Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Graphics glitches on Windows 7 and then after Windows Vista got too. [

Started by henrymills , Apr 24 2015 07:16 AM

  • This topic is locked This topic is locked

#1
henrymills
Posted 24 April 2015 - 07:16 AM

henrymills

    Member

  • Member
  • PipPip
  • 47 posts

zep516 was able to help me months ago. My windows vista is back to normal now. Then after he help me i posted this http://www.geekstogo...itchingg/page-4I have two OS installed.I thought Windows 7 got infected from Windows Vista Cause the graphics glitches happen on Windows 7 also because i tried installing the bluetooth driver.And made me think its the bluetooth driver that cause the problem and not a virus. But yesterday i needed to run an application that uses graphics  and the problem still persist;graphic glitches occured and crash the nvidia driver.I tried to do some of what zep516 told me to do in Vista but it didn't find any virus.My windows 7 is installed on another partition so i booted on puppylinux and deleted that partition then logged in to vista to create a new partition and format it to NTFS.Then i reinstalled Windows 7 but the problem still exist;the graphic glitches still there,but when I run Windows Vista the problem doesnt exist. I can even play MMORPG,Final Fantasy and play HD Videos on VLC without the graphic glitches or the crash on nvidia driver dont occur on Windows Vista. I really need to fix the problem on Windows 7,I really appreciate any help.Another thing,I tried playing a video on Windows 7 during safe mode and it played fine without a problem.Also i also tried playing youtube and I notice when playing using HTML5 theres no graphic glitch,but when I use Adobe flash the graphic glitches occur and crash the nvidia driver, so its pretty obvious its not the video card. I read it could be ram also,but I just add a new  ram, so its impossible. I also installed 2 versions of Nvidia driver ,one is the same  as what I use on Windows Vista that works and the other the lates version,but still the problem occurs on Windows 7.

Just For additional info:Vista got the graphics glitches now again like before zep516 help me,after some time of trying running video application on windows 7.

 

FRST log - Windows Vista

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-04-2015 02
Ran by Marcus (administrator) on ME-PC on 25-04-2015 15:54:13
Running from C:\Users\Marcus\Downloads
Loaded Profiles: Marcus (Available profiles: MyEminence & Marcus & Tempo)
Platform: Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Service.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe
(BlueStack Systems) C:\Program Files\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Gigabyte\ET6\GUI.exe
(SpeedBit Ltd.) C:\Program Files\DAP\DAP.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\RunOnce: [EasyTuneVI] => C:\Program Files\Gigabyte\ET6\ETCall.exe [20480 2007-07-26] ()
HKU\S-1-5-21-185903628-1420016957-2107898834-1001\...\Run: [DownloadAccelerator] => C:\Program Files\DAP\DAP.EXE [2918576 2011-04-29] (SpeedBit Ltd.)
HKU\S-1-5-18\...\Run: [Mobile Partner] => C:\Program Files\Tattoo\Tattoo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-12-13] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-185903628-1420016957-2107898834-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-185903628-1420016957-2107898834-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-185903628-1420016957-2107898834-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com/?aff=115
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-185903628-1420016957-2107898834-1001 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://home.speedbit...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-185903628-1420016957-2107898834-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-185903628-1420016957-2107898834-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://home.speedbit...&q={searchTerms}
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-04] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-13] (AVAST Software)
BHO: No Name -> {bf00e119-21a3-4fd1-b178-3b8537e75c92} ->  No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-04] (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-18] (Yahoo! Inc)
BHO: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Program Files\DAP\dapieloader.dll [2011-04-29] (SpeedBit Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-185903628-1420016957-2107898834-1001 -> No Name - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} -  No File
Toolbar: HKU\S-1-5-21-185903628-1420016957-2107898834-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} http://clients.futur...y/FMSI_v420.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\jhmaz0ig.Waer
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-02-23] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-04] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-01-04] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-01-22] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-02-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\c94o7dma.default\searchplugins\speedbit.xml [2015-04-25]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-08-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2012-01-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-13]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2015-04-25]
FF Extension: No Name - C:\Program Files\SearchPredict\PRFireFox [Not Found]
FF Extension: No Name - C:\Program Files\SpeedBit Video Downloader\SPFireFox [Not Found]
FF Extension: No Name - C:\Program Files\Alwil Software\Avast5\WebRep\FF [Not Found]
FF Extension: No Name - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox2\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-23]
CHR Extension: (Google Drive) - C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-23]
CHR Extension: (YouTube) - C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-23]
CHR Extension: (Google Search) - C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-23]
CHR Extension: (Google Wallet) - C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23]
CHR Extension: (Gmail) - C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [562592 2011-05-27] (Affinegy, Inc.)
S3 AppleChargerSrv; C:\windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-13] (AVAST Software)
S4 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152576 2011-04-19] () [File not signed]
S4 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed]
R2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
S4 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S4 FlowFinder3MonstersAE32; C:\Program Files\GenArts\Monsters-AE\bin\FlowFinder3MonstersAE32.exe [704512 2010-06-04] () [File not signed]
S4 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [130976 2011-08-15] (Futuremark Corporation)
S4 Globe Tattoo Broadband. RunOuc; C:\Program Files\Globe Tattoo Broadband\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 HFGService; C:\windows\System32\HFGService.dll [411136 2007-08-14] (CSR, plc)
S4 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [924160 2007-02-12] (Nero AG) [File not signed]
S4 JawsServerAE; C:\Program Files\GenArts\Monsters-AE\bin\JawsServerAE.exe [393216 2010-06-08] () [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
R2 NIS; C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
S4 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
S4 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S4 RLM-GenArts; C:\Program Files\GenArts\rlm\rlm.exe [1540096 2010-06-03] (Reprise Software Inc.) [File not signed]
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [69864 2011-01-12] (SANDBOXIE L.T.D)
S4 UI Assistant Service; C:\Program Files\SMART BRO\AssistantServices.exe [269648 2011-06-24] ()
S4 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
S4 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-12-13] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [73480 2015-01-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr.sys [55240 2014-12-13] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-12-13] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2015-01-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2015-01-15] (AVAST Software)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [57928 2014-12-13] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-12-13] ()
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20150418.001\BHDrvx86.sys [1172184 2015-04-09] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131800 2015-03-10] (BlueStack Systems)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
S3 csr_a2dp; C:\windows\System32\drivers\bthav.sys [48128 2010-12-22] (Cambridge Silicon Radio Limited)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-04-23] (Symantec Corporation)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2015-04-23] (Symantec Corporation)
S3 etdrv; C:\Windows\etdrv.sys [17488 2015-04-15] (Windows ® 2000 DDK provider)
S3 ewusbnet; C:\windows\System32\DRIVERS\ewusbnet.sys [249472 2012-04-20] (Huawei Technologies Co., Ltd.) [File not signed]
S3 ew_usbenumfilter; C:\windows\System32\DRIVERS\ew_usbenumfilter.sys [11136 2012-10-30] (Huawei Technologies Co., Ltd.) [File not signed]
R3 gdrv; C:\Windows\gdrv.sys [17488 2015-04-25] (Windows ® 2000 DDK provider)
R3 GVTDrv; C:\windows\system32\Drivers\GVTDrv.sys [24944 2015-04-25] ()
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\windows\System32\DRIVERS\ew_jucdcecm.sys [70272 2012-10-29] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\windows\System32\DRIVERS\ewusbmdm.sys [199168 2011-12-31] (Huawei Technologies Co., Ltd.) [File not signed]
R1 HWiNFO32; C:\Program Files\HWiNFO32\HWiNFO32.SYS [20216 2011-05-22] (REALiX™)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20150424.001\IDSvix86.sys [505048 2015-04-14] (Symantec Corporation)
R4 InCDfs; C:\windows\System32\drivers\InCDFs.sys [112384 2007-02-12] (Nero AG) [File not signed]
R1 InCDPass; C:\windows\System32\drivers\InCDPass.sys [31360 2007-02-12] (Nero AG) [File not signed]
U1 InCDrec; C:\windows\system32\Drivers\InCDrec.sys [10624 2007-02-12] (Nero AG) [File not signed]
R1 incdrm; C:\windows\System32\drivers\InCDRm.sys [33792 2007-02-12] (Nero AG) [File not signed]
R3 L1C; C:\windows\System32\DRIVERS\L1C60x86.sys [68208 2011-03-23] (Atheros Communications, Inc.)
S3 massfilter; C:\windows\System32\drivers\massfilter.sys [9216 2011-03-26] (MBB Incorporated)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-04-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20150424.001\NAVENG.SYS [95704 2015-04-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20150424.001\NAVEX15.SYS [1636696 2015-04-24] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-18] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67656 2010-05-11] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [125672 2011-01-12] (SANDBOXIE L.T.D)
R0 speedfan; C:\windows\System32\speedfan.sys [5248 2006-09-24] (Windows ® 2000 DDK provider) [File not signed]
R1 SRTSP; C:\windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS [516216 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS [50168 2011-03-31] (Symantec Corporation)
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [184192 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 sxuptp; C:\windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
R0 SymDS; C:\windows\System32\drivers\NIS\1207020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\drivers\NIS\1207020.003\SYMEFA.SYS [744568 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [126584 2015-03-15] (Symantec Corporation)
R1 SymIRON; C:\windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation)
R1 SYMTDIv; C:\windows\System32\Drivers\NIS\1207020.003\SYMTDIV.SYS [331384 2011-04-21] (Symantec Corporation)
S3 ZTEusbvoice; C:\windows\System32\DRIVERS\ZTEusbvoice.sys [107776 2011-03-26] (ZTE Incorporated)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-04-02] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2099-12-15 19:44 - 2011-02-17 13:24 - 00000000 ____D () C:\windows\system32\Plugins
2015-04-25 15:54 - 2015-04-25 15:55 - 00021496 _____ () C:\Users\Marcus\Downloads\FRST.txt
2015-04-25 15:42 - 2015-04-25 15:42 - 00001676 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-04-25 15:41 - 2015-04-25 15:42 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-04-25 15:41 - 2015-04-25 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-04-25 15:41 - 2015-04-25 15:41 - 00000000 ____D () C:\Program Files\BlueStacks
2015-04-25 15:40 - 2015-04-25 15:40 - 00000000 ____D () C:\Users\Marcus\AppData\Local\Bluestacks
2015-04-25 15:40 - 2015-04-04 16:41 - 13611736 _____ (BlueStack Systems Inc.) C:\BlueStacks-ThinInstaller.exe
2015-04-25 14:55 - 2015-04-25 15:53 - 00000004 _____ () C:\windows\system32\GVTunner.ref
2015-04-24 15:58 - 2015-04-24 15:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-04-24 15:56 - 2012-11-16 16:54 - 08195640 _____ (Intel® Corporation) C:\windows\system32\TVWSetup.exe
2015-04-24 15:56 - 2012-11-16 16:54 - 00268856 _____ (Intel Corporation) C:\windows\system32\igfxsrvc.exe
2015-04-24 15:56 - 2012-11-16 16:54 - 00180280 _____ (Intel Corporation) C:\windows\system32\igfxext.exe
2015-04-24 15:56 - 2012-11-16 16:54 - 00173624 _____ (Intel Corporation) C:\windows\system32\igfxpers.exe
2015-04-24 15:56 - 2012-11-16 16:54 - 00138808 _____ (Intel Corporation) C:\windows\system32\igfxtray.exe
2015-04-24 15:56 - 2012-11-16 16:53 - 03158584 _____ (Intel Corporation) C:\windows\system32\GfxUI.exe
2015-04-24 15:56 - 2012-11-16 16:53 - 00172088 _____ (Intel Corporation) C:\windows\system32\hkcmd.exe
2015-04-24 15:56 - 2012-11-13 15:43 - 11405824 _____ (Intel Corporation) C:\windows\system32\ig4icd32.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 09037312 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd32.sys
2015-04-24 15:56 - 2012-11-13 15:43 - 04338688 _____ (Intel Corporation) C:\windows\system32\igd10umd32.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 01921265 _____ () C:\windows\system32\iglhxa32.cpa
2015-04-24 15:56 - 2012-11-13 15:43 - 00982240 _____ () C:\windows\system32\igkrng500.bin
2015-04-24 15:56 - 2012-11-13 15:43 - 00828928 _____ (Intel Corporation) C:\windows\system32\igfxress.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00439308 _____ () C:\windows\system32\igcompkrng500.bin
2015-04-24 15:56 - 2012-11-13 15:43 - 00228864 _____ (Intel Corporation) C:\windows\system32\igfxdev.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00208896 _____ (Intel Corporation) C:\windows\system32\iglhsip32.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00195584 _____ (Intel Corporation) C:\windows\system32\igfxpph.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00189552 _____ () C:\windows\system32\Gfxres.th-TH.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00178407 _____ () C:\windows\system32\Gfxres.el-GR.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00165395 _____ () C:\windows\system32\Gfxres.ru-RU.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00147456 _____ (Intel Corporation) C:\windows\system32\iglhcp32.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00139909 _____ () C:\windows\system32\Gfxres.ar-SA.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00136401 _____ () C:\windows\system32\Gfxres.ja-JP.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00133746 _____ () C:\windows\system32\Gfxres.he-IL.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00130048 _____ (Intel Corporation) C:\windows\system32\igfxdo.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00125558 _____ () C:\windows\system32\Gfxres.it-IT.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00123230 _____ () C:\windows\system32\Gfxres.ko-KR.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00122927 _____ () C:\windows\system32\Gfxres.es-ES.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00122709 _____ () C:\windows\system32\Gfxres.de-DE.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00121173 _____ () C:\windows\system32\Gfxres.tr-TR.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00120800 _____ () C:\windows\system32\Gfxres.fr-FR.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00120366 _____ () C:\windows\system32\Gfxres.pt-BR.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00120320 _____ (Intel Corporation) C:\windows\system32\gfxSrvc.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00119616 _____ () C:\windows\system32\Gfxres.hu-HU.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00119586 _____ () C:\windows\system32\Gfxres.nl-NL.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00119360 _____ () C:\windows\system32\Gfxres.sv-SE.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00119067 _____ () C:\windows\system32\Gfxres.pt-PT.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00118745 _____ () C:\windows\system32\Gfxres.cs-CZ.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00118697 _____ () C:\windows\system32\Gfxres.fi-FI.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00118409 _____ () C:\windows\system32\Gfxres.pl-PL.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00118058 _____ () C:\windows\system32\Gfxres.sk-SK.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00115200 _____ (Intel Corporation) C:\windows\system32\igfxcpl.cpl
2015-04-24 15:56 - 2012-11-13 15:43 - 00114852 _____ () C:\windows\system32\Gfxres.nb-NO.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00114372 _____ () C:\windows\system32\Gfxres.sl-SI.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00114261 _____ () C:\windows\system32\Gfxres.da-DK.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00110211 _____ () C:\windows\system32\Gfxres.en-US.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00104044 _____ () C:\windows\system32\Gfxres.zh-TW.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00102883 _____ () C:\windows\system32\Gfxres.zh-CN.resources
2015-04-24 15:56 - 2012-11-13 15:43 - 00095232 _____ (Intel Corporation) C:\windows\system32\hccutils.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00092356 _____ () C:\windows\system32\igfcg500m.bin
2015-04-24 15:56 - 2012-11-13 15:43 - 00086528 _____ (Intel Corporation) C:\windows\system32\igfxrfra.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086528 _____ (Intel Corporation) C:\windows\system32\igfxresn.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086528 _____ (Intel Corporation) C:\windows\system32\igfxrell.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086016 _____ (Intel Corporation) C:\windows\system32\igfxrsky.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086016 _____ (Intel Corporation) C:\windows\system32\igfxrrus.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086016 _____ (Intel Corporation) C:\windows\system32\igfxrptg.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086016 _____ (Intel Corporation) C:\windows\system32\igfxrplk.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086016 _____ (Intel Corporation) C:\windows\system32\igfxrnld.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086016 _____ (Intel Corporation) C:\windows\system32\igfxrita.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00086016 _____ (Intel Corporation) C:\windows\system32\igfxrdeu.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrtrk.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrsve.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrslv.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrptb.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrnor.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrhun.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrfin.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrenu.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00085504 _____ (Intel Corporation) C:\windows\system32\igfxrcsy.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00084992 _____ (Intel Corporation) C:\windows\system32\igfxrtha.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00084992 _____ (Intel Corporation) C:\windows\system32\igfxrdan.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00084480 _____ (Intel Corporation) C:\windows\system32\igfxrheb.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00084480 _____ (Intel Corporation) C:\windows\system32\igfxrara.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00082944 _____ (Intel Corporation) C:\windows\system32\igfxrkor.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00082944 _____ (Intel Corporation) C:\windows\system32\igfxrjpn.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00081920 _____ (Intel Corporation) C:\windows\system32\igfxrcht.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00081920 _____ (Intel Corporation) C:\windows\system32\igfxrchs.lrc
2015-04-24 15:56 - 2012-11-13 15:43 - 00081920 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v2869.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00060254 _____ () C:\windows\system32\iglhxg32.vp
2015-04-24 15:56 - 2012-11-13 15:43 - 00060226 _____ () C:\windows\system32\iglhxc32.vp
2015-04-24 15:56 - 2012-11-13 15:43 - 00060015 _____ () C:\windows\system32\iglhxo32.vp
2015-04-24 15:56 - 2012-11-13 15:43 - 00057856 _____ (Intel Corporation) C:\windows\system32\igfxsrvc.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00051652 _____ () C:\windows\system32\iglhxs32.vp
2015-04-24 15:56 - 2012-11-13 15:43 - 00023552 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00004096 _____ ( ) C:\windows\system32\IGFXDEVLib.dll
2015-04-24 15:56 - 2012-11-13 15:43 - 00001090 _____ () C:\windows\system32\iglhxa32.vp
2015-04-24 15:56 - 2012-11-13 15:43 - 00000259 _____ () C:\windows\system32\GfxUI.exe.config
2015-04-24 15:54 - 2015-04-24 15:54 - 00000000 ____D () C:\ProgramData\IntelDLM
2015-04-24 15:45 - 2015-04-24 15:45 - 00000000 ____D () C:\Users\Marcus\AppData\Local\Intel
2015-04-24 15:16 - 2015-04-24 15:16 - 00001039 _____ () C:\Users\Public\Desktop\Intel® Driver Update Utility 2.0.lnk
2015-04-24 15:16 - 2015-04-24 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-04-24 15:16 - 2015-04-24 15:16 - 00000000 ____D () C:\Program Files\Intel Driver Update Utility
2015-04-24 15:09 - 2015-04-24 15:10 - 01139200 _____ (Farbar) C:\Users\Marcus\Downloads\FRST.exe
2015-04-24 14:49 - 2015-04-24 14:56 - 02333416 _____ (Intel) C:\Users\Marcus\Downloads\Intel Driver Update Utility Installer.exe
2015-04-24 14:49 - 2015-04-24 14:49 - 00000000 _____ () C:\Users\Marcus\Desktop\Intel Driver Update Utility Installer.exe.dap
2015-04-23 01:46 - 2015-04-23 01:46 - 00000000 ____D () C:\Users\Marcus\AppData\Roaming\Opera Software
2015-04-23 01:46 - 2015-04-23 01:46 - 00000000 ____D () C:\Users\Marcus\AppData\Local\Opera Software
2015-04-23 01:45 - 2015-04-23 01:45 - 00691864 _____ (Opera Software) C:\Users\Marcus\Desktop\Opera_NI_stable.exe.dap
2015-04-23 01:44 - 2015-04-23 01:45 - 00691864 _____ (Opera Software) C:\Users\Marcus\Downloads\Opera_NI_stable.exe
2015-04-22 18:36 - 2015-04-25 13:19 - 00000000 ____D () C:\Users\Marcus\AppData\Roaming\HexChat
2015-04-22 18:36 - 2015-04-22 18:36 - 06229321 _____ (HexChat ) C:\Users\Marcus\Downloads\HexChat 2.9.6 x86.exe
2015-04-22 18:36 - 2015-04-22 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2015-04-22 18:36 - 2015-04-22 18:36 - 00000000 ____D () C:\Program Files\HexChat
2015-04-22 18:30 - 2015-04-22 18:33 - 06655160 _____ (HexChat ) C:\Users\Marcus\Downloads\HexChat 2.10.2 x86.exe
2015-04-19 11:03 - 2011-03-12 14:41 - 00000888 _____ () C:\Users\Marcus\Desktop\Sandboxed Web Browser.lnk
2015-04-19 11:02 - 2015-04-19 11:02 - 00000000 ____D () C:\Users\Marcus\AppData\Roaming\SUPERAntiSpyware.com
2015-04-19 11:02 - 2015-04-19 11:02 - 00000000 ____D () C:\Users\Marcus\AppData\Roaming\Megaupload
2015-04-19 10:42 - 2012-10-30 12:42 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_usbenumfilter.sys
2015-04-19 10:42 - 2012-10-29 19:42 - 00070272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jucdcecm.sys
2015-04-19 10:42 - 2012-08-20 08:54 - 00096000 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jucdcacm.sys
2015-04-19 10:42 - 2012-08-20 08:54 - 00076544 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jubusenum.sys
2015-04-19 10:42 - 2012-08-20 08:54 - 00027520 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_juextctrl.sys
2015-04-19 10:42 - 2012-04-20 14:14 - 00249472 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbnet.sys
2015-04-19 10:42 - 2011-12-31 09:20 - 00199168 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbmdm.sys
2015-04-19 10:42 - 2010-10-08 16:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\windows\system32\Drivers\ewdcsc.sys
2015-04-19 10:42 - 2010-09-26 18:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_hwupgrade.sys
2015-04-19 10:42 - 2010-08-06 07:42 - 00861696 _____ (DiBcom SA) C:\windows\system32\Drivers\mod7700.sys
2015-04-19 10:42 - 2010-07-27 09:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_hwusbdev.sys
2015-04-18 00:57 - 2015-04-18 00:59 - 20650202 _____ () C:\Users\Marcus\Downloads\operausb1217int.zip
2015-04-18 00:57 - 2015-04-18 00:57 - 20650202 _____ () C:\Users\Marcus\Desktop\operausb1217int.zip.dap
2015-04-17 19:35 - 2015-04-18 03:16 - 00000180 _____ () C:\Users\Marcus\Documents\Nwbie.txt
2015-04-17 17:21 - 2015-04-17 17:21 - 00000000 ____D () C:\ProgramData\MobileBrServ
2015-04-17 17:09 - 2015-04-17 17:09 - 00000000 ____D () C:\Users\Tempo\AppData\Roaming\vlc
2015-04-17 17:08 - 2015-04-17 17:08 - 00000000 ____D () C:\Users\Tempo\AppData\Local\CrashDumps
2015-04-17 17:05 - 2015-04-17 17:05 - 00057824 _____ () C:\Users\Tempo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-17 17:05 - 2015-04-17 17:05 - 00000000 ____D () C:\Users\Tempo\AppData\Roaming\Western Digital
2015-04-17 17:05 - 2015-04-17 17:05 - 00000000 ____D () C:\Users\Tempo\AppData\Roaming\AVAST Software
2015-04-17 17:05 - 2015-04-17 17:05 - 00000000 ____D () C:\Users\Tempo\AppData\Roaming\Adobe
2015-04-17 17:05 - 2015-04-17 17:05 - 00000000 ____D () C:\Users\Tempo\AppData\Local\Western_Digital
2015-04-17 17:05 - 2015-04-17 17:05 - 00000000 ____D () C:\Users\Tempo\AppData\Local\Western Digital
2015-04-17 17:04 - 2015-04-17 17:04 - 00000949 _____ () C:\Users\Tempo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-17 17:04 - 2015-04-17 17:04 - 00000944 _____ () C:\Users\Tempo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-17 17:04 - 2015-04-17 17:04 - 00000915 _____ () C:\Users\Tempo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-04-17 17:04 - 2015-04-17 17:04 - 00000000 ____D () C:\Users\Tempo\AppData\Local\Google
2015-04-17 17:02 - 2015-04-17 17:02 - 00000000 ____D () C:\Users\Tempo\AppData\Local\VirtualStore
2015-04-17 17:02 - 2015-04-17 17:02 - 00000000 ____D () C:\Users\Tempo\AppData\Local\NVIDIA Corporation
2015-04-17 17:02 - 2015-04-17 17:02 - 00000000 ____D () C:\Users\Tempo\AppData\Local\NVIDIA
2015-04-17 17:00 - 2015-04-24 20:34 - 00000000 ____D () C:\Users\Marcus\AppData\Roaming\vlc
2015-04-17 16:59 - 2015-04-17 16:59 - 00000000 ____D () C:\Users\Marcus\AppData\Roaming\Western Digital
2015-04-17 16:59 - 2015-04-17 16:59 - 00000000 ____D () C:\Users\Marcus\AppData\Local\Western_Digital
2015-04-17 16:59 - 2015-04-17 16:59 - 00000000 ____D () C:\Users\Marcus\AppData\Local\Western Digital
2015-04-17 12:30 - 2015-04-17 12:22 - 227056768 _____ (NVIDIA Corporation) C:\341.44-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-04-17 08:09 - 2015-04-17 08:09 - 00008192 __RSH () C:\BOOTSECT.BAK
2015-04-15 21:00 - 2015-04-15 21:00 - 00000000 ____D () C:\Users\MyEminence\AppData\Roaming\Western Digital
2015-04-15 21:00 - 2015-04-15 21:00 - 00000000 ____D () C:\Users\MyEminence\AppData\Local\Western_Digital
2015-04-15 20:59 - 2015-04-15 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2015-04-15 19:20 - 2015-04-15 19:20 - 00000000 ____D () C:\Users\MyEminence\AppData\Local\CrashDumps

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 15:54 - 2014-12-23 12:52 - 00000000 ____D () C:\FRST
2015-04-25 15:53 - 2015-03-13 23:32 - 00024944 _____ () C:\windows\system32\Drivers\GVTDrv.sys
2015-04-25 15:53 - 2011-04-29 22:45 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-25 15:52 - 2015-03-14 10:57 - 00017488 _____ (Windows ® 2000 DDK provider) C:\windows\gdrv.sys
2015-04-25 15:52 - 2014-09-16 20:20 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-25 15:52 - 2006-11-02 21:00 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-25 15:52 - 2006-11-02 20:46 - 00004928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-25 15:52 - 2006-11-02 20:46 - 00004928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-25 15:49 - 2012-02-24 18:43 - 00000012 _____ () C:\windows\bthservsdp.dat
2015-04-25 15:49 - 2009-04-11 20:38 - 01295878 _____ () C:\windows\WindowsUpdate.log
2015-04-25 15:49 - 2006-11-02 21:00 - 00032558 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-04-25 15:48 - 2006-11-02 19:18 - 00000000 ____D () C:\windows\Microsoft.NET
2015-04-25 15:42 - 2006-11-02 18:33 - 00766566 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-25 15:23 - 2013-12-11 17:22 - 00000000 ___RD () C:\Program Files\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
2015-04-25 15:14 - 2014-09-16 20:20 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-25 15:04 - 2014-01-29 16:38 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-25 13:43 - 2014-01-27 20:59 - 00000000 ____D () C:\Program Files\Opera
2015-04-24 20:07 - 2014-12-14 23:44 - 00011776 _____ () C:\Users\Marcus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-24 19:37 - 2011-05-04 07:09 - 00000000 ____D () C:\Users\MyEminence\Documents\Adobe
2015-04-24 18:02 - 2012-01-02 08:46 - 00000000 ____D () C:\Users\Marcus\AppData\Local\VirtualStore
2015-04-24 16:07 - 2011-08-23 22:01 - 00016034 _____ () C:\windows\system32\results.xml
2015-04-24 15:57 - 2008-01-22 23:24 - 00000000 ____D () C:\Program Files\Intel
2015-04-24 15:56 - 2009-07-29 02:56 - 00000000 ____D () C:\Users\Marcus
2015-04-24 15:56 - 2008-01-22 23:24 - 00000000 ____D () C:\Intel
2015-04-24 15:36 - 2015-01-19 21:34 - 00132580 _____ () C:\windows\PFRO.log
2015-04-24 14:57 - 2013-12-21 13:25 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-20 20:21 - 2014-09-16 20:28 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-19 11:34 - 2011-02-26 02:32 - 00000000 ____D () C:\Users\MyEminence\AppData\Roaming\BitTorrent
2015-04-19 11:10 - 2011-03-12 14:42 - 00002726 _____ () C:\windows\Sandboxie.ini
2015-04-19 11:07 - 2013-11-26 17:14 - 00000145 _____ () C:\service.log
2015-04-19 10:56 - 2014-12-02 16:46 - 00000000 ____D () C:\windows\pss
2015-04-19 10:42 - 2015-01-23 01:02 - 00003205 _____ () C:\windows\setupact.log
2015-04-19 10:25 - 2015-03-14 10:49 - 00000000 ____D () C:\windows\system32\Drivers\NIS
2015-04-19 10:23 - 2015-03-14 10:49 - 00002204 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2015-04-19 10:23 - 2015-03-14 10:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-04-19 10:23 - 2014-12-13 22:27 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-17 17:07 - 2014-01-29 16:38 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-17 17:07 - 2014-01-29 16:38 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-04-17 17:04 - 2014-12-14 00:23 - 00000000 ____D () C:\Users\Tempo
2015-04-17 16:56 - 2011-02-23 03:16 - 00000000 ____D () C:\Users\MyEminence\AppData\Roaming\vlc
2015-04-15 20:59 - 2013-03-15 04:48 - 00000000 ____D () C:\Program Files\Western Digital
2015-04-15 20:59 - 2011-02-21 13:52 - 00000000 ____D () C:\Users\MyEminence
2015-04-15 20:04 - 2014-11-20 23:13 - 00000000 ____D () C:\Program Files\PlayBns.com
2015-04-15 19:50 - 2012-02-19 23:49 - 00000000 ____D () C:\Program Files\The Elder Scrolls V Skyrim
2015-04-15 18:36 - 2011-02-25 10:44 - 00071680 _____ () C:\Users\MyEminence\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-15 18:34 - 2010-08-06 13:41 - 00000000 ____D () C:\CacheFiles
2015-04-15 16:11 - 2015-03-14 11:19 - 00017488 _____ (Windows ® 2000 DDK provider) C:\windows\etdrv.sys
2015-04-15 09:13 - 2011-08-16 17:54 - 00000871 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-14 05:27 - 2015-03-14 10:50 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared

==================== Files in the root of some directories =======

2011-05-07 15:19 - 2011-05-07 15:19 - 0002001 _____ () C:\Program Files\InstantHDPro1.0.log
2011-05-07 15:44 - 2011-05-07 15:44 - 0002054 _____ () C:\Program Files\primattekeyer4.0.log
2009-04-14 16:07 - 2009-04-14 16:07 - 0037607 _____ () C:\Program Files\Common Files\license.rtf
2010-01-31 11:06 - 2010-01-31 11:06 - 0008046 _____ () C:\Program Files\Common Files\setupBanner.jpg
2014-12-15 11:51 - 2014-12-15 11:51 - 0000680 _____ () C:\Users\Marcus\AppData\Local\d3d9caps.dat
2014-12-14 23:44 - 2015-04-24 20:07 - 0011776 _____ () C:\Users\Marcus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Users\MyEminence\AppData\Local\temp\Protect4a647d98.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-25 15:50

==================== End Of Log ============================

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Additition.txt - Windows Vista

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2015 02
Ran by Marcus at 2015-04-25 15:55:44
Running from C:\Users\Marcus\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-185903628-1420016957-2107898834-500 - Administrator - Disabled)
Guest (S-1-5-21-185903628-1420016957-2107898834-501 - Limited - Disabled)
Marcus (S-1-5-21-185903628-1420016957-2107898834-1001 - Administrator - Enabled) => C:\Users\Marcus
MyEminence (S-1-5-21-185903628-1420016957-2107898834-1000 - Administrator - Enabled) => C:\Users\MyEminence
Stempo (S-1-5-21-185903628-1420016957-2107898834-1005 - Administrator - Enabled)
Tempo (S-1-5-21-185903628-1420016957-2107898834-1004 - Administrator - Enabled) => C:\Users\Tempo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS Ver.2.07 (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.07 - GIGABYTE)
2d3 SteadyMove Pro (HKLM\...\{2BF4F570-038D-45F1-8CD3-B0134B345BB3}) (Version: 1.21.6220 - 2d3 Ltd)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Accent RAR Password Recovery (HKLM\...\{994D4DFE-FC8C-4039-A493-5B94E4143B1C}) (Version: 3.2.48.3188 - Passcovery Co. Ltd.)
Adobe After Effects CS4 Third Party Content (HKLM\...\Adobe_5aab5a491a3a52ae624fd639f6aaa95) (Version: 9 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Creative Suite 4 Production Premium (HKLM\...\Adobe_0a572e121e19f0f54d2d23782236e1b) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Production Premium (HKLM\...\Adobe_36ac9dc8c9a94feb9e5886810012e78) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Production Premium (HKLM\...\Adobe_83e762451b5cf1655cb11b0be8ae31a) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Encoder CS4 Exporter (HKLM\...\Adobe_5eba9bbdf1514a06b1a4c79a2920188) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Anvil Studio 2011 (HKLM\...\{9E3D3F0B-D447-44DA-9204-2CA004A4133E}) (Version: 11.02.12 - Willow Software)
Any Video Converter 3.2.3 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
ASRock InstantBoot v1.23 (HKLM\...\ASRock InstantBoot_is1) (Version:  - )
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.51 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AV Music Morpher Gold (HKLM\...\AV Music Morpher Gold) (Version:  - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
BitTorrent (HKLM\...\BitTorrent) (Version: 7.2.1 - )
Blade and Soul (HKLM\...\{CEF766E5-6E15-441F-B14A-C44CB168DBE7}) (Version: 1.0.0 - PlayBns.com)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.17.4138 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.4138 - BlueStack Systems, Inc.)
Boris Continuum Complete 7 Adobe CS3 CS4 (HKLM\...\{B8CB8785-3E0E-41AB-B201-6FFE6D9FF3CC}) (Version: 7.00.1000 - Boris FX, Inc.)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Cedocida DV Codec (HKLM\...\cedocida) (Version:  - )
Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CPUID CPU-Z 1.57 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1705 - CyberLink Corp.)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
DMIView B8.0717.01 (HKLM\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 9607 (Build 2134) - Speedbit Ltd.)
E.M. Youtube Video Download Tool 3.15 (HKLM\...\E.M. Youtube Video Download Tool_is1) (Version:  - EffectMatrix, Inc.)
Easy Tune 6 B11.0728.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0728.1 (Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.0904.1  (HKLM\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Face_Wizard B09.1119.01 (HKLM\...\{E76FCE6B-9999-4250-8C75-B2DA4AD41268}) (Version: 1.00.0000 - Gigabyte)
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Final Fantasy XIII version 1.0.0.0 (HKLM\...\Final Fantasy XIII_is1) (Version: 1.0.0.0 - SQUARE ENIX)
Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.3.1.118 - Foxit Corporation)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Freez FLV to MP3 Converter (HKLM\...\Freez FLV to MP3 Converter v1.5_is1) (Version: 1.5 - www.smallvideosoft.com)
Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.2.0 - Futuremark Corporation)
GenArts Monsters GT V6 for After Effects CS4 (HKLM\...\{BC0F92C4-4F1C-475E-9FAE-B26A54BC0852}_is1) (Version:  - GenArts, Inc.)
GenArts Sapphire Plug-ins 5.0 for After Effects and Compatible  (HKLM\...\GenArts Sapphire AE_is1) (Version:  - )
GenArts Sapphire RLM Server 8.0.5.1 (HKLM\...\GenArts Reprise License Manager Server_is1) (Version:  - )
Globe Broadband (HKLM\...\Globe Broadband) (Version: 11.300.05.20.158 - Huawei Technologies Co.,Ltd)
Globe Tattoo Broadband (HKLM\...\Globe Tattoo Broadband) (Version: 23.009.09.01.158 - Huawei Technologies Co.,Ltd)
Gmask 1.70 English (HKLM\...\Gmask 1.70 English) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPU Caps Viewer v1.8.2 (HKLM\...\GPU Caps Viewer_is1) (Version:  - oZone3D.Net)
HandBrake 0.9.5 (HKLM\...\HandBrake) (Version: 0.9.5 - )
HexChat (x86) (HKLM\...\HexChat (x86)_is1) (Version: 2.9.6 - HexChat)
HWiNFO32 Version 3.84 (HKLM\...\HWiNFO32_is1) (Version: 3.84 - Martin Malík - REALiX)
Instant HD (HKLM\...\Instant HD) (Version:  - )
Instant HD Advanced (HKLM\...\Instant HD Advanced) (Version:  - )
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
JDownloader (HKLM\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lagarith Lossless Codec (1.3.21) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LightScribe  1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mega Manager (HKLM\...\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}) (Version: 3.5.1.0 - Megaupload Limited)
Mega Manager (Version: 3.5.1.0 - Megaupload Limited) Hidden
MegaTrainer eXperience V1.0.3.6 (HKLM\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE  (HKLM\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MKVcleaver (HKLM\...\{5BAEAA63-8C55-4571-B0FE-695299835907}) (Version: 5.0.3 - MKVcleaver)
MKVtoolnix 2.5.1 (HKLM\...\MKVtoolnix) (Version: 2.5.1 - Moritz Bunkus)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.22.00.158 - Huawei Technologies Co.,Ltd)
mocha Pro V2.5.2-3520 (HKLM\...\{B7D4740D-02F7-4D53-A50F-7D6ED4BAA54A}) (Version: 2.52.3520 - Imagineer Systems)
MotioninJoy ds3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.00005 - www.motioninjoy.com)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
NCsoft Launcher (HKLM\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.19002 - NCsoft)
Nero 7 Essentials (HKLM\...\{874AF83E-1BF6-4F2B-9086-BF62BDAE1033}) (Version: 7.02.5608 - Nero AG)
Neverwinter Nights 2 (HKLM\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Norton Internet Security (HKLM\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Performance (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 28.0.1750.51 (HKLM\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r3878) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r4600) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5350) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photomatix Pro version 5.0.4 (HKLM\...\PhotomatixPro5x32_is1) (Version: 5.0.4 - HDRsoft Ltd)
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
PianoFX STUDIO 4.0 (HKLM\...\PianoFX STUDIO 4.0_is1) (Version: 4.0 - Tanseon Systems)
Pixel Bender Toolkit (Version: 1.0 - Adobe Systems Incorporated) Hidden
Primatte Keyer Pro 4.0 (HKLM\...\Primatte Keyer Pro 4.0) (Version:  - )
Q-Share Ver.1.2 (HKLM\...\{F308B531-AB20-4A79-8F5E-83071FE5BE60}) (Version: 1.2 - GIGABYTE)
RAR Password Recovery Professional  (HKLM\...\RAR Password Recovery Professional) (Version:  - SmartKey, Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RESIDENT EVIL 5 (HKLM\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 3.52 (HKLM\...\Sandboxie) (Version:  - )
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
SMART BRO (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
SmartCam -- Smart Phone Camera (HKLM\...\SmartCam) (Version: 1.4 - Ionut Dediu)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Sun Broadband Hotspot (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
Sun Broadband Wireless (HKLM\...\Sun Broadband Wireless) (Version: 16.001.06.04.256 - Huawei Technologies Co.,Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.49.1000 - SUPERAntiSpyware.com)
System Requirements Lab (HKLM\...\{0A3A9522-EFA2-4C56-9138-101692C2A130}) (Version: 4.4.26.0 - Husdawg, LLC)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}) (Version: 4.4.24.0 - Husdawg, LLC)
Tattoo (HKLM\...\Tattoo) (Version: 1.09.00.158 - Huawei Technologies Co.,Ltd)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: SKYRIM (HKLM\...\The Elder Scrolls V: SKYRIM_is1) (Version: 1.1.21.0 - Bethesda Softworks)
The Elder Scrolls V: SKYRIM Update 1 + Crack (HKLM\...\The Elder Scrolls V: SKYRIM Update 1 + Crack_is1) (Version:  - )
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
Torchlight (HKLM\...\Runic Games Torchlight) (Version: 0.0.66.192 - )
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
Trapcode Form (HKLM\...\Trapcode Form) (Version:  - )
Trapcode Lux (HKLM\...\Trapcode Lux) (Version:  - )
Trapcode Particular v2 (HKLM\...\Trapcode Particular v2) (Version:  - )
Trapcode Shine (HKLM\...\Trapcode Shine) (Version:  - )
Trapcode Starglow (HKLM\...\Trapcode Starglow) (Version:  - )
Ultimate Extras sounds from Microsoft® Tinker™ (HKLM\...\UltSounds2) (Version:  - Microsoft Corporation)
UnCleaner (HKLM\...\UnCleaner) (Version: 1.7 - Josh Cell Softwares Corporation)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update Manager B09.1008.1 (HKLM\...\InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}) (Version: 1.00.0000 - GIGABYTE)
Update Manager B09.1008.1 (Version: 1.00.0000 - GIGABYTE) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Enhancer 1.9.6 (HKLM\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
Video Mover (HKLM\...\Video Mover_is1) (Version:  - )
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VirtualDub Filter Pack 1.0 (HKLM\...\VirtualDub Filter Pack_is1) (Version:  - Dee Mon)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
Windows Sound Schemes (HKLM\...\UltSounds) (Version:  - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.0) (Version: 1.3.0 - Xvid Team)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 18:23 - 2014-12-15 12:32 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1A36E0FD-B1E4-442F-8EF7-C5CB188707A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {1BA01890-A006-4775-96D9-9C006CD61725} - System32\Tasks\SBWUpdateTask_Logon_603d724b-001E101FB681 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {2C0E4495-15D7-4064-AEB7-F7D61513256B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-16] (Google Inc.)
Task: {4408880C-A9C5-46B9-BC7C-A7A2F8E9F2CE} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {6774270A-EAB5-427A-81A0-C86640BC1794} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-13] (AVAST Software)
Task: {6E42AC87-77E7-4CF2-8A71-7D5E69C28853} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-26] (Piriform Ltd)
Task: {6FCB3434-D68F-4C69-9BA6-FDD2E72CFD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-16] (Google Inc.)
Task: {A2F28C6B-05CA-429D-9D09-CC8CC3EDC022} - System32\Tasks\{3876CA48-1F70-41FC-89DE-1217DDFAF0B1} => pcalua.exe -a "C:\Program Files\Hotspot Shield\Uninstall.exe"
Task: {A777C0DD-10A3-4283-B4DA-B1F1BD43211C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - MyEminence => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {A849459B-C5B4-4F43-90A1-A0BFBE3D7031} - System32\Tasks\SBWUpdateTask_Time_603d724b-001E101FB681 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {B05AAA3F-7AD3-47C4-9267-3CA624F5F593} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {B06B490A-A2C7-4FE1-8614-73244FFB24D6} - System32\Tasks\SBWUpdateTask_Time_603d724b-74D435355476 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {B54B3C12-9CEF-4B5D-AF35-FAC4C1B4FE5E} - System32\Tasks\Opera scheduled Autoupdate 1390827574 => C:\Program Files\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {BE2DD90B-C189-4623-BF7B-23C85EE68627} - System32\Tasks\SBWUpdateTask_Time_603d724b-0025222896A8 => C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {CF965BB5-C33F-4E2F-B8A7-C2D8CD4AFD11} - System32\Tasks\SBWUpdateTask_Logon_603d724b-0025222896A8 => C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {E7EE2155-7D72-4669-BBB4-6F2BB6426738} - System32\Tasks\SBWUpdateTask_Logon_603d724b-74D435355476 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-04-29 22:44 - 2011-04-29 22:44 - 00084480 _____ () C:\windows\system32\EasyHook32.dll
2010-07-05 05:32 - 2010-07-05 05:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-11-24 16:54 - 2011-04-19 16:29 - 00132608 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2008-03-25 17:21 - 2008-03-25 17:21 - 00219656 _____ () C:\Program Files\Gigabyte\ET6\GUI.exe
2011-07-28 13:43 - 2011-07-28 13:43 - 02601031 _____ () C:\Program Files\Gigabyte\ET6\Normal.dll
2011-07-27 11:46 - 2011-07-27 11:46 - 00430147 _____ () C:\Program Files\Gigabyte\ET6\work.dll
2011-06-15 14:19 - 2011-06-15 14:19 - 00106496 _____ () C:\Program Files\Gigabyte\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files\Gigabyte\ET6\CIAMIB.dll
2011-06-23 20:04 - 2011-06-23 20:04 - 00155648 _____ () C:\Program Files\Gigabyte\ET6\OCK.dll
2009-12-22 16:52 - 2009-12-22 16:52 - 00102400 _____ () C:\Program Files\Gigabyte\ET6\ycc.dll
2010-10-19 10:59 - 2010-10-19 10:59 - 00065536 _____ () C:\Program Files\Gigabyte\ET6\GPTT.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files\Gigabyte\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files\Gigabyte\ET6\StabilityLib.dll
2010-12-02 16:01 - 2010-12-02 16:01 - 00106496 _____ () C:\Program Files\Gigabyte\ET6\HM.dll
2011-07-15 11:14 - 2011-07-15 11:14 - 00192512 _____ () C:\Program Files\Gigabyte\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files\Gigabyte\ET6\Sound.dll
2010-06-10 15:52 - 2010-06-10 15:52 - 00110592 _____ () C:\Program Files\Gigabyte\ET6\AMD8.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 04449632 _____ () C:\Program Files\Gigabyte\ET6\Platform.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 00423256 _____ () C:\Program Files\Gigabyte\ET6\Device.dll
2011-07-22 18:12 - 2011-07-22 18:12 - 00307200 _____ () C:\Program Files\Gigabyte\ET6\MFCCPU.dll
2011-04-29 22:44 - 2011-04-29 22:44 - 00053248 _____ () C:\Program Files\DAP\zlib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-185903628-1420016957-2107898834-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AffinegyService => 2
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: Belkin Local Backup Service => 2
MSCONFIG\Services: Belkin Network USB Helper => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: ES lite Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FlowFinder3MonstersAE32 => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: Globe Tattoo Broadband. RunOuc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HWDeviceService.exe => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: InCDsrv => 2
MSCONFIG\Services: JawsServerAE => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nTuneService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RLM-GenArts => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: UI Assistant Service => 2
MSCONFIG\Services: WDDMService => 2
MSCONFIG\Services: WDSmartWareBackgroundService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\windows\pss\WDDMStatus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDSmartWare.lnk => C:\windows\pss\WDSmartWare.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BitTorrent => "C:\Program Files\BitTorrent\BitTorrent.exe"
MSCONFIG\startupreg: CheckNDISPort_df => C:\Program Files\Hotspot\Sun Broadband\CheckNDISPort_df.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: ehTray.exe => C:\windows\ehome\ehTray.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InCD => C:\Program Files\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Mega Manager => C:\Program Files\Megaupload\Mega Manager\MegaManager.exe /Tray
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Remoter => C:\Users\MyEminence\Downloads\Jpop Funk\RemoterServer\RemoterServer\RemoterServer.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SecurDisc => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: UIExec => "C:\Program Files\SMART BRO\UIExec.exe"
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe
MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2015 03:55:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422.

Operation:
   Instantiating VSS server

Error: (04/25/2015 03:55:47 PM) (Source: VSS) (EventID: 39) (User: )
Description: Volume Shadow Copy Service error:  The Volume Shadow Copy service (VSS) is disabled.  Please
enable the service and try again.

Operation:
   Instantiating VSS server

Error: (04/25/2015 03:52:34 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x00000000.

Error: (04/25/2015 02:54:48 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x00000000.

Error: (04/25/2015 02:45:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422.

Operation:
   Instantiating VSS server

Error: (04/25/2015 02:45:36 PM) (Source: VSS) (EventID: 39) (User: )
Description: Volume Shadow Copy Service error:  The Volume Shadow Copy service (VSS) is disabled.  Please
enable the service and try again.

Operation:
   Instantiating VSS server

Error: (04/25/2015 02:07:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point on volume (Process = C:\windows\system32\msiexec.exe /V; Descripton = Removed BlueStacks Notification Center; Hr = 0x8000ffff).

Error: (04/25/2015 02:07:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422.

Operation:
   Instantiating VSS server

Error: (04/25/2015 02:07:39 PM) (Source: VSS) (EventID: 39) (User: )
Description: Volume Shadow Copy Service error:  The Volume Shadow Copy service (VSS) is disabled.  Please
enable the service and try again.

Operation:
   Instantiating VSS server

Error: (04/25/2015 02:07:24 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point on volume (Process = C:\windows\system32\msiexec.exe /V; Descripton = Removed BlueStacks Notification Center; Hr = 0x8000ffff).

System errors:
=============
Error: (04/25/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (04/25/2015 03:34:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (04/25/2015 02:55:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (04/25/2015 02:53:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:47:07 PM on 4/25/2015 was unexpected.

Error: (04/25/2015 02:43:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (04/25/2015 02:42:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:38:50 PM on 4/25/2015 was unexpected.

Error: (04/25/2015 02:38:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (04/25/2015 02:07:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: BlueStacks Updater Service;gadgetDataDir=C:\ProgramData\BlueStacks\UserData\Gadget"1

Error: (04/25/2015 01:58:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (04/25/2015 01:13:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Microsoft Office Sessions:
=========================
Error: (04/25/2015 03:55:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422

Operation:
   Instantiating VSS server

Error: (04/25/2015 03:55:47 PM) (Source: VSS) (EventID: 39) (User: )
Description: Operation:
   Instantiating VSS server

Error: (04/25/2015 03:52:34 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (04/25/2015 02:54:48 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (04/25/2015 02:45:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422

Operation:
   Instantiating VSS server

Error: (04/25/2015 02:45:36 PM) (Source: VSS) (EventID: 39) (User: )
Description: Operation:
   Instantiating VSS server

Error: (04/25/2015 02:07:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\windows\system32\msiexec.exe /VRemoved BlueStacks Notification Center0x8000ffff

Error: (04/25/2015 02:07:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422

Operation:
   Instantiating VSS server

Error: (04/25/2015 02:07:39 PM) (Source: VSS) (EventID: 39) (User: )
Description: Operation:
   Instantiating VSS server

Error: (04/25/2015 02:07:24 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\windows\system32\msiexec.exe /VRemoved BlueStacks Notification Center0x8000ffff

CodeIntegrity Errors:
===================================
  Date: 2015-04-25 15:54:52.514
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 15:54:52.436
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 15:54:52.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 15:54:52.249
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 15:30:53.527
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 15:30:53.420
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 15:30:53.236
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 15:30:53.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 14:44:39.481
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-25 14:44:39.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 45%
Total physical RAM: 3069.77 MB
Available physical RAM: 1684.48 MB
Total Pagefile: 8971.97 MB
Available Pagefile: 7716.6 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:169.41 GB) (Free:23.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:63.48 GB) (Free:43.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 972CEA52)
Partition 1: (Not Active) - (Size=63.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=169.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

FRST log - Windows 7

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2015
Ran by wattax (administrator) on WATTAX-PC on 25-04-2015 14:32:40
Running from C:\Users\wattax\Documents
Loaded Profiles: wattax (Available profiles: wattax)
Platform: Microsoft Windows 7 Starter  (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\HexChat\hexchat.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-1790836275-511205700-1723610152-1000\...\MountPoints2: {363cb0ba-e490-11e4-9754-abf282295cbf} - E:\AutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1790836275-511205700-1723610152-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-ph/?ocid=iehp
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-01-16] (NVIDIA Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-01-16] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 14:32 - 2015-04-25 14:32 - 00004820 _____ () C:\Users\wattax\Documents\FRST.txt
2015-04-25 14:32 - 2015-04-25 14:32 - 00000000 ____D () C:\FRST
2015-04-25 14:30 - 2015-04-25 14:31 - 01139200 _____ (Farbar) C:\Users\wattax\Documents\FRST.exe
2015-04-18 18:58 - 2015-04-18 18:58 - 00000000 ____D () C:\Users\wattax\AppData\Local\NVIDIA Corporation
2015-04-17 15:59 - 2015-04-17 15:59 - 00566232 _____ () C:\Windows\Minidump\041715-17206-01.dmp
2015-04-17 15:05 - 2015-04-17 15:05 - 00000000 ____D () C:\Users\wattax\AppData\Roaming\Macromedia
2015-04-17 15:05 - 2015-04-17 15:05 - 00000000 ____D () C:\Users\wattax\AppData\Roaming\Adobe
2015-04-17 15:04 - 2015-04-17 15:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-17 15:04 - 2015-04-17 15:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-17 15:04 - 2015-04-17 15:04 - 00000000 ____D () C:\Windows\system32\Macromed
2015-04-17 15:01 - 2015-04-17 15:05 - 00000000 ____D () C:\Users\wattax\AppData\Local\Adobe
2015-04-17 12:42 - 2015-04-25 14:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-17 12:42 - 2015-04-17 12:42 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2015-04-17 12:42 - 2015-02-04 07:57 - 00606920 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2015-04-17 12:42 - 2015-01-16 14:40 - 01316184 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-04-17 12:42 - 2015-01-16 14:40 - 01278920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-04-17 12:41 - 2015-02-04 10:06 - 04388040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-17 12:41 - 2015-02-04 10:06 - 03060936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-04-17 12:41 - 2015-02-04 10:05 - 02553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-17 12:41 - 2015-02-04 10:05 - 00670536 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-17 12:41 - 2015-02-04 10:05 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-17 12:41 - 2015-02-04 00:18 - 04229086 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-17 12:40 - 2015-02-04 11:35 - 24199824 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 16128576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 15294096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 14497760 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 11272048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 11209376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 10702664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-17 12:40 - 2015-02-04 11:35 - 03987784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 02824176 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 01060680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234144.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 00911504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234144.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 00908432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 00870032 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2015-04-17 12:40 - 2015-02-04 11:35 - 00021015 _____ () C:\Windows\system32\nvinfo.pb
2015-04-17 12:40 - 2014-11-22 18:46 - 00032912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-04-17 12:40 - 2014-11-22 18:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2015-04-17 12:38 - 2015-04-17 12:38 - 00000000 ____D () C:\NVIDIA
2015-04-17 12:37 - 2015-04-17 12:37 - 00000606 _____ () C:\Windows\PFRO.log
2015-04-17 12:28 - 2015-04-17 12:29 - 00000000 ____D () C:\Program Files\Driver Fusion
2015-04-17 12:28 - 2015-04-17 12:28 - 00001020 _____ () C:\Users\Public\Desktop\Driver Fusion.lnk
2015-04-17 12:28 - 2015-04-17 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Fusion
2015-04-17 12:28 - 2015-04-17 12:28 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-04-17 12:25 - 2015-04-17 12:27 - 05777391 _____ (Treexy) C:\Users\wattax\Documents\driverfusionsetup.exe
2015-04-17 12:20 - 2015-04-25 14:32 - 00000000 ____D () C:\Users\wattax\AppData\Roaming\HexChat
2015-04-17 12:20 - 2015-04-17 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2015-04-17 12:20 - 2015-04-17 12:20 - 00000000 ____D () C:\Program Files\HexChat
2015-04-17 12:00 - 2015-04-17 12:20 - 06655160 _____ (HexChat ) C:\Users\wattax\Downloads\HexChat 2.10.2 x86.exe
2015-04-17 11:57 - 2015-04-17 11:57 - 00003836 _____ () C:\Users\wattax\Documents\HexChat 2.10.2 x86.htm
2015-04-17 11:46 - 2015-04-17 12:22 - 227056768 _____ (NVIDIA Corporation) C:\Users\wattax\Documents\341.44-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-04-17 11:44 - 2015-04-17 11:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-17 11:17 - 2015-04-17 11:17 - 00000000 ____D () C:\Users\wattax\AppData\Local\PCSX2
2015-04-17 11:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-04-17 11:16 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-04-17 11:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-04-17 11:16 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-04-17 11:16 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-04-17 11:16 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-04-17 11:16 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-04-17 11:16 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-04-17 11:16 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-04-17 11:16 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-04-17 11:16 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-04-17 11:16 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-04-17 11:16 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-04-17 11:16 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-04-17 11:16 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-04-17 11:16 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-04-17 11:16 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-04-17 11:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-04-17 11:16 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-04-17 11:16 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-04-17 11:16 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-04-17 11:16 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-04-17 11:16 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-04-17 11:16 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-04-17 11:16 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-04-17 11:16 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-04-17 11:16 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-04-17 11:16 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-04-17 11:16 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-04-17 11:16 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-04-17 11:16 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-04-17 11:16 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-04-17 11:16 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-04-17 11:16 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-04-17 11:16 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-04-17 11:16 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-04-17 11:16 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-04-17 11:16 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-04-17 11:16 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-04-17 11:16 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-04-17 11:16 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-04-17 11:16 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-04-17 11:16 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-04-17 11:16 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-04-17 11:16 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-04-17 11:16 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-04-17 11:16 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-04-17 11:16 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-04-17 11:16 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-04-17 11:16 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-04-17 11:16 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-04-17 11:16 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-04-17 11:16 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-04-17 11:16 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-04-17 11:16 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-04-17 11:16 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-04-17 11:16 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-04-17 11:16 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-04-17 11:16 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-04-17 11:16 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-04-17 11:16 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-04-17 11:16 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-04-17 11:16 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-04-17 11:16 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-04-17 11:16 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-04-17 11:16 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-04-17 11:16 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-04-17 11:16 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-04-17 11:16 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-04-17 11:16 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-04-17 11:16 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-04-17 11:16 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-04-17 11:16 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-04-17 11:16 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-04-17 11:16 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-04-17 11:16 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-04-17 11:16 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-04-17 11:16 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-04-17 11:16 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-04-17 11:16 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-04-17 11:16 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-04-17 11:16 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-04-17 11:16 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-04-17 11:16 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-04-17 11:16 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-04-17 11:16 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-04-17 11:16 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-04-17 11:16 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-04-17 11:16 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-04-17 11:16 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-04-17 11:16 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-04-17 11:15 - 2015-04-17 11:15 - 00000000 ____D () C:\Users\wattax\Documents\DirectX
2015-04-17 08:09 - 2015-04-16 16:31 - 00000000 ____D () C:\Windows\Panther
2015-04-17 07:28 - 2015-04-17 15:59 - 189105109 _____ () C:\Windows\MEMORY.DMP
2015-04-17 07:28 - 2015-04-17 15:59 - 00000000 ____D () C:\Windows\Minidump
2015-04-17 07:28 - 2015-04-17 07:28 - 00159384 _____ () C:\Windows\Minidump\041615-20108-01.dmp
2015-04-17 07:22 - 2015-04-25 14:22 - 00113818 _____ () C:\Windows\WindowsUpdate.log
2015-04-17 07:20 - 2015-04-17 07:22 - 00001313 _____ () C:\Windows\TSSysprep.log
2015-04-16 20:19 - 2015-04-16 20:21 - 100271992 _____ (Microsoft Corporation) C:\Users\wattax\Documents\directx_Jun2010_redist.exe
2015-04-16 20:10 - 2015-04-17 11:44 - 00000000 ____D () C:\Users\wattax\Documents\PCSX2
2015-04-16 20:08 - 2015-04-17 11:43 - 06503984 _____ (Microsoft Corporation) C:\Users\wattax\Documents\vcredist_x86.exe
2015-04-16 19:56 - 2015-04-16 19:56 - 00000000 ____D () C:\Users\wattax\Documents\Neverwinter Nights 2
2015-04-16 19:52 - 2015-04-16 19:55 - 00000000 ____D () C:\Users\wattax\AppData\Roaming\REngLauncher
2015-04-16 19:52 - 2015-04-16 19:52 - 00057560 _____ () C:\Users\wattax\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-16 19:47 - 2015-04-04 16:41 - 13611736 _____ (BlueStack Systems Inc.) C:\Users\wattax\Downloads\BlueStacks-ThinInstaller.exe
2015-04-16 19:35 - 2015-04-16 19:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-04-16 19:08 - 2015-04-25 14:19 - 00000000 ____D () C:\Users\wattax\AppData\Roaming\vlc
2015-04-16 19:05 - 2015-04-16 19:05 - 00001024 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-16 19:05 - 2015-04-16 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-04-16 19:05 - 2015-04-16 19:05 - 00000000 ____D () C:\Program Files\VideoLAN
2015-04-16 19:00 - 2015-04-16 19:04 - 28509232 _____ () C:\Users\wattax\Documents\vlc-2.2.0-win32.exe
2015-04-16 18:55 - 2015-04-16 18:55 - 00001466 _____ () C:\Users\wattax\Desktop\opera - Shortcut.lnk
2015-04-16 18:51 - 2015-04-16 18:51 - 00454336 _____ () C:\Windows\Minidump\041615-16224-01.dmp
2015-04-16 18:24 - 2015-04-17 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-16 18:24 - 2015-04-16 18:24 - 00000000 ____D () C:\Users\wattax\AppData\Local\NVIDIA
2015-04-16 18:23 - 2015-04-18 18:58 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-16 18:23 - 2015-02-04 11:35 - 00060744 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-16 18:23 - 2015-02-04 10:05 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-16 18:21 - 2015-04-16 18:21 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-04-16 18:17 - 2009-11-26 03:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-04-16 18:17 - 2009-11-26 03:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-04-16 18:17 - 2009-11-26 03:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-04-16 18:16 - 2009-11-26 03:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-16 18:16 - 2009-11-26 03:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-04-16 18:15 - 2015-04-17 12:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-16 17:56 - 2015-04-16 17:56 - 00000000 ____D () C:\Program Files\Intel
2015-04-16 17:56 - 2009-11-18 16:03 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2015-04-16 17:55 - 2015-04-16 17:55 - 00000000 ____D () C:\Intel
2015-04-16 17:54 - 2015-04-16 17:54 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-04-16 17:54 - 2015-04-16 17:54 - 00000000 ____D () C:\Program Files\Realtek
2015-04-16 17:54 - 2011-06-07 20:57 - 03514152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-04-16 17:54 - 2011-06-07 19:40 - 01493608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-04-16 17:54 - 2011-06-03 14:11 - 01256040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-04-16 17:54 - 2011-06-02 17:03 - 00075880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll
2015-04-16 17:54 - 2011-05-31 10:09 - 04158568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2015-04-16 17:54 - 2011-05-20 10:34 - 02163712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-04-16 17:54 - 2011-05-05 15:24 - 01740352 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-04-16 17:54 - 2010-12-23 19:06 - 00738392 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO32.dll
2015-04-16 17:54 - 2010-12-23 19:06 - 00053848 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld32.dll
2015-04-16 17:54 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-04-16 17:54 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-04-16 17:54 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-04-16 17:54 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-04-16 17:54 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-04-16 17:54 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-04-16 17:54 - 2010-09-27 09:34 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-04-16 17:54 - 2010-07-22 16:37 - 00175200 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-04-16 17:54 - 2010-07-02 19:40 - 00070232 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp32.dll
2015-04-16 17:54 - 2009-12-04 15:43 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2015-04-16 17:54 - 2009-11-24 09:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2015-04-16 17:54 - 2009-11-24 09:55 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2015-04-16 17:54 - 2009-11-24 09:55 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2015-04-16 17:54 - 2009-11-24 09:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2015-04-16 17:54 - 2009-11-18 18:42 - 01938704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-04-16 17:54 - 2009-11-18 18:42 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2015-04-16 17:54 - 2009-11-18 07:13 - 00050776 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn32.dll
2015-04-16 17:54 - 2009-11-17 18:13 - 00096160 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-04-16 17:53 - 2015-04-16 17:55 - 00000000 ___HD () C:\Program Files\Temp
2015-04-16 17:53 - 2015-04-16 17:53 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-16 17:53 - 2015-04-16 17:53 - 00000000 ____D () C:\Windows\system32\Atheros_L1e
2015-04-16 17:53 - 2015-04-16 17:53 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-04-16 17:53 - 2011-05-27 17:58 - 01284712 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-04-16 17:53 - 2011-03-22 13:44 - 00069232 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x86.sys
2015-04-16 17:51 - 2015-04-16 17:51 - 00000010 _____ () C:\Windows\GSetup.ini
2015-04-16 17:41 - 2015-02-24 04:23 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-04-16 17:25 - 2015-04-16 17:57 - 00000000 ____D () C:\Users\wattax\Documents\driverview
2015-04-16 17:25 - 2015-04-16 17:25 - 00045208 _____ () C:\Users\wattax\Documents\driverview.zip
2015-04-16 17:20 - 2015-04-16 17:57 - 00000000 ____D () C:\Users\wattax\Documents\bluescreenview
2015-04-16 17:19 - 2015-04-16 17:19 - 00067310 _____ () C:\Users\wattax\Documents\bluescreenview.zip
2015-04-16 17:18 - 2015-04-16 17:18 - 20650202 _____ () C:\Users\wattax\Downloads\operausb1217int.zip
2015-04-16 17:18 - 2015-04-16 17:18 - 00000000 ____D () C:\Users\wattax\Downloads\operausb1217int
2015-04-16 16:36 - 2015-04-16 16:36 - 00000000 ____D () C:\ProgramData\MobileBrServ
2015-04-16 16:34 - 2015-04-25 14:25 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:31 - 2015-04-16 16:31 - 00001413 _____ () C:\Users\wattax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-16 16:31 - 2015-04-16 16:31 - 00000020 ___SH () C:\Users\wattax\ntuser.ini
2015-04-16 16:31 - 2015-04-16 16:31 - 00000000 ____D () C:\Users\wattax\AppData\Local\VirtualStore
2015-04-16 16:31 - 2015-04-16 16:31 - 00000000 ____D () C:\Users\wattax
2015-04-16 16:31 - 2009-07-14 12:42 - 00000000 ___RD () C:\Users\wattax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-16 16:31 - 2009-07-14 12:37 - 00000000 ___RD () C:\Users\wattax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-16 16:30 - 2015-04-16 16:30 - 00000000 __SHD () C:\Recovery

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 14:18 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-25 14:18 - 2009-07-14 12:39 - 00019387 _____ () C:\Windows\setupact.log
2015-04-21 01:51 - 2009-07-14 12:34 - 00005856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-21 01:51 - 2009-07-14 12:34 - 00005856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-17 12:41 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Help
2015-04-17 11:16 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-17 08:09 - 2009-07-14 12:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-04-17 08:09 - 2009-07-14 12:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-04-17 07:30 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2015-04-17 07:25 - 2009-07-14 12:33 - 00257736 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-17 07:20 - 2009-07-14 12:34 - 00001774 _____ () C:\Windows\DtcInstall.log
2015-04-16 20:09 - 2009-07-14 10:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-16 18:47 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-04-16 17:41 - 2009-07-14 12:52 - 00000000 ____D () C:\Windows\system32\restore

Some content of TEMP:
====================
C:\Users\wattax\AppData\Local\Temp\nvStInst.exe
C:\Users\wattax\AppData\Local\Temp\Protect4a647d98.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-17 12:16

==================== End Of Log ============================

 

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Additition.txt - Windows 7

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2015
Ran by wattax at 2015-04-25 14:33:12
Running from C:\Users\wattax\Documents
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1790836275-511205700-1723610152-500 - Administrator - Disabled)
Guest (S-1-5-21-1790836275-511205700-1723610152-501 - Limited - Disabled)
wattax (S-1-5-21-1790836275-511205700-1723610152-1000 - Administrator - Enabled) => C:\Users\wattax

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Driver Fusion (HKLM\...\Driver Fusion) (Version: 2.9 - Treexy)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.22.00.158 - Huawei Technologies Co.,Ltd)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

17-04-2015 11:16:05 Installed DirectX
17-04-2015 11:43:58 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Loaded Modules (whitelisted) ==============

2015-04-16 18:23 - 2015-02-04 10:05 - 00106640 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-04-16 16:36 - 2013-07-23 11:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2015-04-17 12:20 - 2014-11-25 19:09 - 00596480 _____ () C:\Program Files\HexChat\hexchat.exe
2015-04-17 12:20 - 2014-11-22 19:44 - 00021504 _____ () C:\Program Files\HexChat\iconv.dll
2015-04-17 12:20 - 2014-11-22 19:46 - 01164288 _____ () C:\Program Files\HexChat\cairo.dll
2015-04-17 12:20 - 2014-11-22 19:44 - 00562688 _____ () C:\Program Files\HexChat\fontconfig.dll
2015-04-17 12:20 - 2014-11-22 19:44 - 01103360 _____ () C:\Program Files\HexChat\libxml2.dll
2015-04-17 12:20 - 2014-11-22 19:44 - 00590336 _____ () C:\Program Files\HexChat\pixman-1.dll
2015-04-17 12:20 - 2014-11-22 19:44 - 00167936 _____ () C:\Program Files\HexChat\libpng16.dll
2015-04-17 12:20 - 2014-11-22 19:44 - 00068096 _____ () C:\Program Files\HexChat\zlib1.dll
2015-04-17 12:20 - 2014-11-22 19:46 - 00638976 _____ () C:\Program Files\HexChat\harfbuzz.dll
2015-04-17 12:20 - 2014-11-22 19:47 - 00045568 _____ () C:\Program Files\HexChat\lib\gtk-2.0\i686-pc-vs10\engines\libwimp.dll
2015-04-17 12:20 - 2014-11-22 19:46 - 00250368 _____ () C:\Program Files\HexChat\lib\enchant\libenchant_myspell.dll
2015-04-17 12:20 - 2014-11-25 19:09 - 00010752 _____ () C:\Program Files\HexChat\plugins\hcupd.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1790836275-511205700-1723610152-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2015 02:24:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: opera.exe, version: 12.17.1863.0, time stamp: 0x534bdb9a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00660000
Faulting process id: 0xf78
Faulting application start time: 0xopera.exe0
Faulting application path: opera.exe1
Faulting module path: opera.exe2
Report Id: opera.exe3

Error: (04/17/2015 01:53:50 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{002A340C-17C1-4428-8D6A-2157802E243E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SLSVC_LOGON

Error: (04/17/2015 00:14:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: winsat.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc1cf
Faulting module name: nvwgf2um.dll, version: 9.18.13.3221, time stamp: 0x52b325df
Exception code: 0xc0000005
Fault offset: 0x00701152
Faulting process id: 0x1ac
Faulting application start time: 0xwinsat.exe0
Faulting application path: winsat.exe1
Faulting module path: winsat.exe2
Report Id: winsat.exe3

Error: (04/17/2015 11:16:04 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ebb5c43d-ee5d-4afd-b747-911f9af6dab4}

Error: (04/16/2015 07:55:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest.
Component 2: D:\Program Files\PlayBns.com\Blade and Soul\bin\Microsoft.VC80.CRT.MANIFEST.

Error: (04/16/2015 07:54:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifest.
Component 2: D:\Program Files\PlayBns.com\Blade and Soul\bin\Microsoft.VC80.CRT.MANIFEST.

System errors:
=============
Error: (04/25/2015 02:18:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/24/2015 04:03:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/21/2015 01:49:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/20/2015 05:34:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/20/2015 05:33:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/18/2015 06:57:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/17/2015 03:59:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/17/2015 03:59:24 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0x84ea1008, 0x9123783e, 0xc000009a, 0x00000004)C:\Windows\MEMORY.DMP041715-17206-01

Error: (04/17/2015 03:59:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:54:42 PM on ‎4/‎17/‎2015 was unexpected.

Error: (04/17/2015 01:06:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Microsoft Office Sessions:
=========================
Error: (04/25/2015 02:24:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: opera.exe12.17.1863.0534bdb9aunknown0.0.0.000000000c000000500660000f7801d07f204ef327acC:\Users\wattax\Downloads\operausb1217int\operausb1217int\opera.exeunknownbd01587a-eb13-11e4-854b-74d435355476

Error: (04/17/2015 01:53:50 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{002A340C-17C1-4428-8D6A-2157802E243E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SLSVC_LOGON

Error: (04/17/2015 00:14:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: winsat.exe6.1.7600.163854a5bc1cfnvwgf2um.dll9.18.13.322152b325dfc0000005007011521ac01d078c4cd78b05eC:\Windows\system32\winsat.exeC:\Windows\system32\nvwgf2um.dll360ad5e9-e4b8-11e4-80ba-74d435355476

Error: (04/17/2015 11:16:04 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ebb5c43d-ee5d-4afd-b747-911f9af6dab4}

Error: (04/16/2015 07:55:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifestD:\Program Files\PlayBns.com\Blade and Soul\bin\Microsoft.VC80.CRT.MANIFESTD:\Program Files\PlayBns.com\Blade and Soul\bin\client.bin

Error: (04/16/2015 07:54:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5.manifestD:\Program Files\PlayBns.com\Blade and Soul\bin\Microsoft.VC80.CRT.MANIFESTD:\Program Files\PlayBns.com\Blade and Soul\bin\client.bin

==================== Memory info ===========================

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 27%
Total physical RAM: 2048 MB
Available physical RAM: 1477.02 MB
Total Pagefile: 4096 MB
Available Pagefile: 3362.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:63.48 GB) (Free:45.01 GB) NTFS
Drive d: () (Fixed) (Total:169.41 GB) (Free:24.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 972CEA52)
Partition 1: (Not Active) - (Size=63.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=169.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Edited by henrymills, 25 April 2015 - 02:38 AM.

  • 0

Advertisements

#2
BrianDrab
Posted 29 April 2015 - 08:21 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi and sorry for the delay. Reading over the history of this and reviewing your logs I believe you may need assistance from our hardware/software experts. If you still need assistance you should post a topic in our Windows Vista/7 forum. They have much more knowledge in these areas than most of us here in malware removal.

 

I wish you the best of luck and if you encounter any malware issues, feel free to come back here. Thanks.


  • 0

#3
henrymills
Posted 05 May 2015 - 06:57 PM

henrymills

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Sorry for late reply.My initial post of this is here in Malware Section and was move by Dsenette and Havredave to http://www.geekstogo...ng-part-2/.Thenthey said i try to post here if i believe its malware problem.Until now nobody replied there.What should I do?


  • 0

#4
BrianDrab
Posted 05 May 2015 - 09:46 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

I don't believe this is malware but since it was requested that you come here, let's give it a look. Please do the following.

 

Step#1 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Clean"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

Step#2 - Rootkit Scan
1. Download aswMBR to your desktop.
2. Right-click on aswMBR.exe and select Run as administrator to run it.
3. If you get a question about Virtualization Technology, answer Yes.
4. If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
5. Click the "Scan" button to start scan.
6. On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

Step#3 - Malwarebytes Scan

Note: I would uninstall the version you have installed since it's older (Malwarebytes Anti-Malware version 2.0.4.1028) and follow the directions below.
 

  • Download Malwarebytes to your desktop from here.
  • Right-click on the file that is downloaded to your desktop and select Run as administrator. Answer Yes when asked to Allow.
  • Select the appropriate language and click OK.
  • Click Next.
  • Select "I accept the agreement" and click Next.
  • Click Next
  • Change the install path if desired. Normally you will keep this as is. Click Next.
  • Click Next again.
  • Click Next again.
  • Click Install.
  • Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
  • Click Finish
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • ScanForRootkits.JPG
     
  • Click the Scan button at the top of the form and then click Start Scan button and let complete.
  • If malware was detected you can now click the Remove Selected Button. If no malware was detected you can skip the rest of these bullet items and go to the next step which is to retrieve the Malwarebytes log.
  • RemoveSelected.JPG
  • Once the malware is removed you may get a prompt asking you to reboot. Note: Please answer Yes.
  • Restart.JPG.

 
Step#4 - Retrieve Malwarebytes Log
1. Open up the Malwarebytes program again if it's not already. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Click on the most recent Scan Log as shown in the picture below.
ApplicationLog.JPG
 
5. The Scanning History Log screen will open. Click the Export button in the lower left and choose Copy to Clipboard. Paste the info into your next post (Right-click your mouse in the post and select Paste).
ScanningHistory.JPG

 

 

Items for your next post

1. AdwCleaner log

2. Rootkit Scan Log

3. Malwarebytes log


  • 0

#5
BrianDrab
Posted 10 May 2015 - 10:14 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#6
BrianDrab
Posted 13 May 2015 - 08:21 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

OP requested it to be re-opened. I'll await logs.


  • 0

#7
henrymills
Posted 25 July 2015 - 09:49 PM

henrymills

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Im sorry I wasnt able to reply for 2 months i become so busy,here is the logs you requested
 
=====================================================================================================================
AdwCleaner Log
=====================================================================================================================
 
# AdwCleaner v4.208 - Logfile created 25/07/2015 at 16:30:39
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows Vista ™ Ultimate Service Pack 2 (x86)
# Username : MyEminence - ME-PC
# Running from : C:\Users\MyEminence\Fixture\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2isryo5x.jamocha\foxydeal.sqlite
File Deleted : C:\Users\Marcus\AppData\Roaming\Mozilla\Firefox\Profiles\c94o7dma.default\searchplugins\speedbit.xml
File Deleted : C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\ywjnhiw1.default\searchplugins\speedbit.xml
File Deleted : C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\SpeedBit
Key Deleted : HKLM\SOFTWARE\SpeedBit
Key Deleted : HKU\.DEFAULT\Software\SpeedBit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16421
 
 
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
 
[c94o7dma.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://home.speedbit.com/?aff=115");
[c94o7dma.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage_override_url", "hxxp://home.speedbit.com/?aff=115");
[ywjnhiw1.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://home.speedbit.com/?pid=%s&aid=%s");
[ywjnhiw1.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage_override_url", "hxxp://home.speedbit.com/?pid=%s&aid=%s");
 
-\\ Google Chrome v42.0.2311.135
 
[C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Marcus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
-\\ Opera v29.0.1795.47
 
 
*************************
 
AdwCleaner[R0].txt - [43493 bytes] - [09/11/2014 20:28:35]
AdwCleaner[R1].txt - [42850 bytes] - [09/11/2014 20:56:25]
AdwCleaner[R2].txt - [3950 bytes] - [22/12/2014 15:42:39]
AdwCleaner[R3].txt - [1781 bytes] - [19/01/2015 21:27:42]
AdwCleaner[R4].txt - [3343 bytes] - [25/07/2015 16:02:15]
AdwCleaner[S0].txt - [1336 bytes] - [09/11/2014 20:32:39]
AdwCleaner[S1].txt - [46594 bytes] - [09/11/2014 20:59:01]
AdwCleaner[S2].txt - [4413 bytes] - [22/12/2014 15:54:40]
AdwCleaner[S3].txt - [1870 bytes] - [19/01/2015 21:33:12]
AdwCleaner[S4].txt - [3342 bytes] - [25/07/2015 16:30:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [3401  bytes] ##########
 
=====================================================================================================================
AswMBR Log
=====================================================================================================================
 
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-07-25 17:18:42
-----------------------------
17:18:42.873    OS Version: Windows 6.0.6002 Service Pack 2
17:18:42.873    Number of processors: 2 586 0xF0D
17:18:42.889    ComputerName: ME-PC  UserName: 
17:18:48.115    Initialize success
17:18:48.130    VM: initialized successfully
17:18:48.130    VM: Intel CPU virtualization not supported 
17:18:51.656    AVAST engine defs: 15041700
17:18:52.748    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:18:52.748    Disk 0 Vendor: ST3250318AS CC38 Size: 238475MB BusType: 3
17:18:52.873    Disk 0 MBR read successfully
17:18:52.873    Disk 0 MBR scan
17:18:52.873    Disk 0 Windows 7 default MBR code
17:18:52.888    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS        65000 MB offset 2048
17:18:52.904    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       173473 MB offset 133122048
17:18:52.904    Disk 0 scanning sectors +488394752
17:18:53.216    Disk 0 scanning C:\windows\system32\drivers
17:19:04.160    Service scanning
17:19:06.973    Service BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20150506.001\BHDrvx86.sys **LOCKED** 5
17:19:09.345    Service eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys **LOCKED** 5
17:19:09.703    Service EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
17:19:12.621    Service IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20150512.001\IDSvix86.sys **LOCKED** 5
17:19:16.224    Service NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20150512.019\NAVENG.SYS **LOCKED** 5
17:19:16.443    Service NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20150512.019\NAVEX15.SYS **LOCKED** 5
17:19:21.528    Service SRTSPX C:\windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS **LOCKED** 5
17:19:22.152    Service SymDS C:\windows\system32\drivers\NIS\1207020.003\SYMDS.SYS **LOCKED** 5
17:19:22.339    Service SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS **LOCKED** 5
17:19:22.464    Service SymIRON C:\windows\system32\drivers\NIS\1207020.003\Ironx86.SYS **LOCKED** 5
17:19:22.511    Service SYMTDIv C:\windows\System32\Drivers\NIS\1207020.003\SYMTDIV.SYS **LOCKED** 5
17:19:27.035    Modules scanning
17:19:27.035    Disk 0 trace - called modules:
17:19:27.051    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys halmacpi.dll ataport.SYS intelide.sys 
17:19:27.066    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x877a0210]
17:19:27.066    3 CLASSPNP.SYS[8c1c48b3] -> nt!IofCallDriver -> [0x8752d438]
17:19:27.066    5 acpi.sys[8468d6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x87530528]
17:19:27.441    AVAST engine scan C:\windows
17:19:31.044    AVAST engine scan C:\windows\system32
17:22:17.194    AVAST engine scan C:\windows\system32\drivers
17:22:32.752    AVAST engine scan C:\Users\MyEminence
20:01:47.450    AVAST engine scan C:\ProgramData
20:10:05.080    Disk 0 statistics 5273730/0/0 @ 0.27 MB/s
20:10:05.111    Scan finished successfully
23:07:30.532    Disk 0 MBR has been saved successfully to "C:\Users\MyEminence\Fixture\MBR.dat"
23:07:30.532    The log file has been saved successfully to "C:\Users\MyEminence\Fixture\aswMBR.txt"
 
=====================================================================================================================
MBAM Log
=====================================================================================================================
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/25/2015
Scan Time: 11:29:18 PM
Logfile: 
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.25.02
Rootkit Database: v2015.07.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: MyEminence
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 713816
Time Elapsed: 1 hr, 13 min, 22 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 3
PUP.Optional.Tuvaro, HKU\S-1-5-21-185903628-1420016957-2107898834-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}, Quarantined, [c036f8ed1e6c1e18a42142483ac88f71], 
PUP.Optional.Tuvaro, HKU\S-1-5-21-185903628-1420016957-2107898834-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}, Quarantined, [c036f8ed1e6c1e18a42142483ac88f71], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-185903628-1420016957-2107898834-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP MANAGEMENT\ARPCACHE\conduitEngine, Quarantined, [42b44c99ef9b033319b78912f410e719], 
 
Registry Values: 2
PUP.Optional.SearchModule.A, HKU\S-1-5-21-185903628-1420016957-2107898834-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}|SuggestionsURL_JSON, http://api.searchpre...={searchTerms},Quarantined, [38be9f46c1c97fb7a4d9217505ff748c]
PUP.Optional.SearchModule.A, HKU\S-1-5-21-185903628-1420016957-2107898834-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}|SuggestionsURL_JSON, http://api.searchpre...={searchTerms},Quarantined, [9c5a09dcd4b65dd9bdc0870f1fe5a759]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.SpeedBit.A, C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\ywjnhiw1.default\searchplugins\speedbit.xml, Quarantined, [9561469f6129cd697d7043dc0df6d729], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#8
BrianDrab
Posted 26 July 2015 - 07:35 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Since it's been so long please tell me how your machine is doing now that you ran the few tools above? Also please provide fresh logs.

 

Fresh Set of Logs
 
1. Right click on FRST.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check box this log will be created as well. Please copy and paste this log as well.
 
 
 
Items for your next post
1. FRST and Addition logs


  • 0

#9
henrymills
Posted 29 July 2015 - 08:39 AM

henrymills

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I haven't used the machine since the last 2 months;the graphics glitches still happen when i run any graphics app.Also the logs i posted above are fresh and were from scan last July 25.This is the FRST and Addition logs.

=====================================================================================================================
FRST Log
=====================================================================================================================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2015
Ran by MyEminence (administrator) on ME-PC (29-07-2015 19:03:14)
Running from C:\Users\MyEminence\Fixture
Loaded Profiles: MyEminence (Available Profiles: MyEminence & Marcus & Tempo)
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
() C:\Program Files\Gigabyte\ET6\GUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SpeedBit Ltd.) C:\Program Files\DAP\DAP.exe
(BitTorrent, Inc.) C:\Program Files\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Opera Software) C:\Users\MyEminence\operausb1217int\operausb1217int\opera.exe
(Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\RunOnce: [EasyTuneVI] => C:\Program Files\Gigabyte\ET6\ETCall.exe [20480 2007-07-26] ()
HKU\S-1-5-21-185903628-1420016957-2107898834-1000\...\Run: [DownloadAccelerator] => C:\Program Files\DAP\DAP.exe [2918576 2011-04-29] (SpeedBit Ltd.)
HKU\S-1-5-21-185903628-1420016957-2107898834-1000\...\Run: [BitTorrent] => C:\Program Files\BitTorrent\BitTorrent.exe [400760 2011-04-29] (BitTorrent, Inc.)
HKU\S-1-5-18\...\Run: [Mobile Partner] => C:\Program Files\Tattoo\Tattoo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-12-13] (AVAST Software)
GroupPolicyScripts: Group Policy detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-185903628-1420016957-2107898834-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-185903628-1420016957-2107898834-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com/?aff=115
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-185903628-1420016957-2107898834-1000 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
SearchScopes: HKU\S-1-5-21-185903628-1420016957-2107898834-1000 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-04] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-13] (AVAST Software)
BHO: No Name -> {bf00e119-21a3-4fd1-b178-3b8537e75c92} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-04] (Oracle Corporation)
BHO: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Program Files\DAP\dapieloader.dll [2011-04-29] (SpeedBit Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-185903628-1420016957-2107898834-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} http://clients.futur...y/FMSI_v420.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{26174A8D-3605-4B3B-BF45-7D7865A7598E}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{361C0F59-666F-41C6-ABE1-62E90A2CB23C}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{81CE8E85-A8F4-4C39-B093-F1C2DA72357B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{979C5E8A-8B6B-4F19-941F-1379B673A242}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{9868F5BD-DB91-49AE-8FF3-F485C69B1313}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A9E2C173-1BE8-4EEA-84D3-4B07CD078812}: [DhcpNameServer] 192.168.0.1 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\f60jhd62.Seiha
FF SelectedSearchEngine: Google (avast)
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.c...?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Keyword.URL: https://www.google.c...?trackid=sp-006
FF Homepage: https://www.google.com/?trackid=sp-006
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-02-23] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-04] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-01-04] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-25] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-01-22] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-02-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\ywjnhiw1.default\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\ywjnhiw1.default\searchplugins\speedbit.xml [2015-07-26]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\7udqw10n.justbrowse\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\e95fwen3.youtube\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2k1echgk.SINN\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\k4aolroc.Witchever\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\pmsq0194.Desperado\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\pmw0ypsj.noSa\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\bpiduon3.Pronjack\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\f0m3bzxo.neweragain\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\xidld2u0.Hastings\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\wzlrxbcq.MOCHACHO\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\7h9u3pwa.AllyEml\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\yt7spcd8.Serpindor\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2isryo5x.jamocha\searchplugins\google-avast.xml [2015-02-24]
FF SearchPlugin: C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\f60jhd62.Seiha\searchplugins\google-avast.xml [2015-02-24]
FF Extension: DownloadHelper - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\ywjnhiw1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-15]
FF Extension: anonymoX - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\ywjnhiw1.default\Extensions\[email protected] [2015-02-03]
FF Extension: Mega Manager Integration - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\k4aolroc.Witchever\Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} [2011-11-18]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\pmw0ypsj.noSa\Extensions\[email protected] [2011-12-05]
FF Extension: Adblock Plus - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\pmw0ypsj.noSa\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-12-05]
FF Extension: Flash Video Downloader - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\wzlrxbcq.MOCHACHO\Extensions\[email protected] [2014-01-29]
FF Extension: DownloadHelper - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\wzlrxbcq.MOCHACHO\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-17]
FF Extension: ProxTube - Unblock YouTube - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\7h9u3pwa.AllyEml\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-02-04]
FF Extension: DownloadHelper - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\7h9u3pwa.AllyEml\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-12]
FF Extension: No Name - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\7h9u3pwa.AllyEml\Extensions\[email protected] [2014-02-04]
FF Extension: Stealthy - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\7h9u3pwa.AllyEml\Extensions\[email protected] [2014-02-04]
FF Extension: DownThemAll! - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\7h9u3pwa.AllyEml\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-04-12]
FF Extension: DownloadHelper - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\yt7spcd8.Serpindor\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-28]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2isryo5x.jamocha\Extensions\[email protected] [2014-12-13]
FF Extension: DownloadHelper - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2isryo5x.jamocha\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: No Name - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2isryo5x.jamocha\Extensions\[email protected] [2014-10-28]
FF Extension: ProxTube - Unblock YouTube - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2isryo5x.jamocha\Extensions\[email protected] [2014-09-30]
FF Extension: Download YouTube Videos as MP4 - C:\Users\MyEminence\AppData\Roaming\Mozilla\Firefox\Profiles\2isryo5x.jamocha\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-10-26]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-08-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2012-01-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-13]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2015-07-29]
FF HKU\S-1-5-21-185903628-1420016957-2107898834-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files\DAP\DAPFireFox [2011-04-29]
FF HKU\S-1-5-21-185903628-1420016957-2107898834-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\MyEminence\AppData\Roaming\IDM\idmmzcc3

Chrome:
=======
CHR Profile: C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-16]
CHR Extension: (Google Docs) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-16]
CHR Extension: (Google Drive) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (YouTube) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-16]
CHR Extension: (Google Search) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-16]
CHR Extension: (Google Sheets) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-16]
CHR Extension: (Avast Online Security) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-22]
CHR Extension: (Google Wallet) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-16]
CHR Extension: (Gmail) - C:\Users\MyEminence\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-16]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [562592 2011-05-27] (Affinegy, Inc.)
S3 AppleChargerSrv; C:\windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-13] (AVAST Software)
S4 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152576 2011-04-19] () [File not signed]
S4 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () [File not signed]
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
S4 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S4 FlowFinder3MonstersAE32; C:\Program Files\GenArts\Monsters-AE\bin\FlowFinder3MonstersAE32.exe [704512 2010-06-04] () [File not signed]
S4 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [130976 2011-08-15] (Futuremark Corporation)
S4 Globe Tattoo Broadband. RunOuc; C:\Program Files\Globe Tattoo Broadband\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 HFGService; C:\windows\System32\HFGService.dll [411136 2007-08-14] (CSR, plc)
S4 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [924160 2007-02-12] (Nero AG) [File not signed]
S4 JawsServerAE; C:\Program Files\GenArts\Monsters-AE\bin\JawsServerAE.exe [393216 2010-06-08] () [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
R2 NIS; C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
S4 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
S4 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S4 RLM-GenArts; C:\Program Files\GenArts\rlm\rlm.exe [1540096 2010-06-03] (Reprise Software Inc.) [File not signed]
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [69864 2011-01-12] (SANDBOXIE L.T.D)
S4 UI Assistant Service; C:\Program Files\SMART BRO\AssistantServices.exe [269648 2011-06-24] ()
S4 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
S4 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-12-13] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [73480 2015-01-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr.sys [55240 2014-12-13] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-12-13] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2015-01-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2015-01-15] (AVAST Software)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [57928 2014-12-13] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-12-13] ()
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20150506.001\BHDrvx86.sys [1172184 2015-05-02] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131800 2015-03-10] (BlueStack Systems)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
S3 csr_a2dp; C:\windows\System32\drivers\bthav.sys [48128 2010-12-22] (Cambridge Silicon Radio Limited)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-04-23] (Symantec Corporation)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2015-04-23] (Symantec Corporation)
S3 etdrv; C:\Windows\etdrv.sys [17488 2015-04-15] (Windows ® 2000 DDK provider)
S3 ewusbnet; C:\windows\System32\DRIVERS\ewusbnet.sys [249472 2012-04-20] (Huawei Technologies Co., Ltd.) [File not signed]
S3 ew_usbenumfilter; C:\windows\System32\DRIVERS\ew_usbenumfilter.sys [11136 2012-10-30] (Huawei Technologies Co., Ltd.) [File not signed]
R3 gdrv; C:\Windows\gdrv.sys [17488 2015-07-29] (Windows ® 2000 DDK provider)
R3 GVTDrv; C:\windows\system32\Drivers\GVTDrv.sys [24944 2015-07-29] ()
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\windows\System32\DRIVERS\ew_jucdcecm.sys [70272 2012-10-29] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-08-20] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\windows\System32\DRIVERS\ewusbmdm.sys [199168 2011-12-31] (Huawei Technologies Co., Ltd.) [File not signed]
R1 HWiNFO32; C:\Program Files\HWiNFO32\HWiNFO32.SYS [20216 2011-05-22] (REALiX™)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20150512.001\IDSvix86.sys [505048 2015-04-14] (Symantec Corporation)
R4 InCDfs; C:\windows\System32\drivers\InCDFs.sys [112384 2007-02-12] (Nero AG) [File not signed]
R1 InCDPass; C:\windows\System32\drivers\InCDPass.sys [31360 2007-02-12] (Nero AG) [File not signed]
U1 InCDrec; C:\windows\system32\Drivers\InCDrec.sys [10624 2007-02-12] (Nero AG) [File not signed]
R1 incdrm; C:\windows\System32\drivers\InCDRm.sys [33792 2007-02-12] (Nero AG) [File not signed]
R3 L1C; C:\windows\System32\DRIVERS\L1C60x86.sys [68208 2011-03-23] (Atheros Communications, Inc.)
S3 massfilter; C:\windows\System32\drivers\massfilter.sys [9216 2011-03-26] (MBB Incorporated)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20150512.019\NAVENG.SYS [95704 2015-04-24] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20150512.019\NAVEX15.SYS [1636696 2015-04-24] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-18] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67656 2010-05-11] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [125672 2011-01-12] (SANDBOXIE L.T.D)
R0 speedfan; C:\windows\System32\speedfan.sys [5248 2006-09-24] (Windows ® 2000 DDK provider) [File not signed]
S3 SRTSP; C:\windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS [516216 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS [50168 2011-03-31] (Symantec Corporation)
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [184192 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 sxuptp; C:\windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
R0 SymDS; C:\windows\System32\drivers\NIS\1207020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\drivers\NIS\1207020.003\SYMEFA.SYS [744568 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [126584 2015-03-15] (Symantec Corporation)
R1 SymIRON; C:\windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation)
R1 SYMTDIv; C:\windows\System32\Drivers\NIS\1207020.003\SYMTDIV.SYS [331384 2011-04-21] (Symantec Corporation)
S3 ZTEusbvoice; C:\windows\System32\DRIVERS\ZTEusbvoice.sys [107776 2011-03-26] (ZTE Incorporated)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-04-02] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2099-12-15 19:44 - 2011-02-17 13:24 - 00000000 ____D C:\windows\system32\Plugins
2015-07-25 15:47 - 2015-07-29 19:03 - 00000000 ____D C:\Users\MyEminence\Fixture
2015-07-25 15:35 - 2015-07-25 15:35 - 00000000 ____D C:\Users\MyEminence\operausb1217int
2015-07-25 15:35 - 2015-04-18 00:59 - 20650202 _____ C:\Users\MyEminence\operausb1217int.zip
2015-07-25 15:08 - 2015-07-29 18:48 - 00000004 _____ C:\windows\system32\GVTunner.ref

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 19:04 - 2014-01-29 16:38 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 19:03 - 2014-12-23 12:52 - 00000000 ____D C:\FRST
2015-07-29 19:02 - 2014-12-13 22:27 - 00098520 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-29 18:59 - 2011-02-26 02:32 - 00000000 ____D C:\Users\MyEminence\AppData\Roaming\BitTorrent
2015-07-29 18:56 - 2009-04-11 20:38 - 01345031 _____ C:\windows\WindowsUpdate.log
2015-07-29 18:56 - 2006-11-02 20:46 - 00004928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 18:56 - 2006-11-02 20:46 - 00004928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 18:49 - 2011-04-29 22:45 - 00000000 ____D C:\ProgramData\TEMP
2015-07-29 18:48 - 2015-03-14 10:57 - 00017488 _____ (Windows ® 2000 DDK provider) C:\windows\gdrv.sys
2015-07-29 18:48 - 2015-03-13 23:32 - 00024944 _____ C:\windows\system32\Drivers\GVTDrv.sys
2015-07-29 18:48 - 2014-09-16 20:20 - 00000882 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-29 18:47 - 2006-11-02 21:00 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-26 13:16 - 2012-02-24 18:43 - 00000012 _____ C:\windows\bthservsdp.dat
2015-07-26 13:16 - 2006-11-02 21:00 - 00032558 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-07-26 13:15 - 2015-04-25 16:41 - 00000000 ____D C:\Users\MyEminence\AppData\Roaming\HexChat
2015-07-26 12:27 - 2014-09-16 20:20 - 00000886 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-26 11:43 - 2014-09-16 20:28 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-26 11:35 - 2014-01-27 20:59 - 00000000 ____D C:\Program Files\Opera
2015-07-26 11:25 - 2015-01-19 21:34 - 00133386 _____ C:\windows\PFRO.log
2015-07-26 01:27 - 2006-11-02 19:18 - 00000000 ____D C:\windows\Cursors
2015-07-25 17:18 - 2015-04-15 19:20 - 00000000 ____D C:\Users\MyEminence\AppData\Local\CrashDumps
2015-07-25 16:30 - 2014-11-09 20:28 - 00000000 ____D C:\AdwCleaner
2015-07-25 15:55 - 2014-12-13 22:36 - 00000899 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-25 15:55 - 2014-12-13 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-25 15:55 - 2014-12-13 22:36 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-25 15:47 - 2011-02-21 13:52 - 00000000 ____D C:\Users\MyEminence

==================== Files in the root of some directories =======

2011-05-07 15:19 - 2011-05-07 15:19 - 0002001 _____ () C:\Program Files\InstantHDPro1.0.log
2011-05-07 15:44 - 2011-05-07 15:44 - 0002054 _____ () C:\Program Files\primattekeyer4.0.log
2009-04-14 16:07 - 2009-04-14 16:07 - 0037607 _____ () C:\Program Files\Common Files\license.rtf
2010-01-31 11:06 - 2010-01-31 11:06 - 0008046 _____ () C:\Program Files\Common Files\setupBanner.jpg
2011-08-16 20:09 - 2011-08-23 12:25 - 0001100 _____ () C:\Users\MyEminence\AppData\Local\d3d8caps.dat
2011-02-21 13:52 - 2014-12-13 22:05 - 0002032 _____ () C:\Users\MyEminence\AppData\Local\d3d9caps.dat
2011-02-25 10:44 - 2015-04-15 18:36 - 0071680 _____ () C:\Users\MyEminence\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-12 14:56 - 2011-03-12 14:56 - 0000036 _____ () C:\Users\MyEminence\AppData\Local\housecall.guid.cache

Some files in TEMP:
====================
C:\Users\MyEminence\AppData\Local\temp\Protect4a647d98.dll
C:\Users\MyEminence\AppData\Local\temp\Quarantine.exe
C:\Users\MyEminence\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-29 18:53

==================== End of log ============================

 

=====================================================================================================================
Addition.txt Log
=====================================================================================================================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2015
Ran by MyEminence (2015-07-29 19:04:14)
Running from C:\Users\MyEminence\Fixture
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-185903628-1420016957-2107898834-500 - Administrator - Disabled)
Guest (S-1-5-21-185903628-1420016957-2107898834-501 - Limited - Disabled)
Marcus (S-1-5-21-185903628-1420016957-2107898834-1001 - Administrator - Enabled) => C:\Users\Marcus
MyEminence (S-1-5-21-185903628-1420016957-2107898834-1000 - Administrator - Enabled) => C:\Users\MyEminence
Stempo (S-1-5-21-185903628-1420016957-2107898834-1005 - Administrator - Enabled)
Tempo (S-1-5-21-185903628-1420016957-2107898834-1004 - Administrator - Enabled) => C:\Users\Tempo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS Ver.2.07 (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.07 - GIGABYTE)
2d3 SteadyMove Pro (HKLM\...\{2BF4F570-038D-45F1-8CD3-B0134B345BB3}) (Version: 1.21.6220 - 2d3 Ltd)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Accent RAR Password Recovery (HKLM\...\{994D4DFE-FC8C-4039-A493-5B94E4143B1C}) (Version: 3.2.48.3188 - Passcovery Co. Ltd.)
Adobe After Effects CS4 Third Party Content (HKLM\...\Adobe_5aab5a491a3a52ae624fd639f6aaa95) (Version: 9 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Creative Suite 4 Production Premium (HKLM\...\Adobe_0a572e121e19f0f54d2d23782236e1b) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Production Premium (HKLM\...\Adobe_36ac9dc8c9a94feb9e5886810012e78) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Production Premium (HKLM\...\Adobe_83e762451b5cf1655cb11b0be8ae31a) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Encoder CS4 Exporter (HKLM\...\Adobe_5eba9bbdf1514a06b1a4c79a2920188) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-185903628-1420016957-2107898834-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Anvil Studio 2011 (HKLM\...\{9E3D3F0B-D447-44DA-9204-2CA004A4133E}) (Version: 11.02.12 - Willow Software)
Any Video Converter 3.2.3 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
ASRock InstantBoot v1.23 (HKLM\...\ASRock InstantBoot_is1) (Version: - )
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.51 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AV Music Morpher Gold (HKLM\...\AV Music Morpher Gold) (Version: - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
BitTorrent (HKLM\...\BitTorrent) (Version: 7.2.1 - )
Blade and Soul (HKLM\...\{CEF766E5-6E15-441F-B14A-C44CB168DBE7}) (Version: 1.0.0 - PlayBns.com)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
Boris Continuum Complete 7 Adobe CS3 CS4 (HKLM\...\{B8CB8785-3E0E-41AB-B201-6FFE6D9FF3CC}) (Version: 7.00.1000 - Boris FX, Inc.)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Cedocida DV Codec (HKLM\...\cedocida) (Version: - )
Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CPUID CPU-Z 1.57 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1705 - CyberLink Corp.)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
DMIView B8.0717.01 (HKLM\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 9607 (Build 2134) - Speedbit Ltd.)
E.M. Youtube Video Download Tool 3.15 (HKLM\...\E.M. Youtube Video Download Tool_is1) (Version: - EffectMatrix, Inc.)
Easy Tune 6 B11.0728.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0728.1 (Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.0904.1 (HKLM\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Face_Wizard B09.1119.01 (HKLM\...\{E76FCE6B-9999-4250-8C75-B2DA4AD41268}) (Version: 1.00.0000 - Gigabyte)
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Final Fantasy XIII version 1.0.0.0 (HKLM\...\Final Fantasy XIII_is1) (Version: 1.0.0.0 - SQUARE ENIX)
Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.3.1.118 - Foxit Corporation)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
Freez FLV to MP3 Converter (HKLM\...\Freez FLV to MP3 Converter v1.5_is1) (Version: 1.5 - www.smallvideosoft.com)
Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.2.0 - Futuremark Corporation)
GenArts Monsters GT V6 for After Effects CS4 (HKLM\...\{BC0F92C4-4F1C-475E-9FAE-B26A54BC0852}_is1) (Version: - GenArts, Inc.)
GenArts Sapphire Plug-ins 5.0 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version: - )
GenArts Sapphire RLM Server 8.0.5.1 (HKLM\...\GenArts Reprise License Manager Server_is1) (Version: - )
Globe Broadband (HKLM\...\Globe Broadband) (Version: 11.300.05.20.158 - Huawei Technologies Co.,Ltd)
Globe Tattoo Broadband (HKLM\...\Globe Tattoo Broadband) (Version: 23.009.09.01.158 - Huawei Technologies Co.,Ltd)
Gmask 1.70 English (HKLM\...\Gmask 1.70 English) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
GPU Caps Viewer v1.8.2 (HKLM\...\GPU Caps Viewer_is1) (Version: - oZone3D.Net)
HandBrake 0.9.5 (HKLM\...\HandBrake) (Version: 0.9.5 - )
HexChat (x86) (HKLM\...\HexChat (x86)_is1) (Version: 2.9.6 - HexChat)
HWiNFO32 Version 3.84 (HKLM\...\HWiNFO32_is1) (Version: 3.84 - Martin Malík - REALiX)
Instant HD (HKLM\...\Instant HD) (Version: - )
Instant HD Advanced (HKLM\...\Instant HD Advanced) (Version: - )
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
JDownloader (HKLM\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt))
kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lagarith Lossless Codec (1.3.21) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LightScribe 1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com)Hidden
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mega Manager (HKLM\...\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}) (Version: 3.5.1.0 - Megaupload Limited)
Mega Manager (Version: 3.5.1.0 - Megaupload Limited) Hidden
MegaTrainer eXperience V1.0.3.6 (HKLM\...\MegaTrainer eXperience_is1) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MKVcleaver (HKLM\...\{5BAEAA63-8C55-4571-B0FE-695299835907}) (Version: 5.0.3 - MKVcleaver)
MKVtoolnix 2.5.1 (HKLM\...\MKVtoolnix) (Version: 2.5.1 - Moritz Bunkus)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.22.00.158 - Huawei Technologies Co.,Ltd)
mocha Pro V2.5.2-3520 (HKLM\...\{B7D4740D-02F7-4D53-A50F-7D6ED4BAA54A}) (Version: 2.52.3520 - Imagineer Systems)
MotioninJoy ds3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.00005 - www.motioninjoy.com)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-185903628-1420016957-2107898834-1000\...\MyFreeCodec) (Version: - )
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
NCsoft Launcher (HKLM\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.19002 - NCsoft)
Nero 7 Essentials (HKLM\...\{874AF83E-1BF6-4F2B-9086-BF62BDAE1033}) (Version: 7.02.5608 - Nero AG)
Neverwinter Nights 2 (HKLM\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Norton Internet Security (HKLM\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Performance (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 30.0.1835.125 (HKLM\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r3878) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r4600) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5350) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version: - )
PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photomatix Pro version 5.0.4 (HKLM\...\PhotomatixPro5x32_is1) (Version: 5.0.4 - HDRsoft Ltd)
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
PianoFX STUDIO 4.0 (HKLM\...\PianoFX STUDIO 4.0_is1) (Version: 4.0 - Tanseon Systems)
Pixel Bender Toolkit (Version: 1.0 - Adobe Systems Incorporated) Hidden
Primatte Keyer Pro 4.0 (HKLM\...\Primatte Keyer Pro 4.0) (Version: - )
Q-Share Ver.1.2 (HKLM\...\{F308B531-AB20-4A79-8F5E-83071FE5BE60}) (Version: 1.2 - GIGABYTE)
RAR Password Recovery Professional (HKLM\...\RAR Password Recovery Professional) (Version: - SmartKey, Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RESIDENT EVIL 5 (HKLM\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 3.52 (HKLM\...\Sandboxie) (Version: - )
SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital)
SMART BRO (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
SmartCam -- Smart Phone Camera (HKLM\...\SmartCam) (Version: 1.4 - Ionut Dediu)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Sun Broadband Hotspot (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
Sun Broadband Wireless (HKLM\...\Sun Broadband Wireless) (Version: 16.001.06.04.256 - Huawei Technologies Co.,Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.49.1000 - SUPERAntiSpyware.com)
System Requirements Lab (HKLM\...\{0A3A9522-EFA2-4C56-9138-101692C2A130}) (Version: 4.4.26.0 - Husdawg, LLC)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}) (Version: 4.4.24.0 - Husdawg, LLC)
Tattoo (HKLM\...\Tattoo) (Version: 1.09.00.158 - Huawei Technologies Co.,Ltd)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: SKYRIM (HKLM\...\The Elder Scrolls V: SKYRIM_is1) (Version: 1.1.21.0 - Bethesda Softworks)
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
Torchlight (HKLM\...\Runic Games Torchlight) (Version: 0.0.66.192 - )
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
Trapcode Form (HKLM\...\Trapcode Form) (Version: - )
Trapcode Lux (HKLM\...\Trapcode Lux) (Version: - )
Trapcode Particular v2 (HKLM\...\Trapcode Particular v2) (Version: - )
Trapcode Shine (HKLM\...\Trapcode Shine) (Version: - )
Trapcode Starglow (HKLM\...\Trapcode Starglow) (Version: - )
Ultimate Extras sounds from Microsoft® Tinker™ (HKLM\...\UltSounds2) (Version: - Microsoft Corporation)
UnCleaner (HKLM\...\UnCleaner) (Version: 1.7 - Josh Cell Softwares Corporation)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update Manager B09.1008.1 (HKLM\...\InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}) (Version: 1.00.0000 - GIGABYTE)
Update Manager B09.1008.1 (Version: 1.00.0000 - GIGABYTE) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Video Enhancer 1.9.6 (HKLM\...\Video Enhancer_is1) (Version: - Infognition Co. Ltd.)
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VirtualDub Filter Pack 1.0 (HKLM\...\VirtualDub Filter Pack_is1) (Version: - Dee Mon)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
Windows Sound Schemes (HKLM\...\UltSounds) (Version: - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.0) (Version: 1.3.0 - Xvid Team)
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 18:23 - 2014-12-15 12:32 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A36E0FD-B1E4-442F-8EF7-C5CB188707A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {1BA01890-A006-4775-96D9-9C006CD61725} - System32\Tasks\SBWUpdateTask_Logon_603d724b-001E101FB681 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {2C0E4495-15D7-4064-AEB7-F7D61513256B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-16] (Google Inc.)
Task: {4408880C-A9C5-46B9-BC7C-A7A2F8E9F2CE} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {6774270A-EAB5-427A-81A0-C86640BC1794} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-13] (AVAST Software)
Task: {6E42AC87-77E7-4CF2-8A71-7D5E69C28853} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-26] (Piriform Ltd)
Task: {6FCB3434-D68F-4C69-9BA6-FDD2E72CFD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-16] (Google Inc.)
Task: {A2F28C6B-05CA-429D-9D09-CC8CC3EDC022} - System32\Tasks\{3876CA48-1F70-41FC-89DE-1217DDFAF0B1} => pcalua.exe -a "C:\Program Files\Hotspot Shield\Uninstall.exe"
Task: {A777C0DD-10A3-4283-B4DA-B1F1BD43211C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - MyEminence => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {A849459B-C5B4-4F43-90A1-A0BFBE3D7031} - System32\Tasks\SBWUpdateTask_Time_603d724b-001E101FB681 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {B05AAA3F-7AD3-47C4-9267-3CA624F5F593} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {B06B490A-A2C7-4FE1-8614-73244FFB24D6} - System32\Tasks\SBWUpdateTask_Time_603d724b-74D435355476 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {BE2DD90B-C189-4623-BF7B-23C85EE68627} - System32\Tasks\SBWUpdateTask_Time_603d724b-0025222896A8 => C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {CF965BB5-C33F-4E2F-B8A7-C2D8CD4AFD11} - System32\Tasks\SBWUpdateTask_Logon_603d724b-0025222896A8 => C:\Program Files\Common Files\SpeedBit\SBUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION
Task: {DE78D958-976E-498F-B857-834A67270FFF} - System32\Tasks\Opera scheduled Autoupdate 1390827574 => C:\Program Files\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {E7EE2155-7D72-4669-BBB4-6F2BB6426738} - System32\Tasks\SBWUpdateTask_Logon_603d724b-74D435355476 => C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2011-04-29] (Speedbit Ltd.) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2008-03-25 17:21 - 2008-03-25 17:21 - 00219656 _____ () C:\Program Files\Gigabyte\ET6\GUI.exe
2011-07-28 13:43 - 2011-07-28 13:43 - 02601031 _____ () C:\Program Files\Gigabyte\ET6\Normal.dll
2011-07-27 11:46 - 2011-07-27 11:46 - 00430147 _____ () C:\Program Files\Gigabyte\ET6\work.dll
2011-06-15 14:19 - 2011-06-15 14:19 - 00106496 _____ () C:\Program Files\Gigabyte\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files\Gigabyte\ET6\CIAMIB.dll
2011-06-23 20:04 - 2011-06-23 20:04 - 00155648 _____ () C:\Program Files\Gigabyte\ET6\OCK.dll
2009-12-22 16:52 - 2009-12-22 16:52 - 00102400 _____ () C:\Program Files\Gigabyte\ET6\ycc.dll
2010-10-19 10:59 - 2010-10-19 10:59 - 00065536 _____ () C:\Program Files\Gigabyte\ET6\GPTT.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files\Gigabyte\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files\Gigabyte\ET6\StabilityLib.dll
2010-12-02 16:01 - 2010-12-02 16:01 - 00106496 _____ () C:\Program Files\Gigabyte\ET6\HM.dll
2011-07-15 11:14 - 2011-07-15 11:14 - 00192512 _____ () C:\Program Files\Gigabyte\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files\Gigabyte\ET6\Sound.dll
2010-06-10 15:52 - 2010-06-10 15:52 - 00110592 _____ () C:\Program Files\Gigabyte\ET6\AMD8.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 04449632 _____ () C:\Program Files\Gigabyte\ET6\Platform.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 00423256 _____ () C:\Program Files\Gigabyte\ET6\Device.dll
2011-07-22 18:12 - 2011-07-22 18:12 - 00307200 _____ () C:\Program Files\Gigabyte\ET6\MFCCPU.dll
2011-04-29 22:44 - 2011-04-29 22:44 - 00053248 _____ () C:\Program Files\DAP\zlib.dll
2011-04-29 22:44 - 2011-04-29 22:44 - 00084480 _____ () C:\windows\system32\EasyHook32.dll
2010-07-05 05:32 - 2010-07-05 05:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-11-24 16:54 - 2011-04-19 16:29 - 00132608 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\windows\system32\msln.exe:7ff4426ecbbfa671ca617cb0d6f228d7
AlternateDataStreams: C:\ProgramData\TEMP:553CA6CA

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-185903628-1420016957-2107898834-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AffinegyService => 2
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: Belkin Local Backup Service => 2
MSCONFIG\Services: Belkin Network USB Helper => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: ES lite Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FlowFinder3MonstersAE32 => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: Globe Tattoo Broadband. RunOuc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HWDeviceService.exe => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: InCDsrv => 2
MSCONFIG\Services: JawsServerAE => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nTuneService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RLM-GenArts => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: UI Assistant Service => 2
MSCONFIG\Services: WDDMService => 2
MSCONFIG\Services: WDSmartWareBackgroundService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\windows\pss\WDDMStatus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDSmartWare.lnk => C:\windows\pss\WDSmartWare.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BitTorrent => "C:\Program Files\BitTorrent\BitTorrent.exe"
MSCONFIG\startupreg: CheckNDISPort_df => C:\Program Files\Hotspot\Sun Broadband\CheckNDISPort_df.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: ehTray.exe => C:\windows\ehome\ehTray.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InCD => C:\Program Files\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Mega Manager => C:\Program Files\Megaupload\Mega Manager\MegaManager.exe /Tray
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Remoter => C:\Users\MyEminence\Downloads\Jpop Funk\RemoterServer\RemoterServer\RemoterServer.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SecurDisc => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: UIExec => "C:\Program Files\SMART BRO\UIExec.exe"
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe
MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{26BFD8FC-7189-4FA2-9836-DD138B649F13}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe
FirewallRules: [{2376F20D-E243-4094-A30B-9441FBD9837D}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe
FirewallRules: [{0A221571-AC91-4652-8AB5-092E1761CFAA}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe
FirewallRules: [{AFF77224-405D-4A95-AD63-36BD844FCC56}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe
FirewallRules: [{808BB47E-F42F-4482-83FA-222D8403A2E6}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe
FirewallRules: [{D52D6404-7177-4014-850E-14A7B8F8DBFF}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe
FirewallRules: [{85FC2257-6D9C-417A-B039-B65C3616D124}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe
FirewallRules: [{75114963-14EF-4A48-B7B7-1D241CAA6B9A}] => (Allow) C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe
FirewallRules: [{62C6F6E1-3D5D-488B-BDEE-E2C993D4797E}] => (Allow) C:\Program Files\BitTorrent\BitTorrent.exe
FirewallRules: [{FC476FCF-F290-4926-94AA-9DF64AEAF764}] => (Allow) C:\Program Files\BitTorrent\BitTorrent.exe
FirewallRules: [{8D0D1696-4F1D-4FD2-8204-FEE6CB51AEDC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{1E2759DA-058E-4EBC-90DD-6C4F44276328}] => (Allow) C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{82AF3E38-3BB1-45B4-BFF9-C13F773C3FA2}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{5BD1F8F0-5A68-4CBB-80B9-A280CC148AC5}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{E4999A76-E641-4EAF-91A2-DC1E05B413AD}] => (Allow) LPort=80
FirewallRules: [{4623175F-6621-4757-B6A6-E38960BC6D08}] => (Allow) LPort=80
FirewallRules: [{F76DC596-574C-432B-AC65-9EFFD8C1C60B}] => (Allow) LPort=80
FirewallRules: [48df1fd4-f69e-4fc3-82e9-507f23b3a6ff] => (Block) %ProgramFiles%\The Elder Scrolls V Skyrim\TESV.exe
FirewallRules: [98790cec-d218-4d07-b791-4e3b1b57e437] => (Block) %ProgramFiles%\The Elder Scrolls V Skyrim\SkyrimLauncher.exe
FirewallRules: [{54BF1EAC-DECE-4343-BE6B-A7C96851FD00}] => (Block) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{B7980DAF-8BF6-4095-9824-4418E36E1591}] => (Block) LPort=5353
FirewallRules: [{B5EBAB2A-A980-4488-ACBB-B7D82866D31A}] => (Block) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [da1609b3-e6fb-45b3-9ba1-4cbad2838383] => (Block) %ProgramFiles%\The Elder Scrolls V Skyrim\TESV.exe
FirewallRules: [3c2f378c-d391-4588-a1b3-115283f2c1dd] => (Block) %ProgramFiles%\The Elder Scrolls V Skyrim\SkyrimLauncher.exe
FirewallRules: [5446571d-0bbc-43a6-9669-b4b32ad2b1dc] => (Block) %ProgramFiles%\Imagineer Systems Ltd\mocha Pro V2\bin\mochapro.exe
FirewallRules: [12a62bcb-f89f-4e95-bc06-90b326d07e20] => (Block) %ProgramFiles%\Imagineer Systems Ltd\mocha Pro V2\bin\mochapro.exe
FirewallRules: [d13dec6d-6354-4f8c-b87d-b5c2673b124f] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS4\Mocha\bin\Mocha For After Effects.exe
FirewallRules: [66fb37a5-1762-419b-ab89-84773d7656b0] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS4\Mocha\bin\Mocha For After Effects.exe
FirewallRules: [9c14f7dd-889c-4ba4-b473-86a5f764614f] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe
FirewallRules: [a8f09d23-dd18-4bf0-893b-a15e091525c8] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe
FirewallRules: [TCP Query User{FE770376-2031-4274-8514-1EE6A24AD5F3}C:\program files\dap\dap.exe] => (Allow) C:\program files\dap\dap.exe
FirewallRules: [UDP Query User{7AAC9897-078E-44F5-B6B2-AC48D3CDB309}C:\program files\dap\dap.exe] => (Allow) C:\program files\dap\dap.exe
FirewallRules: [{7B1DC2A7-6AB1-4DA1-BD28-99BFBD9D2796}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{C6CA2221-2488-4946-ABA7-A82AEEC0DE20}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{FA08A8E6-1F78-4782-86F9-0D3204CCF491}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{E42B26F5-A363-4DB5-BFFE-66CF38AC7BB5}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{E1EB5086-1458-4B06-87B8-2C1D90B105C2}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{A979DE24-7A84-4F3F-B0FF-8BEF65052AE7}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{0732D62B-22D2-4329-9145-18D7F5F6A021}] => (Allow) LPort=19540
FirewallRules: [{B2E131B4-8933-4C03-9789-EE1899DC63BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{570F95C2-812F-4A91-898D-F2FE805D25E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C6B32EB0-089C-49FD-8D63-7456926AB94E}] => (Allow) D:\Program Files\PlayBns.com\Blade and Soul\bin\Client.exe
FirewallRules: [{C5F9BD63-7B65-429A-977B-77886E7D7822}] => (Allow) C:\Users\MYEMIN~1\AppData\Local\Temp\nsz51D9.tmp\CnetInstaller-10493998.exe
FirewallRules: [{C68A28C5-6CEA-4814-A700-B2D7111FCCFC}] => (Allow) C:\Users\MYEMIN~1\AppData\Local\Temp\nsz51D9.tmp\CnetInstaller-10493998.exe
FirewallRules: [{B5606035-05C0-4B54-A41B-B69E6F0D397E}] => (Allow) C:\Program Files\Mozilla Firefox2\firefox.exe
FirewallRules: [{076353A6-F72B-4074-8328-7408C8E5FABD}] => (Allow) C:\Program Files\Mozilla Firefox2\firefox.exe
FirewallRules: [TCP Query User{3ADD288F-236D-4515-B894-755A013CD6CA}C:\program files\mirc\mirc.exe] => (Allow) C:\program files\mirc\mirc.exe
FirewallRules: [UDP Query User{5CFBD4C7-2AE8-4A49-8F5F-D284947D601C}C:\program files\mirc\mirc.exe] => (Allow) C:\program files\mirc\mirc.exe
FirewallRules: [TCP Query User{02741FCE-DD7F-4171-B716-99B196BB3E5F}C:\program files\genarts\rlm\rlm.exe] => (Block) C:\program files\genarts\rlm\rlm.exe
FirewallRules: [UDP Query User{EC61C6B1-CCD2-44AC-A704-04A8E0B6D7A1}C:\program files\genarts\rlm\rlm.exe] => (Block) C:\program files\genarts\rlm\rlm.exe
FirewallRules: [TCP Query User{15603820-6D17-4C32-8146-EF889FEE8DF2}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{D51E0EC6-54E7-4064-98FD-8F51C2A3B94D}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{C9A51697-5C6C-4B8A-933A-70F8E93F9913}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: NVIDIA GeForce 8600 GT
Description: NVIDIA GeForce 8600 GT
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/29/2015 07:04:15 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.


Operation:
Instantiating VSS server

Error: (07/29/2015 07:04:15 PM) (Source: VSS) (EventID: 39) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please
enable the service and try again.


Operation:
Instantiating VSS server

Error: (07/29/2015 06:47:58 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/26/2015 12:58:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.


Operation:
Instantiating VSS server

Error: (07/26/2015 12:58:00 PM) (Source: VSS) (EventID: 39) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please
enable the service and try again.


Operation:
Instantiating VSS server

Error: (07/26/2015 11:25:50 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/26/2015 01:28:33 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x00000000.

Error: (07/26/2015 01:28:21 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/25/2015 08:42:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.


Operation:
Instantiating VSS server

Error: (07/25/2015 08:42:52 PM) (Source: VSS) (EventID: 39) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please
enable the service and try again.


Operation:
Instantiating VSS server


System errors:
=============
Error: (07/29/2015 06:56:20 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.254.102 for the Network Card with network address 74D435355476 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/29/2015 06:49:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (07/29/2015 06:49:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BlueStacks Android Service%%1064

Error: (07/26/2015 11:26:59 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (07/26/2015 11:26:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BlueStacks Android Service%%1064

Error: (07/26/2015 11:26:30 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.254.100 for the Network Card with network address 74D435355476 has been denied by the DHCP server 192.168.254.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/26/2015 01:29:28 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (07/26/2015 01:29:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: BlueStacks Android Service%%1064

Error: (07/25/2015 11:20:15 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.254.100 for the Network Card with network address 74D435355476 has been denied by the DHCP server 192.168.254.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/25/2015 04:34:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt


Microsoft Office:
=========================
Error: (07/29/2015 07:04:15 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422

Operation:
Instantiating VSS server

Error: (07/29/2015 07:04:15 PM) (Source: VSS) (EventID: 39) (User: )
Description: Operation:
Instantiating VSS server

Error: (07/29/2015 06:47:58 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/26/2015 12:58:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422

Operation:
Instantiating VSS server

Error: (07/26/2015 12:58:00 PM) (Source: VSS) (EventID: 39) (User: )
Description: Operation:
Instantiating VSS server

Error: (07/26/2015 11:25:50 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/26/2015 01:28:33 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/26/2015 01:28:21 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/25/2015 08:42:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070422

Operation:
Instantiating VSS server

Error: (07/25/2015 08:42:52 PM) (Source: VSS) (EventID: 39) (User: )
Description: Operation:
Instantiating VSS server


CodeIntegrity:
===================================
Date: 2015-07-29 19:03:40.864
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-29 19:03:40.786
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-29 19:03:40.708
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-29 19:03:40.615
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 23:40:46.445
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 23:40:46.351
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 23:40:46.273
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 23:40:46.195
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 23:40:46.117
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-07-25 23:40:46.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 40%
Total physical RAM: 2811.77 MB
Available physical RAM: 1666.5 MB
Total Virtual: 8736.24 MB
Available Virtual: 7710.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:169.41 GB) (Free:12.29 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:63.48 GB) (Free:44.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 972CEA52)
Partition 1: (Not Active) - (Size=63.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=169.4 GB) - (Type=07 NTFS)

==================== End of log ============================


  • 0

#10
BrianDrab
Posted 29 July 2015 - 08:57 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Does the glitching only happen when you are utilizing Adobe Flash on Windows 7?


  • 0

Advertisements

#11
henrymills
Posted 30 July 2015 - 02:47 AM

henrymills

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

No the glitching happen on any Graphics App whether image or video editor/player or games.And this happens in both vista and windows 7.Btw the logs are from windows vista only,do I need to provide separate log for windows 7 since it has the same problem and it started from it and infected vista?


  • 0

#12
BrianDrab
Posted 30 July 2015 - 06:30 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

I'm a little confused. In your initial post you said the following.

 

but when I run Windows Vista the problem doesnt exist. I can even play MMORPG,Final Fantasy and play HD Videos on VLC without the graphic glitches or the crash on nvidia driver dont occur on Windows Vista. I really need to fix the problem on Windows 7

 

 

But now you are saying

And this happens in both vista and windows 7

 

 

Can you explain?


  • 0

#13
henrymills
Posted 31 July 2015 - 08:30 PM

henrymills

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

It was like this,i installed bluetooth driver for my dongle and had problem with uninstalling certain bluetooth driver,then this problem occured in Vista then zep516 help me by asking me to run scans like what you ask me.Then after he was done helping I was able to play Video Games and Graphics Apps on Vista,but i wasnt able to tell him the problem also occurs in Windows 7 so for months I didnt use Windows 7 and Windows Vista is fine.Until i start using Windows 7 again and try to fix it by rscanning and Windows Vista got the same problem again like somehow its reinfected by something from Windows 7.Thats why i believe its a virus and not Hardware and Windows problem.


  • 0

#14
BrianDrab
Posted 01 August 2015 - 08:34 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thank you for the explanation. I understand your issue now. It's not malware at all. It's a software conflict. Please do the following and we'll see if we can get rid of your glitches.
 
Retrieve Software Hive
Note: The Software have has confidential and sensitive information in it so please send me a PM with a link to that particular hive so it's not in the public form.

  • Please download the Freeware RegBak from here: Acelogix Software - Download products
    You will find it at the bottom of the page that the link brings you to.
  • Go ahead and install this program and accept all the defaults. After the last install screen the program should open.
  • Click the New Backup button. Accept the defaults and simply click Start.
  • When it says Finished successfully, click the Close button.
  • This will bring you back to the main screen of the program. You will see one entry in this list with the date that you did it. Right-click on this line-item and select Explore Backup...
  • This will bring you into the folder where the backup was made. You should see a Users folder and a Windows folder along with a couple other files. Double-click on the Windows folder to open it. Then open the System32 folder and then config folder. You should see around 6 files in here, one of which is named SOFTWARE.
  • Copy the SOFTWARE file to your Desktop.
  • Now right click on the SOFTWARE file that is on your desktop and select Send to > Compressed (zipped) folder.
  • Then please upload the zip file (SOFTWARE.zip) to your favourite file sharing website (it will be too big to upload here). Examples of services to upload to are Dropbox or One Drive or SendSpace and then PM me the link.
  • You can close any open windows you have as well as the RegBack program now.

  • 0

#15
BrianDrab
Posted 06 August 2015 - 09:43 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP