:\Users\[bleep] Jones\AppData\Local\Apps\2.0\OVL1M8M5.362\ZG529JZ6.B9H\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
2015-03-29 13:54 - 2015-03-29 13:54 - 00035840 ____C () C:\Users\[bleep] Jones\AppData\Local\Apps\2.0\OVL1M8M5.362\ZG529JZ6.B9H\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
2015-02-27 11:59 - 2013-10-25 13:08 - 00517408 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-03-13 12:16 - 2015-03-13 12:16 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-13 12:16 - 2015-03-13 12:16 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-28 13:47 - 2015-03-28 13:47 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15032801\algo.dll
2015-03-29 10:52 - 2015-03-29 10:52 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15032901\algo.dll
2014-04-24 15:42 - 2014-10-16 11:26 - 00622880 ____C () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-02-27 11:59 - 2013-01-15 19:48 - 00348992 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-02-27 11:59 - 2013-01-15 19:48 - 00183616 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-02-27 11:59 - 2013-01-15 19:48 - 00051008 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-02-27 11:59 - 2014-10-16 11:26 - 00622880 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
2015-03-10 11:33 - 2015-03-05 15:34 - 00348960 ____C () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-03-10 11:33 - 2015-03-05 15:33 - 00180856 ____C () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-03-10 11:33 - 2015-03-05 15:34 - 00050976 ____C () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-03-10 11:33 - 2015-03-05 15:35 - 00268920 ____C () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-03-10 11:33 - 2015-03-05 15:34 - 00053024 ____C () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-03-10 11:33 - 2015-03-05 15:34 - 00622880 ____C () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2015-03-10 11:33 - 2015-03-05 15:36 - 00041248 ____C () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2015-02-27 11:59 - 2013-01-15 19:47 - 00893248 ____C () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-03-13 12:16 - 2015-03-13 12:16 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-13 12:16 - 2015-03-13 12:16 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-13 12:16 - 2015-03-13 12:16 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
2015-02-27 11:42 - 2013-01-15 19:48 - 00348992 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-02-27 11:42 - 2013-01-15 19:48 - 00183616 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-02-27 11:42 - 2013-01-15 19:48 - 00051008 ____C () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-11-09 18:51 - 2014-11-09 18:52 - 00107520 _____ () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\[bleep] Jones\OneDrive:ms-properties
AlternateDataStreams: C:\Users\[bleep] Jones\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-444016094-2512616490-1840167777-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\[bleep] Jones\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1 - 205.171.2.25

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
MSCONFIG\startupreg: BCSSync => "c:\program files (x86)\microsoft office\office14\bcssync.exe" /delayservices
MSCONFIG\startupreg: CCleaner Monitoring => "c:\program files (x86)\ccleaner\ccleaner64.exe" /monitor
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "c:\program files (x86)\daemon tools pro\dtagent.exe" -autorun
MSCONFIG\startupreg: HP Software Update => c:\program files (x86)\hp\hp software update\hpwuschd2.exe
MSCONFIG\startupreg: iTunesHelper =>
MSCONFIG\startupreg: Logitech G930 => c:\program files (x86)\logitech\g930\g930.exe
MSCONFIG\startupreg: Search Protection =>
MSCONFIG\startupreg: SearchProtection =>
MSCONFIG\startupreg: SearchSettings =>
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Logitech G930"
HKLM\...\StartupApproved\Run32: => "uTorrent"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - PrinterBitch.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - Print$tuff.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\StartupFolder: => "Logitech blank Product Registration.lnk"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "HP Deskjet 3050 J610 series (NET)"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-444016094-2512616490-1840167777-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Accounts: =============================

Administrator (S-1-5-21-444016094-2512616490-1840167777-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-444016094-2512616490-1840167777-501 - Limited - Enabled)
[bleep] Jones (S-1-5-21-444016094-2512616490-1840167777-1001 - Administrator - Enabled) => C:\Users\[bleep] Jones

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2015 10:55:36 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application


Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (03/29/2015 03:22:37 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/28/2015 10:51:28 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application


Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (03/27/2015 02:20:58 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application


Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)

Error: (03/27/2015 04:13:41 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 04:31:02 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application


Details:
    The volume change journal is being deleted.  (HRESULT : 0x8007049a) (0x8007049a)

Error: (03/26/2015 10:25:33 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 10:25:33 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 10:25:33 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 10:25:33 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid


System errors:
=============
Error: (03/29/2015 10:52:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/29/2015 10:51:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/29/2015 10:51:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/29/2015 10:51:47 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel DebugChannel. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (03/29/2015 10:51:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service failed to start due to the following error:
%%3

Error: (03/28/2015 10:51:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/28/2015 10:46:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/28/2015 10:46:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/28/2015 10:46:32 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel DebugChannel. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (03/28/2015 10:46:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (03/29/2015 10:55:36 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Context: Windows Application


Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)
C:\

Error: (03/29/2015 03:22:37 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/28/2015 10:51:28 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Context: Windows Application


Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)
C:\

Error: (03/27/2015 02:20:58 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Context: Windows Application


Details:
    The parameter is incorrect.  (HRESULT : 0x80070057) (0x80070057)
C:\

Error: (03/27/2015 04:13:41 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 04:31:02 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Context: Windows Application


Details:
    The volume change journal is being deleted.  (HRESULT : 0x8007049a) (0x8007049a)
C:\

Error: (03/26/2015 10:25:33 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 10:25:33 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 10:25:33 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid

Error: (03/26/2015 10:25:33 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: The handle is invalid


CodeIntegrity Errors:
===================================
  Date: 2015-02-06 10:04:17.123
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-05 13:53:42.215
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-04 05:38:03.702
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-02 11:10:38.098
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 11:19:17.547
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-31 09:59:35.015
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-30 10:00:09.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-29 10:20:06.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-28 10:55:07.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-27 10:47:25.309
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 24%
Total physical RAM: 7159.11 MB
Available physical RAM: 5398.71 MB
Total Pagefile: 8391.11 MB
Available Pagefile: 6137.07 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:217.02 GB) NTFS
Drive d: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2D883ED2)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#6
Ategenos

Ategenos

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts

the system was given to me


  • 0

#7
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
  • Note: The log can also be found in here: C:\AdwCleaner\

    Step 2: Malwarebytes

    Iconic_normal.png Please download Malwarebytes Anti-Malware to your desktop
    • Double-click mbam-setup-version.exe and follow the prompts to install the program.
    • At the end, be sure a check-mark is placed next to the following:
      • Enable free trial of Malwarebytes Anti-Malware Premium
      • Launch Malwarebytes Anti-Malware
    • Then click Finish.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
    • Reboot your computer if prompted.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

    The log is available throughout History ->Application logs. Please post it contents in your next reply.

    Step 3: Junkware Removal Tool

    thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Step 4: FRST Scan
    • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
    • Click Scan to start FRST.
    • When FRST finishes scanning, a log, FRST.txt, will open.
    • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

  • 0

#8
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: Performance, browsers

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP