Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows explorer acting strange and cant download anyhting in chrome [


  • This topic is locked This topic is locked

#1
Fatie32

Fatie32

    Member

  • Member
  • PipPipPip
  • 122 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Mikey (administrator) on MIKEY-PC on 09-05-2015 17:06:49
Running from C:\Users\Mikey\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L918XO1P
Loaded Profiles: Mikey (Available profiles: Mikey)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Mikey\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\tv_x64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Razer Inc.) D:\Program Files (x86)\Razer\Razer Cortex\main.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Blackfish Software) C:\Users\Mikey\AppData\Local\IE Tab\8.4.13.1\ietabhelper.exe
(Farbar) C:\Users\Mikey\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L918XO1P\FRST64[1].exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-28] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [RazerCortex] => D:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-01-26] (Razer Inc.)
HKU\S-1-5-21-1720781654-3047350990-1079063203-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1720781654-3047350990-1079063203-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1720781654-3047350990-1079063203-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1720781654-3047350990-1079063203-1000 -> {E6957116-DFE1-4A9E-9922-66747C34C5F0} URL = https://search.yahoo...p={searchTerms}
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-05-29] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-05-29] (Oracle Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-05-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-05-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Mikey\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin HKU\S-1-5-21-1720781654-3047350990-1079063203-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
 
Chrome: 
=======
CHR Profile: C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Google Drive) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (YouTube) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Battlefield Heroes) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-04-07]
CHR Extension: (Adblock Plus) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-22]
CHR Extension: (Google Search) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Pandora) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2014-06-12]
CHR Extension: (XKit) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-12-14]
CHR Extension: (Bookmark Manager) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]
CHR Extension: (IE Tab) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2014-08-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Evernote Web Clipper) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-12-08]
CHR Extension: (Gmail) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR Extension: (Canvas Rider) - C:\Users\Mikey\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-05-16]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [936832 2015-03-21] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-11-01] (BitRaider, LLC)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5278064 2014-09-09] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173792 2015-03-28] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-23] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186560 2015-01-30] ()
R2 RzKLService; D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-01-26] (Razer Inc.)
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ampa; C:\Windows\system32\ampa.sys [15288 2011-12-26] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-11-01] (BitRaider)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-10-22] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-01] (Disc Soft Ltd)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-18] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-09] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7758v270\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2975960 2013-09-25] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-01-30] (Razer, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-22] ()
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [102400 2012-11-07] (Windows ® Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 MSI_MSIBIOS_010507; \??\D:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_4; \??\D:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-09 17:06 - 2015-05-09 17:07 - 00000000 ____D () C:\FRST
