Hello,
A couple of months ago I unintentially downloaded malware via an executable. This caused lower performance, added a search bar to my desktop, and other various add-ons and extentions and browser redirects. Forgive me if I miss what all happened that day, but MalwareBytes and Avast were installed that day to run and clean my computer, as well as ending processes that were harmful and deleting them from their locations in Windows Explorer. Everything has seemed fine for the most part, and I had resumed normal activity with occasional virus scans to ensure everything was working normally.
However, it seems like ever since that day, my computer ran a little slower.
After getting frustrated today with Firefox seemingly running slowly and thinking that most performance issues are due to applications using more RAM, I checked the Resource Monitor to see what exactly was using up so much RAM. I saw that svchost.exe was using tons of this RAM, found the file location, and am unsure if this is a legitimate version of the executable. My worries solidified when I searched the file location to find Malware Removal threads, one even on this website.
I am new to this sort of thing, but if any more information is needed I will gladly provide it.
Thanks in advance for your patience, and hopefully I do not neglect or forget any important details.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by MattMac (administrator) on MATTMAC-PC on 15-07-2015 13:58:05
Running from C:\Users\MattMac\Desktop
Loaded Profiles: MattMac (Available Profiles: MattMac)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Users\MattMac\Desktop\LubbosFanControl 1.2.3\Lubbofancontrol 1.2.3 package\LubbosFanControl.exe
() C:\Users\MattMac\Desktop\LubbosFanControl 1.2.3\Lubbofancontrol 1.2.3 package\LubbosFanControl.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-3b7be130.exe
() C:\e9e55834758089c52f8c\MPSigStub.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [741760 2012-03-27] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-09] (Valve Corporation)
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\MountPoints2: {21a8510d-d48e-11e4-b000-7cd1c392f291} - F:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\MountPoints2: {21a8511a-d48e-11e4-b000-7cd1c392f291} - F:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\MountPoints2: {824905df-bfa4-11e3-aaed-7cd1c392f291} - "E:\WD SmartWare.exe" autoplay=true
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-28] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-28] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-24] (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-28] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5096FE01-094C-45DC-A05D-F3495D31B87F}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{DCBE8101-5C9B-4D68-B2EE-109C1ADE6105}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{E64FD871-30F1-45DC-8592-1B3C3CEF742E}: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\MattMac\AppData\Roaming\Mozilla\Firefox\Profiles\a3hwjjxf.default-1436562331428
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4178455710-1139096639-4141711176-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MattMac\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4178455710-1139096639-4141711176-1000: hirevue.com/HireVueLive -> C:\Users\MattMac\AppData\Roaming\HireVue\HireVue Live\2.1.0.0\npHireVueLive.dll [2015-06-01] (HireVue)
FF Extension: BetterTTV - C:\Users\MattMac\AppData\Roaming\Mozilla\Firefox\Profiles\a3hwjjxf.default-1436562331428\Extensions\[email protected] [2015-07-10]
FF Extension: Reddit Enhancement Suite - C:\Users\MattMac\AppData\Roaming\Mozilla\Firefox\Profiles\a3hwjjxf.default-1436562331428\Extensions\[email protected] [2015-07-11]
FF Extension: uBlock Origin - C:\Users\MattMac\AppData\Roaming\Mozilla\Firefox\Profiles\a3hwjjxf.default-1436562331428\Extensions\[email protected] [2015-07-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-28]
Chrome:
=======
CHR Profile: C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-28]
CHR Extension: (BetterTTV) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-04-28]
CHR Extension: (Google Docs) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-28]
CHR Extension: (Google Drive) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-28]
CHR Extension: (YouTube) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-28]
CHR Extension: (uBlock Origin) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-05-06]
CHR Extension: (Google Search) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-28]
CHR Extension: (Google Sheets) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-28]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-06-23]
CHR Extension: (The QR Code Generator) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2015-04-28]
CHR Extension: (Kappa Everywhere - Global Twitch Emotes) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafkphjeboadjffjfcigcdfdilpcacod [2015-04-28]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-04-28]
CHR Extension: (The Great Suspender) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-28]
CHR Extension: (Google Wallet) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-28]
CHR Extension: (AlienTube for YouTube™) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2015-04-28]
CHR Extension: (Gmail) - C:\Users\MattMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-28]
Opera:
=======
OPR Extension: (sailormax) - C:\Users\MattMac\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2015-04-13]
OPR Extension: (honestbleeps) - C:\Users\MattMac\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfdcmdcpehpkengmkhkbpifajmbhfgae [2014-04-09]
OPR Extension: (bjornstar) - C:\Users\MattMac\AppData\Roaming\Opera Software\Opera Stable\Extensions\nfejljjbfaocoimfemmebidjpkibefnp [2014-10-01]
OPR Extension: (BS-Harou (Martin Kadlec)) - C:\Users\MattMac\AppData\Roaming\Opera Software\Opera Stable\Extensions\nncgmpcdlilgbepbfpeidpjlcdfhmcfp [2015-04-23]
OPR Extension: (Adblock Plus) - C:\Users\MattMac\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-04-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224640 2012-03-27] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-28] (Avast Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe [69448 2015-05-28] (Google Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-02] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-29] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 applemtm; C:\Windows\System32\DRIVERS\applemtm.sys [12288 2011-02-07] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [38912 2011-02-07] (Apple Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-09] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-28] (Avast Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-15 13:58 - 2015-07-15 13:59 - 00019690 _____ C:\Users\MattMac\Desktop\FRST.txt
2015-07-15 13:57 - 2015-07-15 13:58 - 00000000 ____D C:\FRST
2015-07-15 13:55 - 2015-07-15 13:55 - 02133504 _____ (Farbar) C:\Users\MattMac\Desktop\FRST64.exe
2015-07-15 13:38 - 2015-07-15 13:38 - 00000000 ____D C:\e9e55834758089c52f8c
2015-07-14 14:22 - 2015-07-14 14:22 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-10 19:04 - 2015-07-10 19:04 - 00003090 _____ C:\Windows\System32\Tasks\{63750B9B-82BA-4358-AFDC-8F5DD306FE83}
2015-07-10 17:05 - 2015-07-10 17:05 - 00000000 ____D C:\Users\MattMac\Desktop\Old Firefox Data
2015-07-10 14:55 - 2015-07-10 14:57 - 00018549 _____ C:\Windows\DirectX.log
2015-07-09 12:22 - 2015-07-09 12:22 - 00000000 ____D C:\illusion
2015-07-09 12:18 - 2015-07-09 12:18 - 00000000 ____D C:\Users\MattMac\AppData\Local\Disc_Soft_Ltd
2015-07-09 12:03 - 2015-07-09 12:19 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\DAEMON Tools Lite
2015-07-09 12:03 - 2015-07-09 12:03 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-07-09 12:02 - 2015-07-09 12:15 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-07-09 12:01 - 2015-07-09 12:01 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-07-08 21:28 - 2015-07-08 21:28 - 00003688 ____N C:\bootsqm.dat
2015-07-07 15:55 - 2015-07-07 15:55 - 00001240 _____ C:\Users\Public\Desktop\Zumas Revenge.lnk
2015-07-06 21:39 - 2015-07-06 21:39 - 00000000 ____D C:\Users\MattMac\AppData\Local\CEF
2015-07-05 11:44 - 2015-07-05 11:44 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\HireVue
2015-07-03 11:07 - 2015-07-03 11:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 02:11 - 2015-07-02 02:11 - 00000000 ____D C:\Users\MattMac\AppData\Local\openvr
2015-06-30 15:35 - 2015-07-03 11:51 - 00000766 _____ C:\Windows\PFRO.log
2015-06-30 10:48 - 2015-07-14 15:45 - 00003192 _____ C:\Windows\setupact.log
2015-06-30 10:48 - 2015-06-30 10:48 - 00000000 _____ C:\Windows\setuperr.log
2015-06-30 01:15 - 2015-07-15 13:56 - 00007625 _____ C:\Users\MattMac\AppData\Local\Resmon.ResmonCfg
2015-06-28 17:20 - 2015-06-30 17:56 - 00000000 ____D C:\Users\MattMac\AppData\Local\LOOT
2015-06-28 17:20 - 2015-06-28 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT
2015-06-28 16:58 - 2015-06-28 17:00 - 21886810 _____ (LOOT Team) C:\Users\MattMac\Downloads\LOOT.Installer.exe
2015-06-24 13:06 - 2015-06-24 13:06 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\java
2015-06-24 13:04 - 2015-06-24 13:05 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-06-24 13:04 - 2015-06-24 13:04 - 00000969 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-06-24 13:04 - 2015-06-24 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-06-24 01:29 - 2015-06-24 01:29 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-06-18 17:23 - 2015-06-18 23:43 - 00000000 ____D C:\Users\MattMac\AppData\Local\JourneytotheTemple
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-15 13:55 - 2009-07-14 00:45 - 00024720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-15 13:55 - 2009-07-14 00:45 - 00024720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-15 13:52 - 2014-04-08 19:09 - 01709225 _____ C:\Windows\WindowsUpdate.log
2015-07-15 13:44 - 2014-11-28 13:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-15 13:44 - 2014-10-02 12:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 13:28 - 2014-09-18 12:33 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 22:37 - 2014-04-08 21:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 22:17 - 2014-04-08 21:09 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-14 14:22 - 2014-11-28 13:19 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 14:22 - 2014-04-09 11:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 14:22 - 2014-04-09 11:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 14:17 - 2014-06-03 12:40 - 00003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1397010681
2015-07-14 14:17 - 2014-04-08 22:31 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-14 12:38 - 2014-10-26 16:48 - 00000000 ____D C:\Users\MattMac\AppData\Local\Battle.net
2015-07-12 13:03 - 2015-03-31 12:12 - 00000000 ____D C:\Temp
2015-07-12 13:02 - 2014-04-08 19:14 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-12 13:02 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 12:37 - 2015-04-28 16:09 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-12 00:06 - 2014-04-08 21:16 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\Skype
2015-07-10 19:06 - 2014-04-08 21:15 - 00000000 ____D C:\ProgramData\Skype
2015-07-10 14:57 - 2012-09-06 20:58 - 00000000 ____D C:\Users\MattMac\Documents\My Games
2015-07-10 14:14 - 2014-04-23 18:52 - 00000000 ____D C:\Users\MattMac\AppData\Local\Warframe
2015-07-10 13:37 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-10 03:56 - 2014-07-10 13:08 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\Notepad++
2015-07-08 22:54 - 2014-10-02 19:10 - 00000000 ____D C:\Users\MattMac\AppData\Local\Adobe
2015-07-07 16:51 - 2014-04-10 16:52 - 00000000 ____D C:\ProgramData\Origin
2015-07-07 15:56 - 2014-05-08 17:45 - 00000000 ____D C:\ProgramData\PopCap Games
2015-07-07 15:54 - 2014-04-10 17:04 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-07-07 13:54 - 2014-05-09 20:47 - 00000000 ____D C:\Users\MattMac\Desktop\To Sort
2015-07-05 13:03 - 2014-12-03 13:44 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\vlc
2015-07-05 06:08 - 2010-11-20 23:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 11:51 - 2015-06-09 10:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2014-09-18 12:33 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 22:55 - 2013-07-20 23:14 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\Mumble
2015-07-02 01:09 - 2014-04-10 16:52 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-30 13:47 - 2013-06-30 16:55 - 00000000 ____D C:\Users\MattMac\AppData\Local\Fallout3
2015-06-30 01:11 - 2014-08-11 12:17 - 00000000 ____D C:\Windows\Minidump
2015-06-30 00:52 - 2015-04-22 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unofficial Fallout 3 Patch
2015-06-29 20:48 - 2014-10-26 16:48 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-29 16:32 - 2015-04-22 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-06-29 16:32 - 2015-04-22 13:15 - 00000000 ____D C:\Program Files (x86)\Nexus Mod Manager
2015-06-28 20:01 - 2014-09-19 11:57 - 00000000 ____D C:\Program Files (x86)\LOOT
2015-06-27 16:10 - 2015-04-28 16:09 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 17:41 - 2014-12-27 23:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 14:39 - 2014-04-08 20:59 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-24 13:36 - 2013-05-18 13:54 - 00000000 ____D C:\Users\MattMac\AppData\Roaming\.minecraft
2015-06-22 16:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-06-16 15:41 - 2014-10-26 17:01 - 00000000 ____D C:\Program Files (x86)\Hearthstone
==================== Files in the root of some directories =======
2015-03-26 01:26 - 2015-03-26 01:26 - 0000600 _____ () C:\Users\MattMac\AppData\Roaming\winscp.rnd
2015-04-28 23:10 - 2015-04-28 23:10 - 0613255 _____ (CMI Limited) C:\Users\MattMac\AppData\Local\nsyD4DA.tmp
2015-03-11 20:33 - 2015-03-25 23:21 - 0000600 _____ () C:\Users\MattMac\AppData\Local\PUTTY.RND
2015-06-30 01:15 - 2015-07-15 13:56 - 0007625 _____ () C:\Users\MattMac\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\MattMac\AppData\Local\Temp\Nexus Mod Manager-0.55.7.exe
C:\Users\MattMac\AppData\Local\Temp\plugin_vV6748.dll
C:\Users\MattMac\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-07 13:26
==================== End of log ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by MattMac at 2015-07-15 14:00:43
Running from C:\Users\MattMac\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4178455710-1139096639-4141711176-500 - Administrator - Disabled)
Guest (S-1-5-21-4178455710-1139096639-4141711176-501 - Limited - Disabled)
MattMac (S-1-5-21-4178455710-1139096639-4141711176-1000 - Administrator - Enabled) => C:\Users\MattMac
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
0RBITALIS (HKLM-x32\...\Steam App 278440) (Version: - Alan Zucconi)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.205 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Anti-Twin (Installation 01.04.2015) (HKLM-x32\...\Anti-Twin 2014-12-24 00.52.32) (Version: - Jorg Rosenthal, Germany)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Boot Camp Services (HKLM\...\{ADA3F9C8-A6D3-4FCF-BFBB-EAD69AC0884E}) (Version: 4.0.4255 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{FD6E648E-1378-467F-AD37-2B98B379B0DD}) (Version: 44.0.2403.25 - Google Inc.)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{0F9639CB-D661-4FA0-A4B1-0441E515E0B7}) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Divekick (HKLM-x32\...\Steam App 244730) (Version: - Iron Galaxy Studios)
Eets Munchies (HKLM-x32\...\Steam App 214550) (Version: - Klei Entertainment)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fallout 3 - Unofficial Fallout 3 Patch (HKLM-x32\...\{297C7552-BA68-4F73-AB83-82510777421D}_is1) (Version: v1.2.0 - Quarn ([email protected]))
Fallout 3 Patch v1.8 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.8 - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HireVue Live (HKLM-x32\...\{99AC268D-B9C1-4EC0-ADF0-06EC494F0CC3}) (Version: 2.1.0.0 - HireVue)
ILLUSION ハーレムめいと (HKLM-x32\...\{818F40E7-A767-4C81-BBF3-3D484A145C1C}) (Version: 1.00.0000 - ILLUSION)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Kimochi (HKLM-x32\...\{BD217A14-B36D-4473-A871-CEC2AF000EF3}) (Version: 1.0.0.0 - Axon Zero)
Kingdom Rush (HKLM-x32\...\Steam App 246420) (Version: - Ironhide Game Studio)
LOOT (HKLM-x32\...\LOOT) (Version: 0.7.1 - LOOT Development Team)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.7 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
NY Reboot (HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\NY Reboot) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
SequoiaView (HKLM-x32\...\SequoiaView) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version: - Berserk Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Fall (HKLM-x32\...\Steam App 290770) (Version: - Over The Moon)
Unity Web Player (HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) (HKLM\...\2CD6536AAFFF9B465A871060CF483EC9F3341D29) (Version: 06/27/2007 2.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Broadcom Bluetooth (11/28/2011 4.0.3.0) (HKLM\...\1016ED26ACC3EEFE09AE974AFCAAFB4B107620D5) (Version: 11/28/2011 4.0.3.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) (HKLM\...\70C7CBB0824BF74552A2F28F5FFBF62A15053DA8) (Version: 10/25/2007 2.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (11/04/2011 4.0.1.0) (HKLM\...\EF8EC1D0B992E177192E4A3E3CC81A94B8114F1C) (Version: 11/04/2011 4.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (11/04/2011 4.0.1.0) (HKLM\...\ED1995AC672639EA4CA89AD23052AC5281F18C68) (Version: 11/04/2011 4.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (11/04/2011 4.0.1.0) (HKLM\...\137C5C3E9ECC47A32C5488AA254D93A745950A92) (Version: 11/04/2011 4.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple System Device (10/07/2011 4.0.1.0) (HKLM\...\9CA06E33CCD19F5A2A0985B77F37FCF8B8829140) (Version: 10/07/2011 4.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1) (HKLM\...\A0A897639A1D288A8B472FE790EBF9DB71E52ACF) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1) (HKLM\...\76830D11874044260C923425E7F5A72F25EDA758) (Version: 07/13/2009 3.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (01/17/2011 3.2.0.0) (HKLM\...\C7DD621795A42EAE550280D4D7601459F35C4EC2) (Version: 01/17/2011 3.2.0.0 - Apple Inc.)
Windows Driver Package - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.)
Windows Driver Package - Broadcom (b57nd60a) Net (10/19/2011 15.0.0.21) (HKLM\...\614931E6ACCECF53CDF435D00AEA2C97E22D5CAA) (Version: 10/19/2011 15.0.0.21 - Broadcom)
Windows Driver Package - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (02/03/2012 5.106.198.4) (HKLM\...\EEC146B6FEECE1DCAED130CE5A397F3018E73841) (Version: 02/03/2012 5.106.198.4 - Broadcom)
Windows Driver Package - Broadcom Corporation (bScsiSDa) SDHost (11/29/2011 1.0.0.232) (HKLM\...\45BF2E85E73B0271CE69F12FB0ED97276E71A71B) (Version: 11/29/2011 1.0.0.232 - Broadcom Corporation)
Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (01/30/2012 6.6001.1.36) (HKLM\...\FF8B5F3FD21FE7703C294F36CF12825927AB70B0) (Version: 01/30/2012 6.6001.1.36 - Cirrus Logic, Inc.)
Windows Driver Package - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows Driver Package - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows Driver Package - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows Driver Package - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows Driver Package - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows Driver Package - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows Driver Package - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
WinSCP 5.7.1 (HKLM-x32\...\winscp3_is1) (Version: 5.7.1 - Martin Prikryl)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4178455710-1139096639-4141711176-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4178455710-1139096639-4141711176-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4178455710-1139096639-4141711176-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4178455710-1139096639-4141711176-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4178455710-1139096639-4141711176-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4178455710-1139096639-4141711176-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Restore Points =========================
12-07-2015 13:18:37 Windows Update
15-07-2015 13:00:15 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {017A6AB0-5B5A-42D6-917C-32C3934AA8AA} - System32\Tasks\{C01A2868-298E-40BA-B307-CF57BDFD94FC} => pcalua.exe -a C:\KISS\ƒJƒXƒ^ƒ€ƒƒCƒh3D\Installer.exe -d C:\KISS\ƒJƒXƒ^ƒ€ƒƒCƒh3D -c /luninst1
Task: {0CA4D689-B2C9-4DEF-B957-3FCE2933913A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {13F2AB8F-0BED-4C1C-877A-A14EA5BEEB1D} - System32\Tasks\{858AD6ED-C88D-44C2-A367-C8368D10D414} => pcalua.exe -a "C:\Users\MattMac\Desktop\Misc\sdt\New folder\Z001287\instmsiw.exe" -d "C:\Users\MattMac\Desktop\Misc\sdt\New folder\Z001287"
Task: {14E8156E-EF88-4F5D-A00F-FC480F8B22C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-08] (Google Inc.)
Task: {1B5EB4FB-E5FE-4E7E-A1CA-9DFB9A6DF7FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {258D0234-BEDF-48F8-9D97-39CA4CE44EEB} - \WebBarUpdateTask No Task File <==== ATTENTION
Task: {31976F2A-2783-4631-965A-44A1B417D7F9} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {356777D8-E92A-489B-8494-08A630365C81} - System32\Tasks\{63750B9B-82BA-4358-AFDC-8F5DD306FE83} => Chrome.exe http://ui.skype.com/...all?page=tsBing
Task: {3F97ABD9-1008-4AE3-BCB9-C4CDE989E639} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {51C93D49-4075-4AC0-82E1-B5C408F5447B} - System32\Tasks\avastBCLRestartS-1-5-21-4178455710-1139096639-4141711176-1000 => Chrome.exe
Task: {57DFC5E9-710A-4138-BE75-1C5BECB0A90C} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {5A4A18A6-5D57-41C1-B10D-930B52ABC1AA} - \WebBarLaunchTask No Task File <==== ATTENTION
Task: {77AD6E18-C40A-4C19-8228-5DAD82859509} - System32\Tasks\Opera scheduled Autoupdate 1397010681 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {857A9B0A-762A-42C0-B903-E0CBF5D232B5} - System32\Tasks\{E8E74794-8550-47CA-ADEB-678A106AAEDE} => pcalua.exe -a C:\KISS\ƒJƒXƒ^ƒ€ƒƒCƒh3D\Installer.exe -c /luninst1
Task: {B1900415-F92B-424B-988D-B3B277937037} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {B6159FCD-2D82-434F-B999-A812BFC7CCCE} - \Run_Bobby_Browser No Task File <==== ATTENTION
Task: {C2F31605-0C84-40B2-8E9E-188B67950E2E} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {C4D81DCD-245B-45EF-992D-ADC0A0F56980} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C9610DB5-3FB8-4E34-A067-98E0598D1016} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.)
Task: {F9DD9A17-EA4E-4B96-B44C-F3835B39008F} - System32\Tasks\PostPoneInstall => C:\Users\MattMac\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-04-08 19:14 - 2015-02-05 15:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-03-27 23:10 - 2012-03-27 23:10 - 00224640 _____ () C:\Windows\system32\AppleOSSMgr.exe
2015-04-30 16:36 - 2014-04-05 00:24 - 00109568 _____ () C:\Users\MattMac\Desktop\Misc\sdt\ntleas044_x64\ntleasCtx.dll
2014-05-12 05:49 - 2014-05-12 05:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-05-28 23:34 - 2014-05-29 00:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-11 00:28 - 2012-09-17 11:34 - 00141312 _____ () C:\Users\MattMac\Desktop\LubbosFanControl 1.2.3\Lubbofancontrol 1.2.3 package\LubbosFanControl.exe
2015-07-15 13:38 - 2015-06-23 13:30 - 00300704 _____ () c:\e9e55834758089c52f8c\MpSigStub.exe
2013-10-10 17:48 - 2013-10-10 17:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-04-28 16:08 - 2015-04-28 16:08 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-28 16:08 - 2015-04-28 16:08 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-12 12:37 - 2015-07-12 12:37 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071200\algo.dll
2015-07-15 13:01 - 2015-07-15 13:01 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071501\algo.dll
2014-04-07 10:31 - 2014-04-07 10:31 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-04-28 16:08 - 2015-04-28 16:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-08 19:19 - 2012-01-04 19:34 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-04-08 21:11 - 2015-07-03 12:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-03 00:54 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-03 00:54 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-03 00:54 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 19:29 - 2015-07-09 19:18 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-31 00:30 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-31 00:30 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-31 00:30 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-31 00:30 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-31 00:30 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-04-08 21:11 - 2015-07-09 19:18 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-06 21:36 - 2015-07-07 16:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-04-08 21:11 - 2015-07-03 12:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MattMac\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^MattMac^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Uninstall C: =>
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F04071F2-C2B8-4275-A43C-66320C89ABBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CA802E01-8DFB-404A-B3B7-A9607101495A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{54354C32-6878-4009-9D80-05083B2241AA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8C121BF-5870-4639-AF7D-DEA29E5C22EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B27EE912-2EAE-4171-9DC0-D8182BEFB42F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{717851BA-BE6C-4BB6-8DEF-1020AE2CE095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{671516C2-E93F-4D6A-86AF-4DAE4B699082}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C4EEEE03-6005-4BB3-92E8-A2AA243D2BA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24A62844-DB18-4602-8323-9FECA6CA8313}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{93DB65E6-9C7E-480C-9826-6748CAEB4A7F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{63F7A23B-B16B-419C-B8EF-7641B86CB39C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{D1579519-98D1-4914-B06A-843013D1DC87}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3906DE56-317B-4AAE-A2D3-9ADED0619ECB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FC2E7481-0332-45CD-84BE-2B19BBD229D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4CBC942F-9660-4691-836F-B920099DC528}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3C64A01E-EBF0-4B96-A486-9C08D3DA9381}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{28936DC0-174A-4B43-B6A8-A447630EA69F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{E22163FA-0507-46FA-8CB2-2FABE1870E09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{B9DC3371-3609-4342-B6D5-30DCAA7AC5EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [TCP Query User{214651A7-F2B7-4BA6-B244-7952B278FC6D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DF53665B-D6EC-4400-8C13-9CAD5A17D132}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{2123A630-55D8-4B7E-8B88-3C1B2C910A01}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A46F2815-33B7-4B3A-B434-6B1221A7CDE2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{86BBF74E-F848-42D1-A53F-C341C8A45BB6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B481A59B-EC6D-4CE1-97D9-855F55B9EACF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5B0D0695-7581-46BB-B4DC-83A1F129C231}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{BEBF5FD6-A46E-4BD4-A8FD-6836B7F1DF1C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9BC284C1-403F-4838-86F6-86945E6B8032}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{C9CEC3F7-EAA6-4AA0-AA4F-EE13906F4E8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{5C6B9F9C-0B96-4F2C-8C9A-B1E09E2D5F40}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{2DC3D24C-A807-473C-ADBD-C94D293D6552}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{6AF7D5DE-D5C3-4FCE-B09F-DFD3EE7E4F85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{742C7986-8356-4863-8EC2-3440084B2DAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{55ACF92D-DCFD-4B36-A0EE-15EEEE7CFAD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E5E45D49-5E78-4076-9524-D39933198D8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7E2D5C9C-9606-4641-BCF7-FA1277652442}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{3ECF3735-0DA6-4325-BC7D-C6F678CE0CCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{85E77683-EE9E-4F34-8B39-287424B7FDC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B2853542-206A-49B7-837A-A5CCDEB77078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6231E9A7-3823-4BB0-B6AA-6821AC198200}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5485FCE4-856B-4DD6-8974-85B6E73D915D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5595CFB9-E7FE-49F0-97B2-2522F43959E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{F3DD5B36-CA80-4750-924A-70FD9C9E0511}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{C41AAC51-3990-4F3D-86FD-6EDB8017BA86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\eets_munchies\eets2.exe
FirewallRules: [{DB154217-B912-42D4-B6F9-795B2137228F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\eets_munchies\eets2.exe
FirewallRules: [{AA6FEA7F-DCAA-424A-AFAC-92074559D658}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\0rbitalis\0RBITALIS.exe
FirewallRules: [{B8113C53-8B78-486E-AA74-B5392DFD3760}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\0rbitalis\0RBITALIS.exe
FirewallRules: [{C8645488-2438-4285-B00D-F9AD77034924}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{6F2450DC-BF3B-4D64-86FD-6B0336792DD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{D5432C26-7BA4-4D14-BE5F-47B7F90E5038}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{3CCEEBE7-2E5D-464A-9759-BB137ABAF797}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{75E6F509-6462-471E-AB8A-F91AF3920F47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{BB68A4E1-A2AA-4A4A-B9A9-047732649D6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{80C2E03F-CA7F-42C1-960E-EFBCC75AFDEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{B9E26B70-42DE-40FA-887C-76FAB381E6F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Divekick\DivekickD3D11.exe
FirewallRules: [{4649097B-9F3E-44DE-998B-F56DB5AD2DC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheFall\TheFall.exe
FirewallRules: [{27804004-BD8F-4326-AEA7-9C5B8CC405CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheFall\TheFall.exe
FirewallRules: [{9ADAC3A9-E131-4E02-8864-B83D3C683D73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe
FirewallRules: [{59B82B33-06F3-45C1-8022-C07391A06095}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe
FirewallRules: [{E7FD659F-CC9C-4E0C-BFE2-3241C5968265}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EBD620CE-4964-4ED9-8804-911F72F9405C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A30F75B9-4AC7-4B8E-A0B7-5C34D74C64C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{7881E711-821C-4767-BAA5-807E12478C23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B3BF97A8-CE48-4541-B5D7-43997660E789}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{A2C52CE3-D1FA-41D7-8D54-2ABB2B8963AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{26A04269-7776-422B-B440-67D76469DC01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{DAC5CD30-C589-4A97-B1DD-632A77AB82BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{92855617-BF96-45A5-A712-48057FCB8B85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{556572B1-B5BC-4F95-9922-159712DF6D59}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{09B94245-3B19-42DF-9D03-8DAB749E045E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E6F4A054-4765-4F60-A628-13FA3879D60E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{86CCFFB5-22A7-488F-A2C7-838AEB8FF628}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe
FirewallRules: [{ECCEC4B5-B481-4493-B297-31B1E1CB6EE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7A17064D-CEDF-4E73-A1E7-8FADA83409D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F0F800E9-08CF-4E06-9DCE-369CB7227C0B}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{1D372A96-A240-45CF-A28D-E17AAE0B97D0}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{5D2BA964-FAC5-4BD5-98E7-DB6A5154A3B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{DEACDF3B-B8D2-4686-823F-5886FED92C26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{BC692A1C-4CD7-4537-BC6D-C5C56EF29DF0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{80A3FD35-5A5B-426E-86D9-AEC3C95A9B0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{E9ABACBF-C452-46F7-AE43-185C4BDDE621}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2015 11:21:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception code: 0xc0000005
Fault offset: 0x006ab44e
Faulting process id: 0x2c4
Faulting application start time: 0xFallout3.exe0
Faulting application path: Fallout3.exe1
Faulting module path: Fallout3.exe2
Report Id: Fallout3.exe3
Error: (07/14/2015 09:54:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception code: 0xc0000005
Fault offset: 0x006ab44e
Faulting process id: 0x658
Faulting application start time: 0xFallout3.exe0
Faulting application path: Fallout3.exe1
Faulting module path: Fallout3.exe2
Report Id: Fallout3.exe3
Error: (07/12/2015 01:04:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 11:19:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x558c4530
Faulting module name: d3d9.dll_unloaded, version: 0.0.0.0, time stamp: 0x4ce7b7b3
Exception code: 0xc0000005
Fault offset: 0x69fb6b34
Faulting process id: 0x1dc0
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
Error: (07/08/2015 09:47:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/08/2015 09:35:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/06/2015 09:35:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2015 11:53:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2015 12:16:21 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
Error: (06/30/2015 03:37:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/15/2015 01:38:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.201.1744.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (07/15/2015 01:38:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.201.1744.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (07/15/2015 01:38:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.201.1744.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (07/15/2015 06:17:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
Error: (07/12/2015 01:02:06 PM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.
Error: (07/12/2015 01:02:06 PM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.
Error: (07/12/2015 12:59:44 PM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
Error: (07/12/2015 01:02:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:56:27 PM on 7/12/2015 was unexpected.
Error: (07/10/2015 12:28:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.201.1434.0).
Error: (07/10/2015 12:21:24 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.201.1297.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Microsoft Office:
=========================
Error: (07/14/2015 11:21:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fallout3.exe1.7.0.34a40f18bFallout3.exe1.7.0.34a40f18bc0000005006ab44e2c401d0bea4726f0562C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exeC:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe987b98b3-2aa0-11e5-9616-7cd1c392f291
Error: (07/14/2015 09:54:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fallout3.exe1.7.0.34a40f18bFallout3.exe1.7.0.34a40f18bc0000005006ab44e65801d0be9af01d5d36C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exeC:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe6da4b5ca-2a94-11e5-9616-7cd1c392f291
Error: (07/12/2015 01:04:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 11:19:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0558c4530d3d9.dll_unloaded0.0.0.04ce7b7b3c000000569fb6b341dc001d0bb6547b34cafC:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exed3d9.dll98bb0cfd-277b-11e5-bc61-7cd1c392f291
Error: (07/08/2015 09:47:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/08/2015 09:35:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/06/2015 09:35:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2015 11:53:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2015 12:16:21 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\MattMac\Desktop\Misc\sdt\New folder\00 Games\GirlsHunt\Sexy GIRLS HUNT\Sexy GIRLS HUNT.exeC:\Users\MattMac\Desktop\Misc\sdt\New folder\00 Games\GirlsHunt\Sexy GIRLS HUNT\Sexy GIRLS HUNT.exe0
Error: (06/30/2015 03:37:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel® Core i7-3615QM CPU @ 2.30GHz
Percentage of memory in use: 79%
Total physical RAM: 4034.7 MB
Available physical RAM: 827.61 MB
Total Virtual: 6422.63 MB
Available Virtual: 1810.59 MB
==================== Drives ================================
Drive c: (BOOTCAMP) (Fixed) (Total:185.56 GB) (Free:16.88 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Macintosh HD) (Fixed) (Total:279.4 GB) (Free:43.24 GB) HFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00006ACA)
Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=279.4 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=185.6 GB) - (Type=07 NTFS)
==================== End of log ============================