Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Avast! keeps popping up with a threat blocked related to svchost.e

Started by xshogunx13 , Jun 26 2015 01:06 PM

svchost.exe Malware

This topic is locked

#1
xshogunx13

Posted 26 June 2015 - 01:06 PM

New Member

Member
9 posts

Hi! My name is Mike, and my Avast! keeps presenting me with a pop-up stating it protected me from a threat, citing *insert random website that changes every time it pops up here* and svchost.exe as the culprits. Once this started happening, I ran AVG, AdwCleaner, Avast! and MBAM, deleted the things that AdwCleaner and MBAM said were bad, restarted, and it's still happening. I can only assume I picked up malware from using p2p software. I googled my issue and it led me here. Hopefully one of you fine people can help. I've run FRST and am attaching the logs, as well as a screen shot of the Avast! warning. EDIT: I apologize for the topic posting multiple times, I kept getting server time outs and retrying. FRST.txt 46.72KB 279 downloads Addition.txt 44.65KB 319 downloads

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Mike (administrator) on XXX on 26-06-2015 14:19:07
Running from C:\Users\Mike\Desktop
Loaded Profiles: Mike & (Available Profiles: Mike)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
() C:\Users\Mike\AppData\Local\Amazon Music\Amazon Music Helper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files (x86)\DFX\DFX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
() C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (Alcor Micro Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-03-07] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-03-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [VX3000] => C:\WINDOWS\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1131880 2014-11-21] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Run: [BitTorrent] => C:\Users\Mike\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-11] (BitTorrent Inc.)
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Run: [Amazon Music] => C:\Users\Mike\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-05] ()
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Run: [Pinger] => C:\Program Files (x86)\Pinger\Pinger.exe [10581504 2013-08-23] ()
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\MountPoints2: {b92e7b89-6c15-11e4-be85-3c970e7b8a03} - "H:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\MountPoints2: {ef0d53b6-9657-11e4-be8e-3c970e7b8a03} - "H:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent] => C:\Users\Mike\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-11] (BitTorrent Inc.)
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Mike\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-05] ()
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Pinger] => C:\Program Files (x86)\Pinger\Pinger.exe [10581504 2013-08-23] ()
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b92e7b89-6c15-11e4-be85-3c970e7b8a03} - "H:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ef0d53b6-9657-11e4-be8e-3c970e7b8a03} - "H:\VZW_Software_upgrade_assistant.exe"
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2014-10-06]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-1920574516-490169793-428975704-1001] => C:\Users\Mike\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\BAC_PAC.js
AutoConfigURL: [S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => C:\Users\Mike\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\BAC_PAC.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1920574516-490169793-428975704-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-google-search.blogspot.com
HKU\S-1-5-21-1920574516-490169793-428975704-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-1920574516-490169793-428975704-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://easy-google-search.blogspot.com
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\wlmivnt3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1920574516-490169793-428975704-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mike\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1920574516-490169793-428975704-1001: electronicarts.com/GameFacePlugin -> C:\Users\Mike\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts)
FF Plugin HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mike\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: electronicarts.com/GameFacePlugin -> C:\Users\Mike\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts)
FF Extension: Adblock Plus - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\wlmivnt3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-20]
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-20]
CHR Extension: (Google Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-20]
CHR Extension: (AdBlock) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-17]
CHR Extension: (Translator Context) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdkohkdahffmjhcehilamblbpnjpmlo [2014-12-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (No Name) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-06-25]
CHR Extension: (Google Wallet) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-16] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-22] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [285152 2015-05-12] (AVG Technologies CZ, s.r.o.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6822984 2013-03-07] (Broadcom Corporation)
R3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-22] (Disc Soft Ltd)
S3 ghsandroid; C:\Windows\System32\Drivers\ghsandroid.sys [38424 2011-03-30] (Google Inc)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-26] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 14:19 - 2015-06-26 14:19 - 00027229 ____C C:\Users\Mike\Desktop\FRST.txt
2015-06-26 14:18 - 2015-06-26 14:19 - 00000000 ___DC C:\FRST
2015-06-26 14:16 - 2015-06-26 14:16 - 02112512 ____C (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2015-06-26 13:39 - 2015-06-26 13:39 - 21546080 ____C (Malwarebytes Corporation ) C:\Users\Mike\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-25 15:28 - 2015-06-25 15:33 - 00000000 ___DC C:\AdwCleaner
2015-06-25 15:27 - 2015-06-25 15:28 - 02244096 ____C C:\Users\Mike\Downloads\AdwCleaner.exe
2015-06-24 15:28 - 2015-06-24 15:32 - 00000000 ___DC C:\Users\Mike\Downloads\Dragonball_Z_Budokai_2_USA_PROPER_NGC-REACT0R
2015-06-24 05:57 - 2015-06-24 06:17 - 00056780 ____C C:\Users\Mike\Downloads\herostat.cfg
2015-06-24 05:45 - 2015-06-24 05:45 - 00000000 ___DC C:\Users\Mike\Downloads\MUA_Joker_v2.1_BLaw
2015-06-24 05:24 - 2015-06-24 05:24 - 01517917 ____C C:\Users\Mike\Downloads\MUA_X360_PC_Fix.zip
2015-06-24 05:24 - 2015-06-24 05:24 - 00000000 ___DC C:\Users\Mike\Downloads\MUA_X360_PC_Fix
2015-06-24 04:52 - 2015-06-24 04:52 - 00000000 ___DC C:\Users\Mike\AppData\Local\Logitech
2015-06-24 04:51 - 2015-06-24 04:51 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-06-24 04:51 - 2015-06-24 04:51 - 00000000 ___DC C:\Program Files\Logitech
2015-06-24 04:51 - 2015-06-24 04:51 - 00000000 ___DC C:\Program Files\Common Files\Logitech
2015-06-24 01:25 - 2015-06-24 01:25 - 00000000 ___DC C:\Users\Mike\Documents\Activision
2015-06-24 01:25 - 2015-06-24 01:25 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\Activision
2015-06-24 01:04 - 2015-06-24 01:04 - 00000000 ___DC C:\Users\Mike\Downloads\OfficialChars_1.3
2015-06-24 00:41 - 2015-06-24 00:41 - 00001086 ____C C:\WINDOWS\DXError.log
2015-06-24 00:41 - 2015-06-24 00:41 - 00000000 _SHDC C:\WINDOWS\ftpcache
2015-06-24 00:40 - 2015-06-24 00:40 - 00001970 ____C C:\Users\Public\Desktop\Marvel™ - Ultimate Alliance.lnk
2015-06-24 00:40 - 2015-06-24 00:40 - 00000296 ____C C:\WINDOWS\game.ini
2015-06-24 00:40 - 2015-06-24 00:40 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-06-24 00:00 - 2015-06-24 00:00 - 00000000 ___DC C:\Program Files (x86)\Activision
2015-06-23 21:55 - 2015-06-23 21:55 - 00769536 ____C C:\Users\Mike\Downloads\MicrosoftFixit50639.msi
2015-06-23 17:11 - 2015-06-23 17:12 - 17276616 ____C (Logitech ) C:\Users\Mike\Downloads\lgs510_x64.exe
2015-06-23 16:30 - 2015-06-23 16:30 - 00000000 ___DC C:\Users\Mike\AppData\Local\Fallout3
2015-06-23 16:29 - 2015-06-23 16:29 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-06-23 15:32 - 2015-06-23 15:32 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2015-06-23 15:31 - 2015-06-23 15:32 - 00000000 ___DC C:\ProgramData\Fallout3
2015-06-23 15:31 - 2015-06-23 15:31 - 00000000 ___DC C:\Program Files (x86)\Bethesda Softworks
2015-06-23 14:18 - 2015-06-23 14:19 - 18363623 ____C C:\Users\Mike\Downloads\MUA_Joker_v2.1_BLaw.rar
2015-06-23 13:58 - 2015-06-23 13:58 - 74931415 ____C C:\Users\Mike\Downloads\OfficialChars_1.3.7z
2015-06-22 04:21 - 2015-06-22 04:22 - 57440724 ___RC C:\Users\Mike\Downloads\Aqua Teen Hunger Force S11E01 HDTV x264-W4F.mp4
2015-06-22 01:47 - 2015-06-22 01:47 - 24572646 ___RC C:\Users\Mike\Downloads\Boston [the bootleg].mp4
2015-06-18 21:02 - 2015-06-18 21:02 - 00001198 ____C C:\Users\Mike\Desktop\Pinball.lnk
2015-06-18 21:02 - 2015-06-18 21:02 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-18 21:02 - 2015-06-18 21:02 - 00000000 ___DC C:\Program Files (x86)\Microsoft Games
2015-06-17 09:04 - 2015-06-17 09:09 - 119655014 ____C C:\Users\Mike\Documents\15jb2208_jbv.avi
2015-06-17 09:04 - 2015-06-17 09:05 - 20992000 ____C C:\Users\Mike\Documents\14jb2108_jbv.avi
2015-06-16 20:44 - 2015-06-16 21:33 - 00008412 ____C C:\Users\Mike\Downloads\1646 - Dragon Ball Z - Buu's Fury (U)(Psychosis).clt
2015-06-16 14:10 - 2015-06-17 17:51 - 00008192 ____C C:\Users\Mike\Downloads\1646 - Dragon Ball Z - Buu's Fury (U)(Psychosis).sav
2015-06-16 13:56 - 1996-12-25 00:32 - 08388608 ____C C:\Users\Mike\Downloads\1646 - Dragon Ball Z - Buu's Fury (U)(Psychosis).gba
2015-06-16 13:25 - 2015-06-22 23:00 - 00000000 ___DC C:\Users\Mike\Downloads\Pokemon
2015-06-16 13:20 - 2015-06-16 13:33 - 00000000 ___DC C:\Users\Mike\Downloads\desmume
2015-06-12 09:14 - 2015-06-19 23:02 - 00792568 ____C (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-12 09:14 - 2015-06-19 23:02 - 00178168 ____C (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-12 08:31 - 2015-06-12 08:31 - 00000000 ___DC C:\Program Files\Common Files\AV
2015-06-11 10:15 - 2015-06-11 10:16 - 59349800 ___RC C:\Users\Mike\Downloads\Thor Annual 001 (2015) (Digital) (Zone-Empire).cbr
2015-06-10 05:52 - 2015-04-24 22:34 - 00653824 ____C (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 05:52 - 2015-04-24 22:33 - 00549888 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 05:51 - 2015-05-27 10:35 - 24917504 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 05:51 - 2015-05-27 10:08 - 19607040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 05:51 - 2015-05-22 23:15 - 00503808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 05:51 - 2015-05-22 23:14 - 00341504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 05:51 - 2015-05-22 23:10 - 02278912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 05:51 - 2015-05-22 23:05 - 00664064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 05:51 - 2015-05-22 23:04 - 00620032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 05:51 - 2015-05-22 22:47 - 04305920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 05:51 - 2015-05-22 22:38 - 00689152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 05:51 - 2015-05-22 22:37 - 02052608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 05:51 - 2015-05-22 22:28 - 12829696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 05:51 - 2015-05-22 22:20 - 01950720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 05:51 - 2015-05-22 22:16 - 01309696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 05:51 - 2015-05-22 22:14 - 00710144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 05:51 - 2015-05-22 15:00 - 02885632 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 05:51 - 2015-05-22 15:00 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 05:51 - 2015-05-22 15:00 - 00417792 ____C (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 05:51 - 2015-05-22 14:52 - 06026240 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 05:51 - 2015-05-22 14:47 - 00816640 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 05:51 - 2015-05-22 14:47 - 00814080 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 05:51 - 2015-05-22 14:06 - 00801280 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 05:51 - 2015-05-22 14:05 - 02125824 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 05:51 - 2015-05-22 13:57 - 14404096 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 05:51 - 2015-05-22 13:50 - 02426880 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 05:51 - 2015-05-22 13:49 - 02865152 ____C (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 05:51 - 2015-05-22 13:38 - 01545728 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 05:51 - 2015-05-22 13:26 - 00800768 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 05:50 - 2015-05-22 22:48 - 00076288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 05:50 - 2015-05-22 22:47 - 00285696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 05:50 - 2015-05-22 22:38 - 00327168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 05:50 - 2015-05-22 22:28 - 01042944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 05:50 - 2015-05-22 14:48 - 00633856 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 05:50 - 2015-05-22 14:24 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 05:50 - 2015-05-22 14:23 - 00145408 ____C (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 05:50 - 2015-05-22 14:21 - 00316928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 05:50 - 2015-05-22 14:09 - 00262144 ____C (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 05:49 - 2015-05-22 22:47 - 00128000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 05:49 - 2015-05-22 22:43 - 00880128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 05:49 - 2015-05-22 14:15 - 01032704 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 05:49 - 2015-05-22 14:08 - 00374272 ____C (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 05:49 - 2015-05-21 12:47 - 04177920 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 04:03 - 2015-06-09 04:03 - 00513248 ____C C:\WINDOWS\Minidump\060915-43109-01.dmp
2015-06-07 01:16 - 2015-06-09 04:03 - 00000000 ___DC C:\WINDOWS\Minidump
2015-06-07 01:16 - 2015-06-07 01:16 - 00540848 ____C C:\WINDOWS\Minidump\060715-74046-01.dmp
2015-06-05 18:59 - 2015-06-05 18:59 - 00000221 ____C C:\Users\Mike\Desktop\FINAL FANTASY VII.url
2015-06-05 18:47 - 2015-06-05 18:47 - 00000000 ___DC C:\Users\Mike\AppData\Local\Steam
2015-06-05 18:44 - 2015-06-05 18:44 - 00000986 ____C C:\Users\Public\Desktop\Steam.lnk
2015-06-05 18:44 - 2015-06-05 18:44 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-05 18:36 - 2015-06-05 18:36 - 00000000 ___DC C:\Users\Mike\Desktop\Final Fantasy VII (Online Game Code)
2015-06-05 18:34 - 2015-06-05 18:34 - 01054064 ____C (Amazon Services LLC) C:\Users\Mike\Downloads\Final_Fantasy_VII_Online_Game_Code_Downloader.exe
2015-06-05 04:10 - 2015-06-14 11:16 - 00000000 ___DC C:\Users\Mike\Downloads\zsnesw151
2015-05-30 19:43 - 2015-05-30 19:43 - 00131072 ____C C:\Users\Mike\save 1.mcr
2015-05-30 19:31 - 2015-05-30 19:31 - 00134976 ____C C:\Users\Mike\Downloads\final_fantasy_vii_a.GME
2015-05-30 15:42 - 2015-06-05 19:18 - 00000000 ___DC C:\Users\Mike\Documents\Square Enix
2015-05-30 15:21 - 2015-05-30 15:21 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Chocobo
2015-05-30 15:21 - 2015-05-30 15:21 - 00000000 ___DC C:\Program Files (x86)\Black_Chocobo
2015-05-30 13:27 - 1998-07-17 13:36 - 00140800 ____C (The Duck Corporation) C:\WINDOWS\SysWOW64\tm20dec.ax
2015-05-30 13:27 - 1997-12-17 18:33 - 00304128 ____C (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2015-05-30 07:27 - 2015-05-30 07:27 - 00001287 ____C C:\Users\Mike\Desktop\Final Fantasy IV.lnk
2015-05-30 07:27 - 2015-05-30 07:27 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\Final Fantasy IV
2015-05-30 07:27 - 2015-05-30 07:27 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-05-30 07:22 - 2015-05-30 07:22 - 00000000 ___DC C:\Program Files (x86)\R.G. Mechanics
2015-05-30 00:37 - 2015-05-30 21:07 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fantasy VII
2015-05-29 22:39 - 2015-05-29 22:39 - 00000000 ___DC C:\Program Files (x86)\SystemRequirementsLab
2015-05-29 00:27 - 2015-06-14 12:12 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\CDisplayEx
2015-05-29 00:26 - 2015-05-29 00:26 - 00000859 ____C C:\Users\Mike\Desktop\CDisplayEx.lnk
2015-05-29 00:26 - 2015-05-29 00:26 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2015-05-29 00:26 - 2015-05-29 00:26 - 00000000 ___DC C:\Program Files\CDisplayEx
2015-05-29 00:23 - 2015-05-29 00:24 - 68777289 ____C C:\Users\Mike\Downloads\Deadpool's Secret Secret Wars 001 (2015) (4 covers) (Digital) (Mephisto-Empire).cbr
2015-05-29 00:22 - 2015-05-29 00:23 - 180735120 ____C C:\Users\Mike\Downloads\Deadpool 045 (2015) (5 covers) (Digital-Empire).cbr
2015-05-28 07:15 - 2015-06-01 23:18 - 00015142 ____C C:\Users\Mike\Documents\nwl top 100.odt
2015-05-28 05:43 - 2015-05-31 23:58 - 00026039 ____C C:\Users\Mike\Downloads\Byakko.odt
2015-05-27 05:33 - 2015-05-27 05:33 - 00001260 ____C C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Free File Shredder.lnk
2015-05-27 05:33 - 2015-05-27 05:33 - 00001236 ____C C:\Users\Mike\Desktop\Free File Shredder.lnk
2015-05-27 05:33 - 2015-05-27 05:33 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\New Version Available
2015-05-27 05:33 - 2015-05-27 05:33 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\Free File Shredder
2015-05-27 05:33 - 2015-05-27 05:33 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free File Shredder
2015-05-27 05:33 - 2015-05-27 05:33 - 00000000 ___DC C:\Program Files (x86)\Free File Shredder

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 14:17 - 2014-11-06 16:22 - 14561792 __SHC C:\Users\Mike\Downloads\Thumbs.db
2015-06-26 14:09 - 2014-09-20 21:47 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\vlc
2015-06-26 14:00 - 2013-08-22 11:36 - 00000000 ___DC C:\WINDOWS\system32\sru
2015-06-26 13:52 - 2015-01-25 16:09 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-26 13:46 - 2014-09-20 15:00 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1920574516-490169793-428975704-1001
2015-06-26 13:41 - 2015-01-25 22:21 - 00136408 ____C (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-26 13:40 - 2015-01-25 22:21 - 00001125 ____C C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-26 13:40 - 2015-01-25 22:21 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-26 13:40 - 2015-01-25 22:21 - 00000000 ___DC C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-26 13:36 - 2014-09-20 16:07 - 00000914 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-26 12:10 - 2014-09-25 13:56 - 00442264 ____C (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-26 11:43 - 2014-09-25 13:58 - 00000000 ___DC C:\ProgramData\MFAData
2015-06-26 11:36 - 2014-09-20 16:07 - 00000910 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-26 09:56 - 2014-09-24 22:10 - 01636354 ____C C:\WINDOWS\WindowsUpdate.log
2015-06-26 07:49 - 2014-09-25 19:00 - 00003902 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{90E7C39F-DD58-43F3-89D7-35F47CA4AB41}
2015-06-26 03:47 - 2015-05-19 17:47 - 00485469 ____C C:\WINDOWS\setupact.log
2015-06-25 16:52 - 2012-07-26 03:59 - 00000000 ___DC C:\WINDOWS\CbsTemp
2015-06-25 15:41 - 2014-10-01 13:41 - 00000000 ___DC C:\Program Files (x86)\Steam
2015-06-25 15:39 - 2014-09-24 22:26 - 00000000 __DOC C:\Users\Mike\OneDrive
2015-06-25 15:36 - 2013-08-22 10:45 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2015-06-25 15:34 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-25 15:32 - 2013-03-07 18:26 - 00000000 ___DC C:\Program Files (x86)\Amazon
2015-06-25 06:00 - 2013-08-22 11:36 - 00000000 ___DC C:\WINDOWS\AppReadiness
2015-06-24 06:03 - 2014-12-23 18:09 - 00003886 ____C C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 00:41 - 2014-10-11 22:25 - 00184392 ____C C:\WINDOWS\DirectX.log
2015-06-24 00:41 - 2013-03-07 17:57 - 00000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2015-06-24 00:02 - 2014-09-20 22:11 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\BitTorrent
2015-06-23 23:54 - 2014-09-20 14:53 - 00000000 ___DC C:\Users\Mike\AppData\Local\VirtualStore
2015-06-23 22:37 - 2015-03-26 04:44 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\Skype
2015-06-23 22:05 - 2014-03-18 05:54 - 00044022 ____C C:\WINDOWS\PFRO.log
2015-06-23 16:30 - 2014-11-28 10:13 - 00000000 ___DC C:\Users\Mike\Documents\My Games
2015-06-23 16:29 - 2014-10-25 11:14 - 00000000 ___DC C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-06-23 14:52 - 2014-09-24 21:53 - 00000000 ___DC C:\Users\Mike
2015-06-23 12:52 - 2015-01-25 16:09 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-23 08:08 - 2014-09-25 14:02 - 00000992 ____C C:\Users\Public\Desktop\AVG 2015.lnk
2015-06-23 08:08 - 2014-09-25 14:02 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-06-22 16:39 - 2014-09-20 17:00 - 00002214 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-19 23:19 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-18 00:12 - 2014-09-25 13:56 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-14 19:22 - 2014-03-18 06:03 - 00863592 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-12 09:37 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-12 09:13 - 2013-08-22 10:44 - 00362888 ____C C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-12 09:08 - 2013-08-22 11:36 - 00000000 ___DC C:\WINDOWS\PolicyDefinitions
2015-06-10 08:25 - 2014-09-21 13:20 - 00000000 ___DC C:\WINDOWS\system32\MRT
2015-06-10 08:17 - 2014-09-21 13:20 - 140135120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 02:09 - 2015-03-11 07:52 - 00028377 ____C C:\Users\Mike\Documents\Markas 2.odt
2015-06-07 16:11 - 2015-01-01 04:55 - 00001127 ____C C:\Users\Mike\Desktop\Pinger.lnk
2015-06-05 19:47 - 2015-03-26 04:43 - 00000000 ___DC C:\ProgramData\Skype
2015-06-05 18:59 - 2014-10-01 14:08 - 00000000 ___DC C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-01 01:23 - 2015-05-24 04:21 - 00921624 ____C C:\img2-001.raw
2015-05-30 07:27 - 2014-10-11 22:04 - 00000000 ___DC C:\ProgramData\Package Cache
2015-05-27 16:01 - 2015-03-26 04:43 - 00000000 __RDC C:\Program Files (x86)\Skype

==================== Files in the root of some directories =======

2014-12-17 08:23 - 2014-12-17 08:23 - 0001479 ____C () C:\Users\Mike\AppData\Local\recently-used.xbel
2013-03-07 18:02 - 2013-03-07 18:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-11 15:09 - 2014-12-11 15:09 - 0012719 ____C () C:\ProgramData\ucxrypwh.kkh

Some files in TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\h0jpclbj.dll
C:\Users\Mike\AppData\Local\Temp\Quarantine.exe
C:\Users\Mike\AppData\Local\Temp\sqlite3.dll
C:\Users\Mike\AppData\Local\Temp\UNINSTALLER-6180.exe
C:\Users\Mike\AppData\Local\Temp\Uninstaller-8296.exe
C:\Users\Mike\AppData\Local\Temp\Uninstaller-8964.exe
C:\Users\Mike\AppData\Local\Temp\Uninstaller-9260.exe
C:\Users\Mike\AppData\Local\Temp\Uninstaller-9308.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-19 20:33

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Mike at 2015-06-26 14:22:15
Running from C:\Users\Mike\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1920574516-490169793-428975704-500 - Administrator - Disabled)
Guest (S-1-5-21-1920574516-490169793-428975704-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1920574516-490169793-428975704-1003 - Limited - Enabled)
Mike (S-1-5-21-1920574516-490169793-428975704-1001 - Administrator - Enabled) => C:\Users\Mike

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.42.71502 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.) Hidden
Amazon Music (HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6037 - AVG Technologies)
AVG 2015 (Version: 15.0.4365 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6037 - AVG Technologies) Hidden
AVS Audio Converter 7.2 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.2.529 - Online Media Technologies Ltd.)
BitTorrent (HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Black Chocobo (HKLM-x32\...\Black_Chocobo) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.201 - Broadcom Corporation)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DC Universe Online Live (HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-DC Universe Online Live) (Version: - Sony Online Entertainment)
DFX (HKLM-x32\...\DFX) (Version: 11.109.0.0 - Power Technology)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EaseUS Data Recovery Wizard 7.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.5_is1) (Version: - EaseUS)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Final Fantasy IV (HKLM-x32\...\Final Fantasy IV_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
Free File Shredder 7.8.2 (HKLM-x32\...\Free File Shredder_is1) (Version: - FreeFileShredder Co., Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
ISO Creator 1.0 (HKLM-x32\...\{78D80EAF-1ADB-46A8-AF6F-EBB18B6ADBCE}) (Version: 1.0.0 - Bunny-Wabbit)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{13BD494D-9ACD-420B-A291-E145DED92EF6}) (Version: 2.6.001.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Magma v2 (HKLM-x32\...\Magma v2) (Version: 2.0.67.0 - Harmonix Music Systems)
Magma v2 (x32 Version: 2.0.101.0 - Harmonix Music Systems) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Marvel™ - Ultimate Alliance (HKLM-x32\...\InstallShield_{932FB3F3-594D-4600-ABFA-F2DE80A14214}) (Version: 1.00.0000 - Activision)
Marvel™ - Ultimate Alliance (x32 Version: 1.00.0000 - Activision) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{ED23E382-E5E3-4E21-B616-01FC59A40916}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
Pinger (HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\Pinger 1.4.0.0) (Version: 1.4.0.0 - Pinger Inc.)
Pinger (HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pinger 1.4.0.0) (Version: 1.4.0.0 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.0 - Pinger Inc.) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
RB3Maker (HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\872e62f369c0b646) (Version: 2.1.0.71 - RB3Maker)
RB3Maker (HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\872e62f369c0b646) (Version: 2.1.0.71 - RB3Maker)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{3DC2AE6B-CAA2-4850-972D-E3DFA5BE523E}) (Version: 6.1.4.0 - Husdawg, LLC)
Tournament Bracket Builder 1.2 (HKLM-x32\...\Tournament Bracket Builder_is1) (Version: - SBG)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Unity Web Player (HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

23-06-2015 15:08:03 Installed DirectX

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ___AC C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E2BF509-CAFA-40F9-8D31-EA8FEF070D66} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()
Task: {1A2882D6-A456-40F1-B344-9BFE47759E2A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()
Task: {21FC2ABD-E82B-4E71-936E-CC43A32EB932} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {2241567F-39B6-44F7-A4D1-6958A052A080} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)
Task: {2B04388A-AF39-40D5-9295-EFD833459696} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {52535496-624A-472C-9DD5-8F2DB2AF67D6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {596DC813-1884-402D-8C6A-50D79831D8F6} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()
Task: {838ADFB0-952B-482B-BEAA-00CA320ED510} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-09-03] ()
Task: {A26F371B-8019-4D43-A420-17AA53651745} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-09-03] (Lenovo)
Task: {AE633FBE-AB13-4A78-8FED-C673CB04C0C1} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {BBADC241-778D-435C-8CDC-11AC44A38C03} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-03] (Lenovo)
Task: {C4364030-A366-4FB9-AED5-1B830D08FF8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)
Task: {D23947BB-CE59-4547-8DFD-E4F86D27BB1B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {D419F4C4-3734-46D3-8920-7F9D4C03BE0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E8D034EB-F929-4082-8F51-1449D45423E7} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {EDAF1E7C-F2D1-42DB-B808-5D1493688EAE} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-09-03] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-29 00:26 - 2014-06-16 16:28 - 00210944 ____C () C:\Program Files\CDisplayEx\unrarshell.dll
2015-05-29 00:26 - 2014-08-14 20:30 - 00402944 ____C () C:\Program Files\CDisplayEx\libwebp.dll
2015-05-29 00:26 - 2014-08-14 20:30 - 00044544 ____C () C:\Program Files\CDisplayEx\libwebpdemux.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-25 09:54 - 2014-09-05 20:54 - 06281536 _____ () C:\Users\Mike\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-01-10 12:45 - 2014-11-21 13:49 - 01131880 ____R () C:\Program Files (x86)\DFX\DFX.exe
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-01-10 12:52 - 2013-01-10 12:52 - 00129384 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2013-01-10 12:55 - 2013-01-10 12:55 - 00131432 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2014-11-05 17:20 - 2013-01-10 13:08 - 00048488 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2013-01-10 12:48 - 2013-01-10 12:48 - 00160616 _____ () C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
2015-04-22 12:09 - 2015-04-22 12:09 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 12:09 - 2015-04-22 12:09 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-25 13:36 - 2015-06-25 13:36 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062501\algo.dll
2015-06-26 03:52 - 2015-06-26 03:52 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062600\algo.dll
2011-01-17 16:19 - 2014-10-06 20:18 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2015-04-22 12:09 - 2015-04-22 12:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-05 17:16 - 2013-01-10 13:05 - 00049512 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-03-07 17:58 - 2012-06-24 22:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-06-22 16:39 - 2015-06-20 01:46 - 01281864 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-22 16:39 - 2015-06-20 01:46 - 00080712 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-22 16:39 - 2015-06-20 01:46 - 15003976 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Temp:D5FBE8F9
AlternateDataStreams: C:\Users\Mike\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1920574516-490169793-428975704-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{382870D7-9B2D-439A-A5F6-5616D115F3F3}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BDF49262-CD49-41FE-A5B5-C37D86F83034}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{2DFE74B2-135C-4C1E-B8D7-4BF92D723548}] => (Allow) C:\Users\Mike\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BC5A8B73-9718-4416-BBC9-EF7AECD2F64A}] => (Allow) C:\Users\Mike\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3B00EB02-47AA-4F5A-9FBA-8B076AB2576F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E6452FAD-2762-441F-800A-48CC5830A8F6}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{4D00BEF2-2C68-4BAE-82FF-28E4A7846134}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{211DADA7-6599-473B-9213-E22D6A33226B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{D1BC2AE3-ED54-49D5-B13F-9FDD85B3613E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{259940C7-7B8A-4E64-8E6E-6F67E7CF3476}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C973A1D-7B3F-47BB-9B76-C6CB1F191BE6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB1662F7-830C-47F0-8053-207965E3365D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B03EA43E-26ED-45B2-B6EC-567D12764E2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{410E4F18-594A-4E9A-8C14-B219FDA51652}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{43F4E438-5012-43B7-A6BD-AE46CD2C70ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A65DE661-3FC6-45D1-B12D-A29D74CAD8B8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7F62C526-40D0-48A7-B9F9-9D88548C8865}] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{9B4A829F-917F-4985-9EF7-166D0A0EF0AC}] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{EFD3FD85-2A61-4F53-B485-94F57575E7A4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{ABD56F5A-5BEF-4FFD-BA9C-1335C29DBB14}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E3290838-FC18-40FC-A4EC-88452094FC3E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{CCECA7CE-5220-4FCF-B74D-2BDB379C4B74}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{465BD376-51AD-41F6-82BC-124CC910D606}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{59ACD4CB-CE4E-4769-BC57-9C0B76BD35D0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B37099CF-10E2-40CB-ABB8-26F98959C52C}] => (Allow) LPort=3074
FirewallRules: [{F384600B-ACC4-4E5A-BA85-30B78C854D0D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1CB6BA36-0223-4583-BB81-E5A7FDAD1047}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{3A507FA4-A0C5-4571-9214-A91B9B294F7E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9AEB8A6E-F2FF-456B-90E8-E27BF06B8AE6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{250AF034-2B4A-40F6-90DF-70D97C1FA28B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E76B99DD-A663-4E3A-83EA-29A25C51B567}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1FDA1726-9CDB-46BA-B885-5ABCA78AAE9B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{2204029C-2832-4319-82C9-21E8227C0439}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{64931123-6DB6-4EC7-8D82-F46B10A6CF04}C:\users\public\sony online entertainment\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\users\public\sony online entertainment\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{5CED82B5-4448-48E1-9D27-4B1B453C15E0}C:\users\public\sony online entertainment\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\users\public\sony online entertainment\installed games\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{88EE7FA1-66F6-4A7D-8262-BCC058B1B86E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{1F883DF1-D651-418B-9472-4A48A7AEF3CA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{1B3BEE72-C6E6-4458-987F-6F74D3939C17}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{D52A8465-01DD-4719-B7F5-699AF42D14D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{A7E27386-D937-4380-B466-1A4EFAA9B1C7}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{03C3D5B8-EEAB-404E-8486-F578E20D0671}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{6A488223-C31C-4EE1-B86B-7ED8003102A6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{8E5A57AB-1355-46BD-9F7D-C419504E9D19}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{B964AC28-A511-4E40-B5AB-560E972FFD77}] => (Allow) C:\Program Files (x86)\Square Enix\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{419CF0E6-561A-48C9-BC5F-47A9349E0314}] => (Allow) C:\Program Files (x86)\Square Enix\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{C084BF5B-226F-4A8E-9305-42ED05BD108E}] => (Allow) C:\Program Files (x86)\Square Enix\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{5ED2F44C-BEA0-4236-94FB-92249A391CEF}] => (Allow) C:\Program Files (x86)\Square Enix\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{F1EAA725-CFFA-4F2F-85AC-7B0349C03390}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{D70AE97C-2B17-4C89-87BF-9B00627AC4CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{B01DFED8-0130-4900-97EC-8EE4D311AAD8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0A5E7BC2-DF45-4622-9E79-384AAB794401}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{F62DECC5-05E6-498B-B578-3395710FB6AA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{73167BD7-12E9-4553-93D2-F814741AE57E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3855A570-5BCD-4552-AF7A-B518477C17DB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{300BE1EB-CE08-4D95-AF1C-CB618C0933AE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{CBF2887A-8DAD-48CF-A20C-CF8FB332CF3A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2015 03:56:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14fc

Start Time: 01d0af804f413134

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 433af5a6-1b74-11e5-beb0-3c970e7b8a03

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/25/2015 04:19:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15e4

Start Time: 01d0af1ef51e2697

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: ec8eb844-1b12-11e5-beaf-3c970e7b8a03

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/24/2015 06:20:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NRcompiler.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: NRcompiler.exe, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00006316
Faulting process id: 0x1acc
Faulting application start time: 0xNRcompiler.exe0
Faulting application path: NRcompiler.exe1
Faulting module path: NRcompiler.exe2
Report Id: NRcompiler.exe3
Faulting package full name: NRcompiler.exe4
Faulting package-relative application ID: NRcompiler.exe5

Error: (06/24/2015 06:20:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NRcompiler.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: NRcompiler.exe, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00006316
Faulting process id: 0x1acc
Faulting application start time: 0xNRcompiler.exe0
Faulting application path: NRcompiler.exe1
Faulting module path: NRcompiler.exe2
Report Id: NRcompiler.exe3
Faulting package full name: NRcompiler.exe4
Faulting package-relative application ID: NRcompiler.exe5

Error: (06/24/2015 04:50:54 AM) (Source: MsiInstaller) (EventID: 11935) (User: XXX)
Description: Product: Microsoft Visual C++ 2005 Redistributable (x64) -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC80.OpenMP,type="win32",version="8.0.50727.4053",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64"'. Please refer to Help and Support for more information. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, component: {09D44781-D142-FE32-A01F-C8B3B9A1E18E}

Error: (06/24/2015 00:35:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1c30

Start Time: 01d0ae3686eeee6f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 7dca854e-1a2a-11e5-beaf-3c970e7b8a03

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/24/2015 00:28:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bd0

Start Time: 01d0ae357309dacb

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 68a0a3db-1a29-11e5-beaf-3c970e7b8a03

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/24/2015 00:11:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f88

Start Time: 01d0ae331214616f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 07a20614-1a27-11e5-beaf-3c970e7b8a03

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/23/2015 11:01:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: skydrive.exe, version: 6.3.9600.17416, time stamp: 0x5452fd72
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc0000374
Fault offset: 0x00000000000f0f20
Faulting process id: 0x11e0
Faulting application start time: 0xskydrive.exe0
Faulting application path: skydrive.exe1
Faulting module path: skydrive.exe2
Report Id: skydrive.exe3
Faulting package full name: skydrive.exe4
Faulting package-relative application ID: skydrive.exe5

Error: (06/23/2015 10:32:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

System errors:
=============
Error: (06/26/2015 07:58:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 08:43:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 08:37:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 08:28:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 08:16:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 07:51:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 07:46:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 07:22:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 07:15:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Error: (06/25/2015 06:58:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0244: Intel Corporation driver update for Intel® HD Graphics.

Microsoft Office:
=========================
Error: (06/25/2015 03:56:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2085614fc01d0af804f4131344294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe433af5a6-1b74-11e5-beb0-3c970e7b8a03microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/25/2015 04:19:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2085615e401d0af1ef51e26974294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exeec8eb844-1b12-11e5-beaf-3c970e7b8a03microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/24/2015 06:20:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NRcompiler.exe0.0.0.000000000NRcompiler.exe0.0.0.000000000c0000005000063161acc01d0ae6755f53716C:\Program Files (x86)\Activision\Marvel - Ultimate Alliance\heroselect\NRcompiler.exeC:\Program Files (x86)\Activision\Marvel - Ultimate Alliance\heroselect\NRcompiler.exe967f86c2-1a5a-11e5-beaf-3c970e7b8a03

Error: (06/24/2015 06:20:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NRcompiler.exe0.0.0.000000000NRcompiler.exe0.0.0.000000000c0000005000063161acc01d0ae6755f53716C:\Program Files (x86)\Activision\Marvel - Ultimate Alliance\heroselect\NRcompiler.exeC:\Program Files (x86)\Activision\Marvel - Ultimate Alliance\heroselect\NRcompiler.exe943e8980-1a5a-11e5-beaf-3c970e7b8a03

Error: (06/24/2015 04:50:54 AM) (Source: MsiInstaller) (EventID: 11935) (User: XXX)
Description: Product: Microsoft Visual C++ 2005 Redistributable (x64) -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC80.OpenMP,type="win32",version="8.0.50727.4053",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64"'. Please refer to Help and Support for more information. HRESULT: 0x800736B3. assembly interface: IAssemblyCacheItem, function: Commit, component: {09D44781-D142-FE32-A01F-C8B3B9A1E18E}(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/24/2015 00:35:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.208561c3001d0ae3686eeee6f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe7dca854e-1a2a-11e5-beaf-3c970e7b8a03microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/24/2015 00:28:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20856bd001d0ae357309dacb4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe68a0a3db-1a29-11e5-beaf-3c970e7b8a03microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/24/2015 00:11:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.208561f8801d0ae331214616f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe07a20614-1a27-11e5-beaf-3c970e7b8a03microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/23/2015 11:01:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: skydrive.exe6.3.9600.174165452fd72ntdll.dll6.3.9600.17736550f4336c000037400000000000f0f2011e001d0ae28b4d62dd8C:\Windows\System32\skydrive.exeC:\WINDOWS\SYSTEM32\ntdll.dll4db83d7a-1a1d-11e5-beaf-3c970e7b8a03

Error: (06/23/2015 10:32:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883

==================== Memory info ===========================

Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 67%
Total physical RAM: 3941.41 MB
Available physical RAM: 1270.3 MB
Total Pagefile: 7909.41 MB
Available Pagefile: 4849.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:249.98 GB) (Free:20.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:4.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 8E06ED9E)

Partition: GPT Partition Type.

==================== End of log ============================

Edited by CompCav, 26 June 2015 - 02:06 PM.
Posted logs instead of attach

#2
Essexboy

Posted 28 June 2015 - 05:22 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi you are running both AVG and Avast, one must go

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\MountPoints2: {b92e7b89-6c15-11e4-be85-3c970e7b8a03} - "H:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b92e7b89-6c15-11e4-be85-3c970e7b8a03} - "H:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
AutoConfigURL: [S-1-5-21-1920574516-490169793-428975704-1001] => C:\Users\Mike\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\BAC_PAC.js
AutoConfigURL: [S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => C:\Users\Mike\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\BAC_PAC.js
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
CHR Extension: (No Name) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-06-25]
2014-12-11 15:09 - 2014-12-11 15:09 - 0012719 ____C () C:\ProgramData\ucxrypwh.kkh
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

#3
xshogunx13

Posted 28 June 2015 - 01:14 PM

New Member

Topic Starter
Member
9 posts

Thanks so much for replying! Do you recommend I kill Avast! or AVG?

Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015

Ran by Mike at 2015-06-28 14:48:35 Run:1

Running from C:\Users\Mike\Desktop

Loaded Profiles: Mike (Available Profiles: Mike)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

HKU\S-1-5-21-1920574516-490169793-428975704-1001\...\MountPoints2: {b92e7b89-6c15-11e4-be85-3c970e7b8a03} - "H:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}

HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b92e7b89-6c15-11e4-be85-3c970e7b8a03} - "H:\Windows\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}

AutoConfigURL: [S-1-5-21-1920574516-490169793-428975704-1001] => C:\Users\Mike\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\BAC_PAC.js

AutoConfigURL: [S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => C:\Users\Mike\AppData\Roaming\ShopAtHome.com BrowserAppCore Service\BAC_PAC.js

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

CHR Extension: (No Name) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-06-25]

2014-12-11 15:09 - 2014-12-11 15:09 - 0012719 ____C () C:\ProgramData\ucxrypwh.kkh

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

RemoveProxy:

EmptyTemp:

CMD: bitsadmin /reset /allusers

*****************

Restore point was successfully created.

"HKU\S-1-5-21-1920574516-490169793-428975704-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b92e7b89-6c15-11e4-be85-3c970e7b8a03}" => key removed successfully

HKCR\CLSID\{b92e7b89-6c15-11e4-be85-3c970e7b8a03} => key not found.

HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.

HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found.

HKU\S-1-5-21-1920574516-490169793-428975704-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully

HKU\S-1-5-21-1920574516-490169793-428975704-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value not found.

C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.

C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => moved successfully.

C:\ProgramData\ucxrypwh.kkh => moved successfully.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

HKU\S-1-5-21-1920574516-490169793-428975704-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\S-1-5-21-1920574516-490169793-428975704-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]

BITS administration utility.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{C4C4FA46-3A19-4BFD-A49E-2886AC012D06} canceled.

{F3AF12FD-C13F-4D33-A55D-A314E4845358} canceled.

{1F62CBEE-BE3C-4FF8-83E8-DD780EFF2A8E} canceled.

3 out of 3 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 1.2 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 14:54:27 ====

#4
Essexboy

Posted 28 June 2015 - 01:20 PM

GeekU Moderator

Retired Staff
69,964 posts

The choice as to which to keep is yours but if you let me know which one you are removing I will give you a link for the removal tool

Could you confirm the alerts have now ceased

#5
xshogunx13

Posted 28 June 2015 - 01:49 PM

New Member

Topic Starter
Member
9 posts

I have yet to get another alert, which I think is good since it usually happens when the computer starts up, and I removed AVG.

#6
Essexboy

Posted 28 June 2015 - 01:51 PM

GeekU Moderator

Retired Staff
69,964 posts

The AVG removal tool can be found here http://www.avg.com/gb-en/utilitiesthis will ensure that it has all gone

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

#7
xshogunx13

Posted 28 June 2015 - 01:57 PM

New Member

Topic Starter
Member
9 posts

I've done the things you suggested. Thank you SO much for your help. If the alert comes back, I'll let you know.

#8
Essexboy

Posted 28 June 2015 - 02:42 PM

GeekU Moderator

Retired Staff
69,964 posts

It won't

#9
Essexboy

Posted 29 June 2015 - 07:43 AM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: svchost.exe, Malware

Security → Virus, Spyware, Malware Removal → Possible Malware infection - help request [Solved] Started by Maffu , 07 May 2023 malware, advapi and 1 more... 1 2 3 4	Hot 51 replies 12,735 views	DR M 26 Jun 2023
Security → Virus, Spyware, Malware Removal → Help getting started checking laptop for malware [Solved] Started by triedeverything , 12 Apr 2023 help, malware, spyware 1 2	Hot 19 replies 5,806 views	DR M 16 Apr 2023
Security → Virus, Spyware, Malware Removal → Checkmate Ransomware detection / removal? Started by JcTcom , 18 Aug 2022 Checkmate, Ransomware, Virus and 5 more...	0 replies 1,864 views	JcTcom 18 Aug 2022
Security → Virus, Spyware, Malware Removal → Getting a warning over & over but not getting it clean [Solved] Started by Phlegmbot , 28 Mar 2022 malware, spyware, redirect 1 2	Hot 21 replies 6,801 views	DR M 10 Apr 2022
Security → Virus, Spyware, Malware Removal → PC keeps hanging and restarting on its own [Closed] Started by lolx21341 , 29 Jan 2022 Hanging, Restarting, Virus and 2 more...	3 replies 3,605 views	DR M 03 Feb 2022