2015-05-09 16:52 - 2015-05-09 16:53 - 00000000 ____D () C:\AdwCleaner
2015-05-09 16:36 - 2015-05-09 17:03 - 00000672 _____ () C:\Windows\setupact.log
2015-05-09 16:36 - 2015-05-09 16:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-09 10:03 - 2015-05-09 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-09 10:03 - 2015-05-09 10:03 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-09 10:03 - 2015-05-09 10:03 - 00000000 ____D () C:\Program Files\iTunes
2015-05-09 10:03 - 2015-05-09 10:03 - 00000000 ____D () C:\Program Files\iPod
2015-05-09 10:03 - 2015-05-09 10:03 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-26 17:23 - 2015-04-26 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-26 17:22 - 2015-04-26 17:33 - 00000000 ____D () C:\Users\Mikey\AppData\Roaming\DVDVideoSoft
2015-04-22 13:23 - 2015-04-22 13:23 - 00000000 ____D () C:\Users\Mikey\AppData\Roaming\OpenOffice
2015-04-22 13:22 - 2015-04-22 13:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-04-22 13:22 - 2015-04-22 13:22 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-04-11 19:11 - 2015-04-11 19:13 - 00000000 ____D () C:\Users\Mikey\Documents\Cobalt
2015-04-11 19:11 - 2015-04-11 19:13 - 00000000 ____D () C:\Users\Mikey\AppData\Roaming\Cobalt
2015-04-11 19:09 - 2015-04-11 19:09 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-04-11 19:09 - 2015-04-11 19:09 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-04-11 19:09 - 2015-04-11 19:09 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-04-11 19:09 - 2015-04-11 19:09 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-04-11 19:09 - 2015-04-11 19:09 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-04-11 19:08 - 2015-04-11 19:08 - 00000000 ____D () C:\Users\Mikey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cobalt
2015-04-11 19:08 - 2015-04-11 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobalt
2015-04-11 19:03 - 2015-04-11 19:03 - 00000000 ____D () C:\Users\Mikey\AppData\Roaming\java
2015-04-11 19:01 - 2015-04-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-09 17:07 - 2012-12-13 09:27 - 01302819 _____ () C:\Windows\WindowsUpdate.log
2015-05-09 17:06 - 2015-02-24 10:56 - 00000033 _____ () C:\Users\Public\LMDebug.log
2015-05-09 17:03 - 2013-02-09 14:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-09 17:03 - 2012-12-13 09:32 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-09 17:03 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-09 16:58 - 2009-07-13 23:13 - 00006214 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-09 16:58 - 2009-07-13 22:45 - 00027312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-09 16:58 - 2009-07-13 22:45 - 00027312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-09 16:54 - 2014-08-05 18:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-09 16:38 - 2012-12-13 09:32 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-09 11:09 - 2014-08-09 09:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-09 10:03 - 2012-12-13 18:12 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-09 10:01 - 2015-04-03 20:21 - 00000000 ____D () C:\ProgramData\VSO
2015-05-09 10:01 - 2014-09-28 07:51 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-09 10:01 - 2014-06-30 12:06 - 00000000 ____D () C:\Users\Mikey\AppData\Local\CrashDumps
2015-05-09 10:01 - 2012-12-23 10:38 - 00000000 ____D () C:\Users\Mikey\AppData\Roaming\uTorrent
2015-04-26 17:29 - 2015-03-10 18:30 - 00000738 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-26 07:46 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-26 07:45 - 2012-12-13 09:32 - 00064416 _____ () C:\Users\Mikey\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-24 19:54 - 2009-07-13 22:45 - 00296392 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-22 14:09 - 2014-08-09 09:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-22 14:09 - 2014-07-01 15:30 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-22 14:09 - 2014-07-01 15:30 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-22 13:27 - 2014-08-12 15:03 - 00000000 ____D () C:\Users\Mikey\AppData\Local\IE Tab
2015-04-12 15:12 - 2009-07-13 23:08 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-11 19:41 - 2014-08-08 22:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 19:14 - 2013-10-27 14:45 - 00000000 ____D () C:\Users\Mikey\AppData\Roaming\.minecraft
 
==================== Files in the root of some directories =======
 
2015-04-03 20:21 - 2015-04-03 20:21 - 0099384 _____ () C:\Users\Mikey\AppData\Roaming\inst.exe
2015-04-03 20:21 - 2015-04-03 20:21 - 0007859 _____ () C:\Users\Mikey\AppData\Roaming\pcouffin.cat
2015-04-03 20:21 - 2015-04-03 20:21 - 0001167 _____ () C:\Users\Mikey\AppData\Roaming\pcouffin.inf
2015-04-03 20:21 - 2015-04-03 20:21 - 0000055 _____ () C:\Users\Mikey\AppData\Roaming\pcouffin.log
2015-04-03 20:21 - 2015-04-03 20:21 - 0082816 _____ (VSO Software) C:\Users\Mikey\AppData\Roaming\pcouffin.sys
2014-10-18 16:42 - 2014-10-18 16:42 - 0000096 _____ () C:\Users\Mikey\AppData\Roaming\settings.xml
2014-06-29 12:27 - 2014-06-29 12:27 - 0000038 ___SH () C:\Users\Mikey\AppData\Local\134e6589520e51682091c0.32666518
2014-06-30 10:46 - 2014-06-30 10:46 - 0000037 ___SH () C:\Users\Mikey\AppData\Local\70149b02515b3bb20dd492.47983420
2014-11-30 13:39 - 2014-11-30 13:39 - 1065984 _____ () C:\Users\Mikey\AppData\Local\file__0.localstorage
2014-10-26 08:13 - 2014-10-26 08:13 - 0000218 _____ () C:\Users\Mikey\AppData\Local\recently-used.xbel
 
Some content of TEMP:
====================
C:\Users\Mikey\AppData\Local\Temp\Quarantine.exe
C:\Users\Mikey\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-04 00:17
 
==================== End Of Log ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Mikey at 2015-05-09 17:08:07
Running from C:\Users\Mikey\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L918XO1P
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1720781654-3047350990-1079063203-500 - Administrator - Disabled)
Guest (S-1-5-21-1720781654-3047350990-1079063203-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1720781654-3047350990-1079063203-1003 - Limited - Enabled)
Mikey (S-1-5-21-1720781654-3047350990-1079063203-1000 - Administrator - Enabled) => C:\Users\Mikey
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1720781654-3047350990-1079063203-1000\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM-x32\...\{221C4218-4414-4275-AF04-748DF4BF48D3}) (Version: 2.4.2526 - Famatech)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1720781654-3047350990-1079063203-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Any Video Converter 5.7.3 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
applicationupdater (HKU\S-1-5-21-1720781654-3047350990-1079063203-1000\...\SOE-C:/Users/Mikey/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
ASUS PCE-N15 WLAN Card Utilities & Driver (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.0.1.2 - ASUS)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bloodfin Launcher 1.0 (HKLM-x32\...\Bloodfin Launcher) (Version: 1.0 - Bloodfin.Net)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty® 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty® 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Cobalt (HKLM-x32\...\Cobalt) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DisplayFusion 6.1.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 6.1.2.0 - Binary Fortress Software)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.4.1128 - Foxit Corporation)
Free Video to DVD Converter version 5.0.58.324 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.58.324 - DVDVideoSoft Ltd.)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoPro Studio 2.5.4 (HKLM-x32\...\GoPro Studio) (Version: 2.5.4 - GoPro, Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Handicap Manager for Windows (HKLM-x32\...\Hm4win) (Version:  - )
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hydian Way version 1.2 (HKLM-x32\...\{8531A877-9791-46FE-A0F7-C6A84035C19Z}_is1) (Version: 1.2 - Hydian Way)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
inSSIDer Office (HKLM-x32\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.4 - NETGEAR)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
Polar FlowSync version 2.1.5 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.1.5 - Polar Electro Oy)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.3.25.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version:  - )
Star Wars® Knights of the Old Republic® II: The Sith Lords™ (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Mouse Auto Clicker 4.0.3 (HKLM-x32\...\{39062735-0291-4C52-919E-5A80BA98E8C2}_is1) (Version:  - Advanced Mouse Auto Clicker, Ltd.)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
The Repopulation (HKLM-x32\...\Steam App 322300) (Version:  - Above and Beyond Technologies)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.64 - VSO Software)
Wi-Fi Analytics Tool (HKLM-x32\...\{41A6B30E-330B-4B56-9054-8F3D22B857E5}) (Version: 2.1.5 - AmpedWireless)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WPT Redistributables (x32 Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.29722 - Microsoft) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1720781654-3047350990-1079063203-1000_Classes\CLSID\{6511a5d7-b538-4c3d-b3c1-3ef7f01253f7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1720781654-3047350990-1079063203-1000_Classes\CLSID\{8b31738c-da7b-42c4-a691-608581d23ad2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
09-05-2015 10:04:19 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2014-11-22 23:02 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {058E328F-6305-4874-889E-0A986AC82E19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-13] (Google Inc.)
Task: {19300029-A9F7-4A58-8CE1-4658D1FA62E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-13] (Google Inc.)
Task: {35AF60EB-E055-41BA-AE16-715EA6B998B8} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {47BF4EC5-E275-422D-B105-C384A52CE05C} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-12-20] ()
Task: {604C7960-B984-40E2-BA40-9A50EB2C1B73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {8362683D-CC52-46A2-8DAA-4534F2E25157} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-22] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-02-09 14:32 - 2015-03-13 10:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-26 11:26 - 2012-10-26 11:26 - 00034304 _____ () C:\Windows\System32\sdt1cl6.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-24 18:50 - 2014-11-23 20:41 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-30 17:10 - 2015-01-30 17:10 - 00186560 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-02-07 16:15 - 2010-08-10 21:37 - 00334848 _____ () C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
2014-12-20 15:37 - 2014-12-20 15:38 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2014-12-20 15:38 - 2014-12-20 15:38 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-05-09 17:03 - 2015-05-09 17:03 - 00012800 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00009728 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00014848 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00094208 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\src\rgloader\rgloader193.mswin.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00009216 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00094208 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00126976 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00087552 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00016384 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00127316 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\bin\libffi-6.dll
2015-05-09 17:03 - 2015-05-09 17:03 - 00008704 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00013312 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00095744 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00026624 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrA7E2.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00012800 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00009728 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00014848 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00094208 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\src\rgloader\rgloader193.mswin.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00094208 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00118784 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00069120 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00083968 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\bin\zlib1.dll
2015-05-09 17:04 - 2015-05-09 17:04 - 00026624 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00275968 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00015360 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00008192 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00009216 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00023552 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00008704 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00008704 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00008704 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00008704 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00036352 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00126976 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00087552 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00016384 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-05-09 17:03 - 2015-05-09 17:03 - 00127316 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\bin\libffi-6.dll
2015-05-09 17:04 - 2015-05-09 17:04 - 00013312 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00095744 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-05-09 17:04 - 2015-05-09 17:04 - 00026624 _____ () C:\Users\Mikey\AppData\Local\Temp\ocrAE19.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-12-20 15:38 - 2014-12-20 15:38 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2014-12-20 15:38 - 2014-12-20 15:38 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-03-30 21:00 - 2015-03-27 21:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-02 09:51 - 2015-04-27 20:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-05-02 09:51 - 2015-04-27 20:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1720781654-3047350990-1079063203-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mikey\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GoPro Importer.lnk => C:\Windows\pss\GoPro Importer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mikey^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mikey\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes Anti-Malware (cleanup) => "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [TCP Query User{6559B66A-C710-42E2-AA83-3A8C674C4302}D:\program files (x86)\steam\steamapps\mcwolves3232\source sdk base 2007\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mcwolves3232\source sdk base 2007\hl2.exe
FirewallRules: [UDP Query User{B9C32606-F391-453D-98F2-B62115BBCDD5}D:\program files (x86)\steam\steamapps\mcwolves3232\source sdk base 2007\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\mcwolves3232\source sdk base 2007\hl2.exe
FirewallRules: [TCP Query User{F809652E-C022-4B76-B7FB-9F345F7DDC45}C:\users\mikey\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mikey\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1F26D172-677C-4E79-8B8F-BE87E8EB09A1}C:\users\mikey\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mikey\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1DE76912-0B9F-43CA-B380-D7DF79E67C6A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FB109778-CDF0-4D14-90FD-6C3262D4E1C7}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2E8ED404-E91A-4942-8E3B-1B4FB36BB7F5}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{D8EFF464-6743-4FFB-A7C7-799E1583C9B0}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{669100E6-3430-4878-83E7-A3B67C2AF755}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33B09970-B48F-46A8-81F0-DF803B85A53D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3371BD99-53F5-4014-8F82-DC86948CCF50}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{95152D9E-C33C-4532-A933-139E2A4B9C67}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D1A46C86-5919-4988-9EA5-5DBC4FFE8097}] => (Allow) C:\Users\Mikey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{52466371-C792-4763-8EB7-C70985A38C43}] => (Allow) C:\Users\Mikey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{CBF93B1C-3C24-4F35-868F-35C123CAB04F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F8A55FCA-A301-44D1-8E66-0ED62B60504F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{F25EF59B-903D-40E9-908A-D45FCF7064CE}D:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) D:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{5C9CA6AF-9892-494A-8142-832AEB6038E3}D:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) D:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{26EAA20C-9CA8-4CD1-B1B7-04B0D332255D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{132EC1D6-28FB-4F1A-AC68-E15310EE9566}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D0663FE8-9B1D-47FD-BCC3-098BF4A27A56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5C2ABF7D-861A-4A3D-A393-649EE325A309}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0495B608-82AC-4627-9864-3268D47D911A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DFEDE310-4C5F-40D7-A33E-34BF90349DF3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A4F69296-FCDF-44DA-8E62-87CB0BC2C573}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0F52A7A3-9F20-4E07-BDB9-AF8A725CE296}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C403073D-061A-4E79-BC7B-4F4CF3C072ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9944D869-298E-4E38-9583-25B3A612D721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA6D4472-BA67-45E5-854F-DC111CCE7B83}] => (Allow) F:\Games\StarCraft II\StarCraft II.exe
FirewallRules: [{919F07DF-E9CA-497C-993D-932CF5062D68}] => (Allow) F:\Games\StarCraft II\StarCraft II.exe
FirewallRules: [{81C37439-D69A-4380-BBDE-43ACE313E993}] => (Allow) F:\Games\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{E5D8D06B-1B59-4676-8833-1A6ACAD8E675}] => (Allow) F:\Games\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{52A5792F-19D1-4F68-AA8E-D0CBD6DEBF5A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BBF17C91-9099-4B2D-98F9-2ECA3F8B4639}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4B6512C-37EC-44E0-B9F7-6B20DB4A1671}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3E26F0DA-CD5D-45FA-A3F4-479E5D78F1D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C298A033-6517-4BDE-9ADF-C2ACACF1BFFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{34252907-7996-4C3B-8EE5-BEBDCC2D62B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1EFACA7D-4049-49B0-B7AB-1C54CA7D8DFC}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
FirewallRules: [{296F1F7A-FB0F-4D5F-807E-A72BEB5ECE4B}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
FirewallRules: [{2F5295B0-856B-454C-AFC5-FECA5A6A73A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{BD7EDB5D-7353-470A-BB4F-EFBD3A0167EE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CF42766B-0614-4B7E-BD07-A3C5B164615E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{FF72711D-74F4-4CDB-8A1C-93FD5B8E449D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{06FEFEDA-D1D8-40D4-A7B9-BF8C2CE04258}] => (Allow) C:\Users\Mikey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{30D2A878-FFF3-4FB1-BC7E-988A890E165D}] => (Allow) C:\Users\Mikey\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B308CBE5-C2F0-4FB6-BCF8-DA40170A8D3F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E3FED4B6-C4E6-4AA8-B0FF-28EA35C078DA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5BA18EF4-3CF9-4E98-A92B-5C27CB20374C}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AF62DE58-8883-4D06-8058-D330A3CB8D09}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{25859AD9-27C1-4B11-AE89-AD2C3CA95A45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{42632264-913B-4BFC-8FFF-8712E4507262}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{614CB5D3-712F-45C1-A3B4-EE52079E9682}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E41DBFD7-F57B-4D29-91B5-9A7CE4BC921A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E2E8703D-AE39-45CB-B5FD-576A950642AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{CF5E8270-1154-494E-8D58-56485009A506}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{A9BB6E24-6056-45EA-A974-161838BE178B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{770B07A4-D47D-4A9C-92E8-E95A81147923}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [TCP Query User{02F21CC7-4072-4881-ADE9-1B56F28A9B51}C:\users\mikey\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mikey\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1513B328-BAF0-4D2A-A34D-5441D51129D6}C:\users\mikey\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\mikey\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1754F0E2-AF64-4455-8874-B51DCCD8CDCC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{510448D7-D99B-49FA-91B1-EDF5E374CB4B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{37CEC5C6-B1E3-4F9D-A610-0F357478E604}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rust\Rust.exe
FirewallRules: [{1E6C7AC7-C8AE-40A9-AD6C-EA7AC2F8976B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rust\Rust.exe
FirewallRules: [TCP Query User{407E32D0-D9B9-42A1-935D-94321A3BBC9D}D:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe] => (Allow) D:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [UDP Query User{75E18816-7532-4335-B623-2392BC5287CC}D:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe] => (Allow) D:\program files (x86)\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [{FA67B382-A2BB-4B43-BF12-CA3484E01444}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{8EC040B7-2B52-45FE-AA82-0A5436D15292}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{F5AFB996-E3C8-46B2-9D86-BD7EAE0A7631}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{EF42A9BD-6130-4DF1-A4ED-0B39B3874FAD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{6005056D-5B51-49D6-82CD-4DA286FB045D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{BF7A20AF-1BE7-4A69-BBF6-874870347750}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{B874F358-127A-4F63-BAAD-DD633D44BD58}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D737EFE3-9EE1-4259-B2E1-6147B6245BCA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{4EA76B95-E8B2-42DB-9999-7EE3FF2B01DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{85DE8C60-7854-4325-A888-C088EF5FE643}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1A3A48B8-17D1-453E-BDB0-080C1159E7AE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0AC04416-19D6-4DED-A6CF-02FC2B3A1F5D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{11EC7BFB-4921-496F-89CC-FE4D87DC3E5A}C:\program files (x86)\sony\station\launchpad\launchpad.exe] => (Allow) C:\program files (x86)\sony\station\launchpad\launchpad.exe
FirewallRules: [UDP Query User{75859BBF-098D-4512-A4A9-45F524AC06BA}C:\program files (x86)\sony\station\launchpad\launchpad.exe] => (Allow) C:\program files (x86)\sony\station\launchpad\launchpad.exe
FirewallRules: [{0B57C2B5-D2E5-4815-A720-EA75F74FB511}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{50B11D91-4DE9-4E7E-9FC4-0AC8B36A5DA4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{24B8A7CE-5E15-4076-9A9B-5482CD41F468}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{DD0A0548-629F-409D-B4EC-A2DE736E74C1}D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{4C6D0D67-780D-412A-908F-1BFA6ED8D377}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Repopulation\Launcher.exe
FirewallRules: [{6D1FA9D5-78EC-4B51-A7FD-307C0EF62591}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Repopulation\Launcher.exe
FirewallRules: [{E4C91C84-8B3D-4639-8F90-7597335AC1DA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{9C3F1F52-A17A-4989-9D99-847FEEF43855}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{D5EEB047-9861-4B8F-A3E8-ADF1256A52F4}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{44BFCB61-395B-4113-B9F2-6F6590F853FD}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B7F38E2A-7959-43A7-9B65-F06A2A4390CC}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{77B127FB-7B56-4593-9C3E-37418FEA10D4}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9B061570-ED41-465E-ACC6-EA24E4A12DBB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rust\Legacy\rust.exe
FirewallRules: [{BC1AF267-4517-4864-B02B-E0649E0833CE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rust\Legacy\rust.exe
FirewallRules: [{962831DB-B7C5-41B3-B8C8-91A007B1A2CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{42B47317-46DF-472B-A11F-27DBA0F7AC7C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
 
==================== Faulty Device Manager Devices =============
 
Name: ASUS PCE-N15 11n Wireless LAN PCI-E Card
Description: ASUS PCE-N15 11n Wireless LAN PCI-E Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ASUSTeK Computer Inc.
Service: RTWlanE
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/09/2015 05:04:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0x950
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3
 
Error: (05/09/2015 04:58:41 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (05/09/2015 04:58:41 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (05/09/2015 04:43:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b14
 
Start Time: 01d08aa8f76b886f
 
Termination Time: 8
 
Application Path: C:\Windows\Explorer.exe
 
Report Id: badb4690-f69c-11e4-aba6-d43d7e49cda2
 
Error: (05/09/2015 04:42:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (05/09/2015 04:42:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (05/09/2015 04:39:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ea4
 
Start Time: 01d08aa8a4de4ff1
 
Termination Time: 9
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 26558a05-f69c-11e4-aba6-d43d7e49cda2
 
Error: (05/09/2015 10:07:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: e38
 
Start Time: 01d08a703df0a555
 
Termination Time: 15
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 844c14fc-f665-11e4-acf1-d43d7e49cda2
 
Error: (05/09/2015 09:58:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (05/09/2015 09:58:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (05/09/2015 05:05:37 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (05/09/2015 05:03:23 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (05/09/2015 05:03:19 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (05/09/2015 04:53:58 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (05/09/2015 04:53:53 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (05/09/2015 04:53:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (05/09/2015 04:53:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (05/09/2015 04:53:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (05/09/2015 04:53:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (05/09/2015 04:53:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (05/09/2015 05:04:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f95001d08aac63070daeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeb3bea77b-f69f-11e4-af21-d43d7e49cda2
 
Error: (05/09/2015 04:58:41 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (05/09/2015 04:58:41 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (05/09/2015 04:43:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.exe6.1.7601.175671b1401d08aa8f76b886f8C:\Windows\Explorer.exebadb4690-f69c-11e4-aba6-d43d7e49cda2
 
Error: (05/09/2015 04:42:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (05/09/2015 04:42:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (05/09/2015 04:39:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567ea401d08aa8a4de4ff19C:\Windows\Explorer.EXE26558a05-f69c-11e4-aba6-d43d7e49cda2
 
Error: (05/09/2015 10:07:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567e3801d08a703df0a55515C:\Windows\Explorer.EXE844c14fc-f665-11e4-acf1-d43d7e49cda2
 
Error: (05/09/2015 09:58:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (05/09/2015 09:58:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-26 08:32:14.549
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-26 08:32:14.483
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-23 09:53:30.847
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\XHCIdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-12-23 09:53:30.825
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\XHCIdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 25%
Total physical RAM: 8136.58 MB
Available physical RAM: 6078.42 MB
Total Pagefile: 8134.76 MB
Available Pagefile: 5740.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:55.68 GB) (Free:3.92 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1667.7 GB) (Free:1159.34 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 55.9 GB) (Disk ID: 909A2A0E)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 000DE149)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

 


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
 
 
 
 
Sorry for the delay. If you are still in need of assistance please do the following.
 
 
Step#1 - Warnings
The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
 
Here are some information sources about the dangers of P2P programs:
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
 
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
 
Please uninstall the following Peer-to-Peer program(s): uTorrent
 
Registry Cleaners
I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good. For more information about why you should avoid using a such programs you can see the links below.
http://www.bleepingc...s/#entry2853053
http://miekiemoes.bl...weaking_13.html
 
 
Low on Disk Space
Your C:\ drive is very low on space. It has about 5% free disk space. This can adversely affect the performance of your computer. It's recommended to have at least 15% free disk space so that tools such as the automated defragger can keep your drive optimized.

 

 

Step#2 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   261bytes   27 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#3 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

Step#4 - Malwarebytes Scan

Please uninstall the version that you have (Malwarebytes Anti-Malware version 2.0.4.1028) as it's outdated and follow the instructions below to obtain and run the new version.
 

  • Download Malwarebytes to your desktop from here.
  • Right-click on the file that is downloaded to your desktop and select Run as administrator. Answer Yes when asked to Allow.
  • Select the appropriate language and click OK.
  • Click Next.
  • Select "I accept the agreement" and click Next.
  • Click Next
  • Change the install path if desired. Normally you will keep this as is. Click Next.
  • Click Next again.
  • Click Next again.
  • Click Install.
  • Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
  • Click Finish
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • ScanForRootkits.JPG
     
  • Click the Scan button at the top of the form and then click Start Scan button and let complete.
  • If malware was detected you can now click the Remove Selected Button. If no malware was detected you can skip the rest of these bullet items and go to the next step which is to retrieve the Malwarebytes log.
  • RemoveSelected.JPG
  • Once the malware is removed you may get a prompt asking you to reboot. Note: Please answer Yes.
  • Restart.JPG.

 
Step#5 - Retrieve Malwarebytes Log
1. Open up the Malwarebytes program again if it's not already. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Click on the most recent Scan Log as shown in the picture below.
ApplicationLog.JPG
 
5. The Scanning History Log screen will open. Click the Export button in the lower left and choose Copy to Clipboard. Paste the info into your next post (Right-click your mouse in the post and select Paste).
ScanningHistory.JPG

 

 

 

 

Items for your next post

1. FRST Fix Log

2. Junkware Log

3. Malwarebytes log

 


  • 0

#3
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP