Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer Infected looking for Assistance

Started by Dusto , Jul 18 2015 10:03 PM

  • Please log in to reply

#1
Dusto
Posted 18 July 2015 - 10:03 PM

Dusto

    Member

  • Member
  • PipPip
  • 27 posts

Hello!  My computer seems to have been infected with some nasty bugs.  When using chrome or firefox I have pages randomly popping up, warnings that I need to call a number, ads, etc..  I uninstalled chrome and now when I attempt to reinstall it, it fails.  I have run malware bytes and spybot but my problems persist :(

 

Any help would be much appreciated!  Thank you in advance!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01
Ran by Dusto (administrator) on DEATHSTAR on 18-07-2015 23:05:03
Running from C:\Users\Dusto\Desktop
Loaded Profiles: Dusto (Available Profiles: Dusto)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(EVGA Corp.) C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(LG Electronics) C:\Users\Dusto\Bluebirds\BlueBirds.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4150\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Dropbox, Inc.) C:\Users\Dusto\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5952\Battle.net.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\...\Run: [bluebirds] => C:\Users\Dusto\Bluebirds\BlueBirds.exe [270336 2009-04-29] (LG Electronics)
HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-03] (Electronic Arts)
HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2860080 2015-06-29] (Blizzard Entertainment)
HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\...\Run: [Dropbox Update] => C:\Users\Dusto\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-03-14] (Microsoft Corporation)
Startup: C:\Users\Dusto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C8BE1136-47EC-4594-9E50-1D75C608ACEB}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dusto\AppData\Roaming\Mozilla\Firefox\Profiles\32diqtb1.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-17] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-17] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-13]
CHR Extension: (Google Docs) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-13]
CHR Extension: (Google Drive) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-13]
CHR Extension: (YouTube) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-13]
CHR Extension: (Google Search) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-13]
CHR Extension: (No Name) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinoconpnefhjndafimindldhibbcdae [2015-05-13]
CHR Extension: (Google Sheets) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-13]
CHR Extension: (Google Wallet) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-14]
CHR Extension: (Gmail) - C:\Users\Dusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (BlueStack Systems, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-03-18] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-17] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2015-04-15] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2015-04-15] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-02-04] (Razer, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-18 23:05 - 2015-07-18 23:05 - 00014696 _____ C:\Users\Dusto\Desktop\FRST.txt
2015-07-18 22:54 - 2015-07-18 23:05 - 00000000 ____D C:\FRST
2015-07-18 22:54 - 2015-07-18 22:54 - 02134528 _____ (Farbar) C:\Users\Dusto\Desktop\FRST64.exe
2015-07-17 21:50 - 2015-07-17 21:51 - 73821147 _____ (White Wizard Games ) C:\Users\Dusto\Downloads\StarRealmsSetup-v233.exe
2015-07-12 15:53 - 2015-07-12 15:53 - 00000000 ____D C:\Users\Dusto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-10 00:30 - 2015-07-10 00:30 - 00001852 _____ C:\Users\Public\Desktop\Vuze.lnk
2015-07-09 23:43 - 2015-07-18 00:07 - 00000024 _____ C:\Users\Dusto\AppData\Roaming\appdataFr25.bin
2015-07-09 23:00 - 2015-07-09 23:00 - 00000222 _____ C:\Users\Dusto\Desktop\Counter-Strike Nexon Zombies.url
2015-06-29 22:35 - 2015-06-29 22:39 - 00000000 ____D C:\Users\Dusto\AppData\Local\Digsby
2015-06-29 22:35 - 2015-06-29 22:35 - 19146400 _____ C:\Users\Dusto\Downloads\digsby_setup.exe
2015-06-29 22:35 - 2015-06-29 22:35 - 00000000 ____D C:\Users\Dusto\AppData\Roaming\Digsby
2015-06-29 22:35 - 2015-06-29 22:35 - 00000000 ____D C:\ProgramData\Digsby
2015-06-29 22:25 - 2015-06-29 22:25 - 73818126 _____ (White Wizard Games ) C:\Users\Dusto\Downloads\StarRealmsSetup-v231.exe
2015-06-27 22:49 - 2015-06-27 22:49 - 00000000 _____ C:\Windows\system32\atiicdxx.dat
2015-06-27 22:49 - 2015-06-27 22:49 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-06-27 17:51 - 2015-06-27 17:52 - 175299344 _____ (Microsoft Corporation) C:\Users\Dusto\Downloads\msert.exe
2015-06-27 17:49 - 2015-07-06 15:49 - 00000000 ____D C:\Program Files (x86)\Hover Zoom
2015-06-27 17:48 - 2015-07-06 15:49 - 00000000 ____D C:\Program Files (x86)\COupExtensiiuooN
2015-06-27 17:28 - 2015-07-06 15:49 - 00000000 ____D C:\Program Files (x86)\GenMaker
2015-06-27 16:20 - 2015-06-27 16:21 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-27 16:19 - 2015-06-27 17:28 - 00000000 ____D C:\ProgramData\1327992c00002558
2015-06-27 16:06 - 2015-06-17 01:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-27 16:05 - 2015-06-17 04:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-27 16:05 - 2015-06-17 04:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-27 16:05 - 2015-06-17 04:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-27 16:05 - 2015-06-17 04:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-27 15:16 - 2015-06-27 15:49 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-27 15:07 - 2015-05-18 22:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-27 15:07 - 2015-05-18 22:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-27 10:39 - 2015-06-27 10:39 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-06-20 23:01 - 2015-07-03 17:01 - 00000000 ____D C:\ProgramData\{203db7d6-c8f3-b0de-203d-db7d6c8fdf5b}
2015-06-19 15:42 - 2015-06-19 15:42 - 00000000 _____ C:\Users\Dusto\AppData\Local\Temp.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-18 23:03 - 2015-03-15 09:56 - 00000000 ____D C:\Users\Dusto\AppData\Local\Battle.net
2015-07-18 23:03 - 2009-07-13 23:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-18 23:03 - 2009-07-13 23:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-18 23:01 - 2015-06-16 21:56 - 00003888 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000UA
2015-07-18 23:01 - 2015-06-16 21:56 - 00003492 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000Core
2015-07-18 23:01 - 2015-06-16 21:56 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000UA.job
2015-07-18 23:01 - 2015-06-16 21:56 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000Core.job
2015-07-18 22:54 - 2015-03-14 13:57 - 02075953 _____ C:\Windows\WindowsUpdate.log
2015-07-18 22:49 - 2009-07-14 00:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-18 22:48 - 2015-04-27 13:20 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-18 22:43 - 2015-05-11 19:57 - 00000000 ___RD C:\Users\Dusto\Dropbox
2015-07-18 22:43 - 2015-05-11 19:56 - 00000000 ____D C:\Users\Dusto\AppData\Roaming\Dropbox
2015-07-18 22:43 - 2015-04-27 13:20 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-18 22:43 - 2015-03-14 12:37 - 00000000 ____D C:\ProgramData\Origin
2015-07-18 22:43 - 2015-03-14 12:34 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-18 22:43 - 2015-03-14 12:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-18 22:43 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-18 22:43 - 2009-07-13 23:51 - 00044102 _____ C:\Windows\setupact.log
2015-07-18 00:35 - 2015-03-19 22:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-18 00:18 - 2015-05-13 22:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-18 00:00 - 2015-06-17 00:00 - 00000354 _____ C:\Windows\Tasks\SaveMail.job
2015-07-17 22:34 - 2015-03-14 21:14 - 00000000 ____D C:\Users\Dusto\AppData\Local\Deployment
2015-07-17 21:51 - 2015-03-14 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Realms
2015-07-17 14:35 - 2015-03-19 22:51 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-17 14:35 - 2015-03-19 22:51 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-17 14:35 - 2015-03-19 22:51 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-17 14:07 - 2015-04-27 21:02 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-07-10 00:52 - 2015-05-15 00:03 - 00000000 ____D C:\Users\Dusto\AppData\Roaming\Azureus
2015-07-10 00:30 - 2015-05-15 00:03 - 00001852 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2015-07-10 00:30 - 2015-05-15 00:03 - 00000000 ____D C:\Program Files (x86)\Vuze
2015-07-09 22:57 - 2015-03-14 12:48 - 00025356 _____ C:\Windows\PFRO.log
2015-07-06 15:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Resources
2015-07-06 15:15 - 2015-03-14 20:17 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-05 05:08 - 2015-03-14 12:06 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 11:26 - 2015-03-20 20:52 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-07-03 11:26 - 2015-03-14 12:37 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-29 23:46 - 2015-03-15 09:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-27 17:49 - 2015-06-17 00:00 - 00000000 ____D C:\ProgramData\14656642018744939190
2015-06-27 17:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PLA
2015-06-27 17:26 - 2015-06-17 00:00 - 00000000 ____D C:\ProgramData\{6ecc2c24-d8d3-4be5-6ecc-c2c24d8db093}
2015-06-27 17:26 - 2015-06-03 00:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-27 16:21 - 2015-03-14 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-27 16:21 - 2015-03-14 20:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-27 16:18 - 2015-03-19 22:51 - 00000000 ____D C:\Users\Dusto\AppData\Local\Adobe
2015-06-27 16:07 - 2015-03-17 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-27 16:07 - 2015-03-14 12:05 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-27 15:07 - 2015-06-01 19:09 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-24 06:36 - 2015-03-17 19:49 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 06:36 - 2015-03-17 19:49 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 06:36 - 2015-03-17 19:49 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-24 06:36 - 2015-03-17 19:49 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-18 08:41 - 2015-03-14 20:17 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2015-03-14 20:17 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-03-14 20:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2015-06-27 10:39 - 2015-06-27 10:39 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-07-09 23:43 - 2015-07-18 00:07 - 0000024 _____ () C:\Users\Dusto\AppData\Roaming\appdataFr25.bin
2015-06-19 15:42 - 2015-06-19 15:42 - 0000000 _____ () C:\Users\Dusto\AppData\Local\Temp.dat

Some files in TEMP:
====================
C:\Users\Dusto\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuej02f.dll
C:\Users\Dusto\AppData\Local\Temp\i4jdel0.exe
C:\Users\Dusto\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dusto\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Dusto\AppData\Local\Temp\nvStInst.exe
C:\Users\Dusto\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-17 17:55

==================== End of log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by Dusto at 2015-07-18 23:05:21
Running from C:\Users\Dusto\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2259607771-1302425788-2206877890-500 - Administrator - Disabled)
Dusto (S-1-5-21-2259607771-1302425788-2206877890-1000 - Administrator - Enabled) => C:\Users\Dusto
Guest (S-1-5-21-2259607771-1302425788-2206877890-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version:  - Nexon)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVGA PrecisionX 16 (HKLM-x32\...\{54C2F767-A27B-44E7-8103-E37FC30FB06C}) (Version: 5.3.5 - EVGA Corporation)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Legend of Grimrock (HKLM-x32\...\GOGPACKGRIMROCK_is1) (Version: 2.0.0.17 - GOG.com)
Magic The Gathering Online  (HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\...\35c9d60442fbb010) (Version: 3.4.86.517 - Wizards of the Coast)
Magnifico (HKLM-x32\...\Steam App 320400) (Version:  - Mixel)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Omerta - City of Gangsters (with 4 DLCs) (HKLM-x32\...\1207659157_is1) (Version: 2.3.0.14 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
Shadowrun: Dragonfall - Director's Cut (HKLM-x32\...\Steam App 300550) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Small World 2 (HKLM-x32\...\Steam App 235620) (Version:  - Days of Wonder)
Star Realms version 2.33 (HKLM-x32\...\{F4DEB22F-AC61-4111-89B2-CF434A2BABFB}_is1) (Version: 2.33 - White Wizard Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games Limited)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2259607771-1302425788-2206877890-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dusto\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

04-07-2015 23:13:04 Windows Update
06-07-2015 13:58:58 Windows Update
06-07-2015 14:06:49 Windows Update
07-07-2015 22:18:07 Windows Update
09-07-2015 23:00:55 Windows Update
09-07-2015 23:08:49 Windows Update
12-07-2015 15:55:42 Windows Update
17-07-2015 14:09:00 Windows Update
17-07-2015 14:17:00 Windows Update
17-07-2015 19:09:19 Windows Update
18-07-2015 00:09:42 Windows Update
18-07-2015 22:46:25 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A639B3A-510F-42CC-A645-A030089EF2A3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000UA => C:\Users\Dusto\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {47ABC528-FA67-48AB-AD77-C5069D7F14BA} - System32\Tasks\SaveMail => c:\programdata\{6ecc2c24-d8d3-4be5-6ecc-c2c24d8db093}\5188013559508084220b.exe <==== ATTENTION
Task: {4E8739B7-EFAA-4432-BD33-9D0270A5A05D} - System32\Tasks\EVGAPrecisionX => C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe [2015-06-01] (EVGA Corp.)
Task: {65CA24B1-32BB-44C8-A8E4-79D10E08CDA5} - System32\Tasks\Core Temp Autostart Dusto => C:\Program Files\Core Temp\Core Temp.exe
Task: {A9343937-2F33-4CE6-A008-B16451BFD54A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000Core => C:\Users\Dusto\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {D0D99842-9913-4ABC-B94F-C57D0C17DC64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000Core.job => C:\Users\Dusto\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2259607771-1302425788-2206877890-1000UA.job => C:\Users\Dusto\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SaveMail.job => c:\programdata\{6ecc2c24-d8d3-4be5-6ecc-c2c24d8db093}\5188013559508084220b.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-03-14 12:05 - 2015-06-17 01:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-18 00:06 - 2015-03-18 00:06 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-02-04 18:24 - 2015-02-04 18:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-03-30 19:51 - 2015-06-24 06:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-14 12:35 - 2015-04-16 12:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-14 12:35 - 2015-04-22 21:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-14 12:35 - 2015-04-22 21:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-14 12:35 - 2015-04-22 21:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-14 12:35 - 2015-06-04 13:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-14 12:35 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-14 12:35 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-14 12:35 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-14 12:35 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-14 12:35 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-14 12:35 - 2015-06-04 13:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-03 11:26 - 2015-07-03 11:20 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-03-14 12:38 - 2015-07-03 11:20 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-03-14 12:38 - 2015-07-03 11:20 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-03-14 12:38 - 2015-07-03 11:20 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-03-14 12:38 - 2015-07-03 11:20 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-03-14 12:38 - 2015-07-03 11:20 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-03-14 12:38 - 2015-07-03 11:20 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-03-14 12:38 - 2015-07-03 11:20 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-07-03 11:25 - 2015-07-03 11:20 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-05-19 21:29 - 2015-05-19 21:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-07-18 22:43 - 2015-07-18 22:43 - 00043008 _____ () c:\users\dusto\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuej02f.dll
2015-05-11 19:57 - 2015-03-19 02:15 - 00750080 _____ () C:\Users\Dusto\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-05-11 19:57 - 2015-03-19 02:15 - 00047616 _____ () C:\Users\Dusto\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-05-11 19:57 - 2015-03-19 02:15 - 00865280 _____ () C:\Users\Dusto\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-05-11 19:57 - 2015-03-19 02:15 - 00200704 _____ () C:\Users\Dusto\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-11 19:57 - 2015-03-19 02:15 - 00010240 _____ () C:\Users\Dusto\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-05-11 19:57 - 2015-03-19 02:15 - 00726016 _____ () C:\Users\Dusto\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-05-11 19:57 - 2015-03-19 02:15 - 00010240 _____ () C:\Users\Dusto\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\libcef.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\libGLESv2.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\platforms\qwindows.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\libEGL.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qgif.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qico.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qjpeg.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qmng.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qsvg.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\imageformats\qtiff.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\qml\QtQuick.2\qtquick2plugin.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-29 21:10 - 2015-06-29 21:10 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5952\qml\QtQml\Models.2\modelsplugin.dll
2015-07-17 14:35 - 2015-07-17 14:35 - 17448624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
2015-03-14 12:35 - 2015-05-11 14:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Dusto\Desktop\2015-06-19 09.10.42.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Dusto\Desktop\2015-06-19 09.37.46.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Dusto\Desktop\2015-06-19 09.48.55.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Dusto\Desktop\2015-06-19 10.19.29.jpg:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2259607771-1302425788-2206877890-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dusto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{99D390BB-A868-43C2-863F-FEC24F0EA81F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4AAF91AE-8BAA-47E2-9393-8B27EA3AF8E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C133D0A-5529-4F15-A82C-E93385162CBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{03DF9AF3-AEF9-4077-B0FA-73116AD3A40D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DEFDE2DF-066C-4C22-92ED-961FFEC912DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7B55584C-127D-47DF-B9DD-F68EC3B9B737}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{CA8F527E-8B8D-4464-BA25-15C4526488B6}D:\winamp\winamp.exe] => (Allow) D:\winamp\winamp.exe
FirewallRules: [UDP Query User{396E3B63-D0F0-48D8-9536-6B30B947A46B}D:\winamp\winamp.exe] => (Allow) D:\winamp\winamp.exe
FirewallRules: [{7914B409-BE99-4DA6-A3C2-D204625565B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{73F87321-676C-4745-99EC-7109AA40F486}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{3F5BA37F-B338-44A2-AD3C-0F58F8F3DCCF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{ED10BB0D-F0AA-44DF-ABFE-4AF286647DD6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{6DCF8397-76BF-4805-8D9C-061253824F24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{5D7CD69B-907B-4B84-A2DD-0F48C3B427D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{3FB9059B-801A-4D3B-A636-E9A00015B5CB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1B079CDF-8275-446D-9BC7-65A996B0BAEB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{AD3745F0-32C7-45B4-8589-793AD13138FA}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{F035C0E9-8E97-49AE-BE2D-FB2FF73920C6}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{B9C56589-5C63-40B5-A59F-BA1DA4BC3B7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{92F674AF-B8B4-4DFB-B724-B2A07D01FC96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{1DCA4DCF-240E-4A03-90BA-0DAC16A156DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{D8D2B766-5E7D-4C30-B047-D9D7A4D9EA89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{5491621B-182C-4B60-88BF-D26B02F10978}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2ACD32F0-3D8C-42BD-8878-EF4BE29903A1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{A2470921-82D0-4061-AC0E-631625676663}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AF8C444A-1666-4E41-B6CC-C3AD34A1DA00}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6C9DF865-384A-431C-8537-363CE3E983FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{52B75068-0CFF-44F6-ABB0-394366C8CD2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{67EB0EB3-B58D-4CA9-868A-A7BE85635F90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{82B7FFA0-1DB7-4552-A91E-95776173B042}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{54FD2CE5-711B-42CB-8DCA-27016DA77425}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BDA6AC3E-D626-48C4-952A-712F13DE818F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EDFF9B15-F239-4862-99A8-7B8CDDD95BE7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7D282399-3C70-47FD-BAA3-0C29AD779283}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{41972E1A-79C5-402B-B2B3-A71CA46FAC6F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{006B9E77-429C-4A41-95FE-F0F11755B1F2}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{8273E8BC-7AF0-4E59-9ED2-B93C486ACF1C}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3B1B3297-F399-48A9-BBBD-3125664E1FBF}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3F17E177-1A1C-405E-9DBD-2E34C3AC13A3}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FAE842ED-AA6B-44C2-A4F5-722BFC4A9963}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{110B61AC-0E92-4A89-9F21-D412F78DC2BD}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{FFD58490-14C3-47C2-820D-0268B3CE6B32}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{DA30E1A1-6498-4971-898A-367AE6D14133}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{9A88039C-5547-4B80-9F08-BAC3BC6081C8}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [TCP Query User{229B3014-04C5-46F7-8E81-ADF1A62AD23C}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BE6BF283-934F-433F-9BAC-6CE08B776475}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{CA6A0A26-81E2-46F7-BE6C-651CB828A7EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{820C4468-7F88-44B5-ABEB-F3C9FE83AFFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SW2Executable.app\Contents\Win32\SW2Executable.exe
FirewallRules: [{BBCB124A-1848-4CE8-A9D0-23CF3D61123C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magnifico\Magnifico.exe
FirewallRules: [{07B5B233-EA81-4964-9280-D0B4C8395479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magnifico\Magnifico.exe
FirewallRules: [{DE70311C-7342-4E3C-B913-C42682EA75DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{540705A0-4CE3-4C90-BED6-F8B5155C42C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Talisman\Talisman.exe
FirewallRules: [{76404070-8268-464D-843B-91FB6AB7A439}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{594C98FB-87B2-4525-AD6F-2F2DBBDD1A3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{2EF25F2B-E07A-418F-AF54-16A707076C29}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{AA6C0775-F4CA-420D-ABE8-A266D0A38507}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{A2404078-C66A-4801-888A-E3BF6A6E8BB9}] => (Allow) C:\Users\Dusto\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F2B04BC0-EA1F-4D9E-B9B8-7E1F0FD7F695}] => (Allow) C:\Users\Dusto\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{50FE7542-6F93-4E44-AC11-D64D9BCBF1F9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4086588C-DCE4-45CD-8133-2425D3661BE6}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{8B5B3875-EFF1-4CA9-8485-C959EAE90000}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{A75E5894-EFBE-4B49-ACEA-6676F07EA673}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [TCP Query User{695BFA94-2905-44A0-9BBD-4A78631AD152}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe
FirewallRules: [UDP Query User{A8DECC4B-438E-42D6-BCA4-3B46F4558659}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe
FirewallRules: [{C1878BD6-A4E9-41B9-8085-ABD0FE6A8B48}] => (Allow) LPort=80
FirewallRules: [{FDA90C1A-04DB-4AA9-894A-78382A6BF7F6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{300918D2-E7C5-493F-A922-944553D760B0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{46DE7A23-CE73-46BC-90FE-E444AF06121E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{25851A34-AE34-4BE5-9B42-06074E433439}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1400CDE5-6D68-4CDD-BE5E-9E6989BF8575}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FEE2F63A-57BD-499C-83F9-1A3B09541E27}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7FD3CE5A-1F27-4A66-B65F-6CB65BD532C5}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2F67ACA9-2EED-4883-AA99-22B827094912}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9E45629F-79ED-4516-9F20-FE6226147F51}C:\users\dusto\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dusto\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{41E70D80-4F08-460B-8741-6D095D541D8D}C:\users\dusto\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dusto\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{D536D740-2380-4852-93C9-EB46D98CFFF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{9366896F-7523-4907-8EAA-6D64E6813904}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1734AB32-D8BF-4DA5-922C-6C7D0A4C4227}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{1A40EF74-E921-4097-8991-A1C5F3BF9110}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2015 10:43:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/17/2015 02:05:57 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/12/2015 03:52:29 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/09/2015 10:57:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dropbox.exe, version: 3.6.7.0, time stamp: 0x550a7726
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0002d7f1
Faulting process id: 0xba8
Faulting application start time: 0xDropbox.exe0
Faulting application path: Dropbox.exe1
Faulting module path: Dropbox.exe2
Report Id: Dropbox.exe3

Error: (07/09/2015 10:57:42 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/06/2015 03:50:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/06/2015 01:55:58 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/03/2015 11:20:40 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/29/2015 09:16:50 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (06/29/2015 09:16:40 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (07/18/2015 10:45:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}

Error: (07/18/2015 10:45:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (07/18/2015 10:43:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (07/17/2015 02:07:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (07/17/2015 02:05:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (07/12/2015 03:54:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (07/12/2015 03:52:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (07/09/2015 10:59:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (07/09/2015 10:57:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (07/06/2015 03:52:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: AMD Phenom™ II X4 945 Processor
Percentage of memory in use: 31%
Total physical RAM: 8191.18 MB
Available physical RAM: 5641.03 MB
Total Virtual: 16380.55 MB
Available Virtual: 13607.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:119.8 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:693.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6E1A6798)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: FE20A1E8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================


Edited by Dusto, 18 July 2015 - 10:07 PM.

  • 0

Advertisements

#2
Dusto
Posted 18 July 2015 - 10:17 PM

Dusto

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

Update: I have now been able to reinstall Chrome and removed two extentions.  Any additional help still appreciated. 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP