FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01 Ran by Sean (administrator) on SEAN-PC on 17-04-2014 13:42:29 Running from C:\Users\Sean\Downloads Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe (BitTorrent Inc.) C:\Users\Sean\AppData\Roaming\BitTorrent\BitTorrent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingApp.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingBar.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingSurrogate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingSurrogate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingSurrogate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingSurrogate.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation) HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation) HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation) HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-08-20] () HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation) HKLM-x32\...\Run: [ROC_roc_dec12] => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 HKLM-x32\...\Run: [HF_G_Jul] => "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-02] (AVAST Software) HKLM-x32\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic="&"inst=NzYtOTExNjgzNjUxLUNJQTEwKzItU1AxKzEtVFVHKzMtU1AxUzIrMS1TVUQrMS1TMUkrMS1TVTMrMS1DSVArMi1MU0QrMi1ERFQrNTMwNDgtU1QxMEFQUCsxLUREMTArMS1TMTBEREYrMS1QMTBNMTJDKzEtVEIrMS1GVUkrMi1QMTBUQisyLUMxMEFCKzIyLUNJQVYrNTYtUENURVhQKzEw"&"prod=0"&"ver=10.0.1430 [X] HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation) HKU\S-1-5-21-3799292957-1194181936-1802369922-1000\...\Run: [bitTorrent] => C:\Users\Sean\AppData\Roaming\BitTorrent\BitTorrent.exe [1238616 2014-04-07] (BitTorrent Inc.) HKU\S-1-5-21-3799292957-1194181936-1802369922-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-04-24] (Google Inc.) HKU\S-1-5-21-3799292957-1194181936-1802369922-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation) HKU\S-1-5-21-3799292957-1194181936-1802369922-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation) HKU\S-1-5-21-3799292957-1194181936-1802369922-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-3799292957-1194181936-1802369922-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 Startup: C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk ShortcutTarget: Impulse Now.lnk -> C:\Program Files (x86)\Impulse\Now\ImpulseNow.exe (GameStop Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE05CE58B3FD3CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?PC=BNHP URLSearchHook: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBit0.dll (Conduit Ltd.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {3D3AB321-AC88-4017-BAF5-28B9AF34DAFF} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms} SearchScopes: HKCU - {3D3AB321-AC88-4017-BAF5-28B9AF34DAFF} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms} BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBit0.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Sean\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) Chrome: ======= CHR DefaultSearchKeyword: yahoo.com CHR DefaultSearchProvider: Yahoo! CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=714647&p={searchTerms} CHR DefaultNewTabURL: CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File CHR Plugin: (AVG Internet Security) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File CHR Plugin: (Skype Toolbars) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll (Skype Technologies S.A.) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Sean\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Extension: (YouTube) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15] CHR Extension: (Google Search) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15] CHR Extension: (avast! Online Security) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-06] CHR Extension: (Skype Click to Call) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-12-14] CHR Extension: (Google Wallet) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (Gmail) - C:\Users\Sean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-23] CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx [2013-10-23] CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click11.crx [2012-04-29] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-17] (AVAST Software) ==================== Drivers (Whitelisted) ==================== R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-17] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-27] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-17] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-17] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-17] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-08] () S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2012-02-20] (GEAR Software Inc.) R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () R3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors) R3 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) S3 SUSTUCAM; C:\Windows\System32\DRIVERS\sustucam.sys [56832 2009-11-25] (Susteen, Inc.) S3 SUSTUCAU; C:\Windows\System32\DRIVERS\sustucau.sys [33792 2009-11-25] (Susteen, Inc.) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 SysInfo; \??\C:\Windows\system32\drivers\SysInfo.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-17 13:42 - 2014-04-17 13:42 - 00020053 _____ () C:\Users\Sean\Downloads\FRST.txt 2014-04-17 13:41 - 2014-04-17 13:41 - 02158592 _____ (Farbar) C:\Users\Sean\Downloads\FRST64.exe 2014-04-17 10:45 - 2014-04-17 10:45 - 00000064 _____ () C:\Windows\system32\utmdfz.chu 2014-04-17 10:45 - 2014-04-17 10:45 - 00000000 _____ () C:\Windows\system32\kmbac.bzw 2014-04-17 10:29 - 2014-04-17 10:29 - 00301959 ____S () C:\Windows\system32\wggt.nxe 2014-04-17 10:29 - 2014-04-17 10:29 - 00149504 _____ (Microsoft Corporation) C:\Users\Sean\AppData\Roaming\rfqjgh.dll 2014-04-17 07:54 - 2014-04-17 13:42 - 00000000 ____D () C:\FRST 2014-04-15 22:06 - 2014-04-15 22:15 - 342490414 _____ () C:\Users\Sean\Downloads\[DeadFish] Kenzen Robo Daimidaler - 01v4 [720p][AAC].mp4 2014-04-15 22:06 - 2014-04-15 22:11 - 311423874 _____ () C:\Users\Sean\Downloads\[DeadFish] Kenzen Robo Daimidaler - 02 [720p][AAC].mp4 2014-04-15 21:09 - 2014-04-15 21:16 - 377098658 _____ () C:\Users\Sean\Downloads\[DeadFish] Broken Blade (2014) - 01v2 [720p][AAC].mp4 2014-04-15 21:09 - 2014-04-15 21:15 - 347630502 _____ () C:\Users\Sean\Downloads\[DeadFish] Broken Blade (2014) - 02v2 [720p][AAC].mp4 2014-04-15 21:08 - 2014-04-15 21:10 - 210867036 _____ () C:\Users\Sean\Downloads\[DeadFish] Mekakucity Actors - 01v2 [720p][AAC].mp4 2014-04-15 21:07 - 2014-04-15 22:04 - 276422156 _____ () C:\Users\Sean\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E18.HDTV.x264-KILLERS.mp4 2014-04-15 21:07 - 2014-04-15 21:11 - 200593046 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_12_END_[848x480][4002AE85].avi 2014-04-15 21:06 - 2014-04-15 21:10 - 208754229 _____ () C:\Users\Sean\Downloads\Supernatural.S09E18.HDTV.x264-LOL.mp4 2014-04-15 15:00 - 2014-04-15 16:11 - 266624155 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_08_[720p][2CF1E0F9].mp4 2014-04-15 14:53 - 2014-04-15 16:07 - 249009365 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_04_[1280x720][9EE23D3E].mp4 2014-04-15 14:50 - 2014-04-15 16:15 - 229971448 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_03_[1280x720][bE45F15E].mp4 2014-04-15 14:49 - 2014-04-15 15:53 - 294468336 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_02_[1280x720][9014E20F].mp4 2014-04-15 14:45 - 2014-04-15 16:19 - 285716589 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_01_[1280x720][E65209FF].mp4 2014-04-14 18:24 - 2014-04-14 18:36 - 257841154 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.US.S01E19.HDTV.x264-LOL.mp4 2014-04-13 11:31 - 2014-04-13 11:34 - 258097932 _____ () C:\Users\Sean\Downloads\[DeadFish] Blade and Soul - 02 [720p][AAC].mp4 2014-04-12 23:20 - 2014-04-12 23:22 - 212374882 _____ () C:\Users\Sean\Downloads\[DeadFish] Akuma no Riddle - 01v2 [720p][AAC].mp4 2014-04-12 15:16 - 2014-04-12 15:19 - 203698686 _____ () C:\Users\Sean\Downloads\[DeadFish] Ryuugajou Nanana no Maizoukin - 01v2 [720p][AAC].mp4 2014-04-12 15:14 - 2014-04-12 15:16 - 255414994 _____ () C:\Users\Sean\Downloads\[DeadFish] Akuma no Riddle - 02 [720p][AAC].mp4 2014-04-11 21:40 - 2014-04-11 21:42 - 262885455 _____ () C:\Users\Sean\Downloads\[DeadFish] Selector Infected WIXOSS - 02 [720p][AAC].mp4 2014-04-11 21:39 - 2014-04-11 21:43 - 255260964 _____ () C:\Users\Sean\Downloads\[DeadFish] Ping Pong The Animation - 01v2 [720p][AAC].mp4 2014-04-10 17:55 - 2014-04-10 18:03 - 523180592 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Seikoku_no_Dragonar_-_01_[720p][FF8C474A].mp4 2014-04-10 17:55 - 2014-04-10 18:02 - 322766058 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_124_[720p][067D561F].mp4 2014-04-10 17:55 - 2014-04-10 18:01 - 265965661 _____ () C:\Users\Sean\Downloads\[DeadFish] Mahouka Koukou no Rettousei - 01 [720p][AAC].mp4 2014-04-10 17:55 - 2014-04-10 17:58 - 334666335 _____ () C:\Users\Sean\Downloads\[DeadFish] No Game No Life - 01 [720p][AAC].mp4 2014-04-09 20:42 - 2014-04-09 20:42 - 00000000 ____D () C:\Users\Sean\Downloads\FFACE41053_Dll 2014-04-09 19:54 - 2014-04-09 19:54 - 00034904 _____ () C:\Users\Sean\Downloads\FFACE41053_Dll.rar 2014-04-08 18:51 - 2014-04-08 18:58 - 216427728 _____ () C:\Users\Sean\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E17.PROPER.HDTV.x264-2HD.mp4 2014-04-06 23:01 - 2014-04-06 23:11 - 462533664 _____ () C:\Users\Sean\Downloads\Game.of.Thrones.S04E01.HDTV.x264-KILLERS.mp4 2014-04-06 17:45 - 2014-04-06 17:51 - 305116819 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Naruto_Shippuuden_-_357_[720p][5252DC22].mp4 2014-04-05 18:47 - 2014-04-05 18:50 - 223665481 _____ () C:\Users\Sean\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E16.HDTV.x264-2HD.mp4 2014-04-05 18:46 - 2014-04-05 18:53 - 286082616 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.US.S01E18.HDTV.x264-LOL.mp4 2014-04-05 18:43 - 2014-04-05 18:44 - 262157529 _____ () C:\Users\Sean\Downloads\[DeadFish] Selector Infected WIXOSS - 01v2 [720p][AAC].mp4 2014-04-04 16:47 - 2014-04-04 16:49 - 310754395 _____ () C:\Users\Sean\Downloads\[DeadFish] Blade and Soul - 01 [720p][AAC].mp4 2014-04-03 18:19 - 2014-04-03 18:25 - 344565421 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_123_[720p][30672811].mp4 2014-04-01 19:13 - 2014-04-01 19:21 - 212956048 _____ () C:\Users\Sean\Downloads\[Tsuki]_Saint_Seiya_Omega_-_96_[848x480][D8B1363D].avi 2014-04-01 18:07 - 2014-04-01 18:07 - 00000000 ____D () C:\ProgramData\GRETECH 2014-03-31 16:50 - 2014-03-31 16:53 - 00000000 ____D () C:\Users\Sean\Downloads\[DeadFish] Tegami Bachi - Batch [720p][MP4][AAC] 2014-03-28 22:34 - 2014-03-28 22:45 - 73937278 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 11 [720p][AAC].mp4 2014-03-28 22:33 - 2014-03-28 22:57 - 69327146 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 05 [720p][AAC].mp4 2014-03-28 22:32 - 2014-03-29 00:23 - 63811922 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 03 [720p][AAC].mp4 2014-03-28 22:31 - 2014-03-29 00:23 - 60021615 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 04 [720p][AAC].mp4 2014-03-28 22:31 - 2014-03-29 00:20 - 64292691 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 08 [720p][AAC].mp4 2014-03-28 22:31 - 2014-03-28 23:58 - 72807264 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 10 [720p][AAC].mp4 2014-03-28 22:31 - 2014-03-28 23:17 - 63980155 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 02 [720p][AAC].mp4 2014-03-28 22:31 - 2014-03-28 23:16 - 60749909 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 07 [720p][AAC].mp4 2014-03-28 22:31 - 2014-03-28 23:12 - 61951333 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 06 [720p][AAC].mp4 2014-03-28 22:30 - 2014-03-28 22:41 - 76499395 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 09 [720p][AAC].mp4 2014-03-28 22:30 - 2014-03-28 22:37 - 69020700 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 01 [720p][AAC].mp4 2014-03-28 22:30 - 2014-03-28 22:32 - 57968983 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 12 [720p][AAC].mp4 2014-03-28 20:58 - 2014-03-28 21:13 - 256888986 _____ () C:\Users\Sean\Downloads\Helix.S01E13.HDTV.x264-EXCELLENCE.mp4 2014-03-27 17:57 - 2014-03-27 18:12 - 484423679 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Maken-ki!_Two_-_10_[8bit][720p][703A8A25].mp4 2014-03-27 17:56 - 2014-03-27 18:03 - 316139439 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_122_[720p][00BFFC65].mp4 2014-03-26 22:02 - 2014-03-26 22:04 - 232708804 _____ () C:\Users\Sean\Downloads\Supernatural.S09E16.HDTV.x264-LOL.mp4 2014-03-26 20:16 - 2014-03-26 20:24 - 292291554 _____ () C:\Users\Sean\Downloads\Arrow.S02E17.HDTV.x264-LOL.mp4 2014-03-26 20:16 - 2014-03-26 20:19 - 214057651 _____ () C:\Users\Sean\Downloads\Supernatural.S09E17.HDTV.x264-LOL.mp4 2014-03-25 17:02 - 2014-03-25 17:08 - 293888801 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Naruto_Shippuuden_-_356_[720p][16346B55].mp4 2014-03-24 23:25 - 2014-03-24 23:27 - 262207302 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.S01E16.HDTV.x264-LOL.mp4 2014-03-24 19:26 - 2014-03-24 19:42 - 226542199 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.US.S01E17.HDTV.x264-LOL.mp4 2014-03-24 19:16 - 2014-03-24 19:23 - 215209292 _____ () C:\Users\Sean\Downloads\[Tsuki]_Saint_Seiya_Omega_-_95_[848x480][F62F6C47].avi 2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Users\Sean\Downloads\Exiled v2 3%2e21%2e2014 2014-03-22 11:37 - 2014-03-22 11:45 - 238075412 _____ () C:\Users\Sean\Downloads\Helix.S01E12.HDTV.x264-KILLERS.mp4 2014-03-20 17:30 - 2014-03-23 01:15 - 00000000 ____D () C:\Users\Sean\Downloads\FFACE41051_Dll 2014-03-19 20:07 - 2014-03-19 20:15 - 237501922 _____ () C:\Users\Sean\Downloads\Revolution.2012.S02E17.HDTV.x264-LOL.mp4 2014-03-19 20:06 - 2014-03-19 20:12 - 289476504 _____ () C:\Users\Sean\Downloads\Arrow.S02E16.HDTV.x264-LOL.mp4 2014-03-19 19:33 - 2014-03-19 19:38 - 514363983 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Maken-ki!_Two_-_09_[8bit][720p][22DE39D1].mp4 2014-03-19 19:33 - 2014-03-19 19:38 - 344335683 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_121_[720p][F55FF846].mp4 2014-03-18 23:29 - 2014-03-18 23:37 - 502590185 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Maken-ki!_Two_-_08_[8bit][720p][07364FB5].mp4 2014-03-18 23:29 - 2014-03-18 23:29 - 00000000 ____D () C:\Windows\SysWOW64\- ==================== One Month Modified Files and Folders ======= 2014-04-17 13:42 - 2014-04-17 13:42 - 00020053 _____ () C:\Users\Sean\Downloads\FRST.txt 2014-04-17 13:42 - 2014-04-17 07:54 - 00000000 ____D () C:\FRST 2014-04-17 13:41 - 2014-04-17 13:41 - 02158592 _____ (Farbar) C:\Users\Sean\Downloads\FRST64.exe 2014-04-17 13:41 - 2010-12-21 13:25 - 00000000 ____D () C:\Users\Sean\AppData\Roaming\BitTorrent 2014-04-17 13:40 - 2012-07-13 07:31 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-17 13:39 - 2010-12-20 17:19 - 00000000 ____D () C:\Users\Sean\Tracing 2014-04-17 13:38 - 2011-04-24 08:11 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-17 13:38 - 2010-12-20 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-04-17 13:38 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-17 13:38 - 2009-07-13 21:51 - 00060618 _____ () C:\Windows\setupact.log 2014-04-17 13:37 - 2010-12-20 10:35 - 01888275 _____ () C:\Windows\WindowsUpdate.log 2014-04-17 12:45 - 2011-04-24 08:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-17 11:42 - 2013-03-30 10:39 - 04715689 _____ () C:\windower.txt 2014-04-17 10:54 - 2009-07-13 21:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-17 10:54 - 2009-07-13 21:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-17 10:51 - 2009-07-13 22:13 - 00006622 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-17 10:45 - 2014-04-17 10:45 - 00000064 _____ () C:\Windows\system32\utmdfz.chu 2014-04-17 10:45 - 2014-04-17 10:45 - 00000000 _____ () C:\Windows\system32\kmbac.bzw 2014-04-17 10:29 - 2014-04-17 10:29 - 00301959 ____S () C:\Windows\system32\wggt.nxe 2014-04-17 10:29 - 2014-04-17 10:29 - 00149504 _____ (Microsoft Corporation) C:\Users\Sean\AppData\Roaming\rfqjgh.dll 2014-04-17 08:04 - 2011-07-25 23:08 - 00000000 ___RD () C:\Users\Others\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-17 08:04 - 2010-12-20 11:18 - 00000000 ___RD () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-17 08:04 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-04-17 07:07 - 2011-07-25 23:05 - 00000008 __RSH () C:\Users\Sean\ntuser.pol 2014-04-17 07:07 - 2010-12-20 11:17 - 00000000 ____D () C:\Users\Sean 2014-04-16 00:54 - 2010-12-20 17:52 - 17008724 _____ () C:\Windows\PFRO.log 2014-04-15 22:15 - 2014-04-15 22:06 - 342490414 _____ () C:\Users\Sean\Downloads\[DeadFish] Kenzen Robo Daimidaler - 01v4 [720p][AAC].mp4 2014-04-15 22:11 - 2014-04-15 22:06 - 311423874 _____ () C:\Users\Sean\Downloads\[DeadFish] Kenzen Robo Daimidaler - 02 [720p][AAC].mp4 2014-04-15 22:04 - 2014-04-15 21:07 - 276422156 _____ () C:\Users\Sean\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E18.HDTV.x264-KILLERS.mp4 2014-04-15 21:16 - 2014-04-15 21:09 - 377098658 _____ () C:\Users\Sean\Downloads\[DeadFish] Broken Blade (2014) - 01v2 [720p][AAC].mp4 2014-04-15 21:15 - 2014-04-15 21:09 - 347630502 _____ () C:\Users\Sean\Downloads\[DeadFish] Broken Blade (2014) - 02v2 [720p][AAC].mp4 2014-04-15 21:11 - 2014-04-15 21:07 - 200593046 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_12_END_[848x480][4002AE85].avi 2014-04-15 21:10 - 2014-04-15 21:08 - 210867036 _____ () C:\Users\Sean\Downloads\[DeadFish] Mekakucity Actors - 01v2 [720p][AAC].mp4 2014-04-15 21:10 - 2014-04-15 21:06 - 208754229 _____ () C:\Users\Sean\Downloads\Supernatural.S09E18.HDTV.x264-LOL.mp4 2014-04-15 16:19 - 2014-04-15 14:45 - 285716589 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_01_[1280x720][E65209FF].mp4 2014-04-15 16:15 - 2014-04-15 14:50 - 229971448 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_03_[1280x720][bE45F15E].mp4 2014-04-15 16:11 - 2014-04-15 15:00 - 266624155 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_08_[720p][2CF1E0F9].mp4 2014-04-15 16:07 - 2014-04-15 14:53 - 249009365 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_04_[1280x720][9EE23D3E].mp4 2014-04-15 15:53 - 2014-04-15 14:49 - 294468336 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_02_[1280x720][9014E20F].mp4 2014-04-15 15:50 - 2014-01-15 06:41 - 271777829 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_10_[720p][EDAD35E5].mp4 2014-04-15 15:42 - 2014-01-15 06:41 - 243685139 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Amnesia_-_09_[720p][7EE148EB].mp4 2014-04-14 19:05 - 2011-04-12 16:40 - 00000000 ____D () C:\Users\Sean\Downloads\Exiled 1%2e2%2e3 2014-04-14 18:36 - 2014-04-14 18:24 - 257841154 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.US.S01E19.HDTV.x264-LOL.mp4 2014-04-13 11:34 - 2014-04-13 11:31 - 258097932 _____ () C:\Users\Sean\Downloads\[DeadFish] Blade and Soul - 02 [720p][AAC].mp4 2014-04-12 23:22 - 2014-04-12 23:20 - 212374882 _____ () C:\Users\Sean\Downloads\[DeadFish] Akuma no Riddle - 01v2 [720p][AAC].mp4 2014-04-12 15:19 - 2014-04-12 15:16 - 203698686 _____ () C:\Users\Sean\Downloads\[DeadFish] Ryuugajou Nanana no Maizoukin - 01v2 [720p][AAC].mp4 2014-04-12 15:16 - 2014-04-12 15:14 - 255414994 _____ () C:\Users\Sean\Downloads\[DeadFish] Akuma no Riddle - 02 [720p][AAC].mp4 2014-04-11 21:43 - 2014-04-11 21:39 - 255260964 _____ () C:\Users\Sean\Downloads\[DeadFish] Ping Pong The Animation - 01v2 [720p][AAC].mp4 2014-04-11 21:42 - 2014-04-11 21:40 - 262885455 _____ () C:\Users\Sean\Downloads\[DeadFish] Selector Infected WIXOSS - 02 [720p][AAC].mp4 2014-04-10 18:03 - 2014-04-10 17:55 - 523180592 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Seikoku_no_Dragonar_-_01_[720p][FF8C474A].mp4 2014-04-10 18:02 - 2014-04-10 17:55 - 322766058 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_124_[720p][067D561F].mp4 2014-04-10 18:01 - 2014-04-10 17:55 - 265965661 _____ () C:\Users\Sean\Downloads\[DeadFish] Mahouka Koukou no Rettousei - 01 [720p][AAC].mp4 2014-04-10 17:58 - 2014-04-10 17:55 - 334666335 _____ () C:\Users\Sean\Downloads\[DeadFish] No Game No Life - 01 [720p][AAC].mp4 2014-04-09 20:42 - 2014-04-09 20:42 - 00000000 ____D () C:\Users\Sean\Downloads\FFACE41053_Dll 2014-04-09 19:54 - 2014-04-09 19:54 - 00034904 _____ () C:\Users\Sean\Downloads\FFACE41053_Dll.rar 2014-04-08 18:58 - 2014-04-08 18:51 - 216427728 _____ () C:\Users\Sean\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E17.PROPER.HDTV.x264-2HD.mp4 2014-04-08 11:48 - 2011-12-02 14:53 - 00002102 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-06 23:11 - 2014-04-06 23:01 - 462533664 _____ () C:\Users\Sean\Downloads\Game.of.Thrones.S04E01.HDTV.x264-KILLERS.mp4 2014-04-06 17:51 - 2014-04-06 17:45 - 305116819 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Naruto_Shippuuden_-_357_[720p][5252DC22].mp4 2014-04-05 18:53 - 2014-04-05 18:46 - 286082616 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.US.S01E18.HDTV.x264-LOL.mp4 2014-04-05 18:50 - 2014-04-05 18:47 - 223665481 _____ () C:\Users\Sean\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S01E16.HDTV.x264-2HD.mp4 2014-04-05 18:44 - 2014-04-05 18:43 - 262157529 _____ () C:\Users\Sean\Downloads\[DeadFish] Selector Infected WIXOSS - 01v2 [720p][AAC].mp4 2014-04-04 16:49 - 2014-04-04 16:47 - 310754395 _____ () C:\Users\Sean\Downloads\[DeadFish] Blade and Soul - 01 [720p][AAC].mp4 2014-04-03 18:25 - 2014-04-03 18:19 - 344565421 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_123_[720p][30672811].mp4 2014-04-01 19:21 - 2014-04-01 19:13 - 212956048 _____ () C:\Users\Sean\Downloads\[Tsuki]_Saint_Seiya_Omega_-_96_[848x480][D8B1363D].avi 2014-04-01 18:07 - 2014-04-01 18:07 - 00000000 ____D () C:\ProgramData\GRETECH 2014-04-01 18:07 - 2010-12-22 01:29 - 00001213 _____ () C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk 2014-04-01 18:07 - 2010-12-22 01:29 - 00001189 _____ () C:\Users\Public\Desktop\GOM Player.lnk 2014-03-31 16:53 - 2014-03-31 16:50 - 00000000 ____D () C:\Users\Sean\Downloads\[DeadFish] Tegami Bachi - Batch [720p][MP4][AAC] 2014-03-31 09:35 - 2010-12-20 10:51 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-03-29 00:23 - 2014-03-28 22:32 - 63811922 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 03 [720p][AAC].mp4 2014-03-29 00:23 - 2014-03-28 22:31 - 60021615 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 04 [720p][AAC].mp4 2014-03-29 00:20 - 2014-03-28 22:31 - 64292691 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 08 [720p][AAC].mp4 2014-03-28 23:58 - 2014-03-28 22:31 - 72807264 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 10 [720p][AAC].mp4 2014-03-28 23:17 - 2014-03-28 22:31 - 63980155 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 02 [720p][AAC].mp4 2014-03-28 23:16 - 2014-03-28 22:31 - 60749909 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 07 [720p][AAC].mp4 2014-03-28 23:12 - 2014-03-28 22:31 - 61951333 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 06 [720p][AAC].mp4 2014-03-28 22:57 - 2014-03-28 22:33 - 69327146 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 05 [720p][AAC].mp4 2014-03-28 22:45 - 2014-03-28 22:34 - 73937278 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 11 [720p][AAC].mp4 2014-03-28 22:41 - 2014-03-28 22:30 - 76499395 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 09 [720p][AAC].mp4 2014-03-28 22:37 - 2014-03-28 22:30 - 69020700 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 01 [720p][AAC].mp4 2014-03-28 22:32 - 2014-03-28 22:30 - 57968983 _____ () C:\Users\Sean\Downloads\[DeadFish] Pupa - 12 [720p][AAC].mp4 2014-03-28 21:13 - 2014-03-28 20:58 - 256888986 _____ () C:\Users\Sean\Downloads\Helix.S01E13.HDTV.x264-EXCELLENCE.mp4 2014-03-28 20:40 - 2011-04-24 08:11 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-28 20:40 - 2011-04-24 08:11 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-27 18:12 - 2014-03-27 17:57 - 484423679 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Maken-ki!_Two_-_10_[8bit][720p][703A8A25].mp4 2014-03-27 18:03 - 2014-03-27 17:56 - 316139439 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_122_[720p][00BFFC65].mp4 2014-03-26 22:04 - 2014-03-26 22:02 - 232708804 _____ () C:\Users\Sean\Downloads\Supernatural.S09E16.HDTV.x264-LOL.mp4 2014-03-26 20:24 - 2014-03-26 20:16 - 292291554 _____ () C:\Users\Sean\Downloads\Arrow.S02E17.HDTV.x264-LOL.mp4 2014-03-26 20:19 - 2014-03-26 20:16 - 214057651 _____ () C:\Users\Sean\Downloads\Supernatural.S09E17.HDTV.x264-LOL.mp4 2014-03-25 17:08 - 2014-03-25 17:02 - 293888801 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Naruto_Shippuuden_-_356_[720p][16346B55].mp4 2014-03-24 23:27 - 2014-03-24 23:25 - 262207302 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.S01E16.HDTV.x264-LOL.mp4 2014-03-24 19:42 - 2014-03-24 19:26 - 226542199 _____ () C:\Users\Sean\Downloads\The.Tomorrow.People.US.S01E17.HDTV.x264-LOL.mp4 2014-03-24 19:23 - 2014-03-24 19:16 - 215209292 _____ () C:\Users\Sean\Downloads\[Tsuki]_Saint_Seiya_Omega_-_95_[848x480][F62F6C47].avi 2014-03-23 01:15 - 2014-03-20 17:30 - 00000000 ____D () C:\Users\Sean\Downloads\FFACE41051_Dll 2014-03-22 17:40 - 2014-03-22 17:40 - 00000000 ____D () C:\Users\Sean\Downloads\Exiled v2 3%2e21%2e2014 2014-03-22 11:45 - 2014-03-22 11:37 - 238075412 _____ () C:\Users\Sean\Downloads\Helix.S01E12.HDTV.x264-KILLERS.mp4 2014-03-19 20:15 - 2014-03-19 20:07 - 237501922 _____ () C:\Users\Sean\Downloads\Revolution.2012.S02E17.HDTV.x264-LOL.mp4 2014-03-19 20:12 - 2014-03-19 20:06 - 289476504 _____ () C:\Users\Sean\Downloads\Arrow.S02E16.HDTV.x264-LOL.mp4 2014-03-19 19:38 - 2014-03-19 19:33 - 514363983 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Maken-ki!_Two_-_09_[8bit][720p][22DE39D1].mp4 2014-03-19 19:38 - 2014-03-19 19:33 - 344335683 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Hunter_X_Hunter_-_121_[720p][F55FF846].mp4 2014-03-18 23:37 - 2014-03-18 23:29 - 502590185 _____ () C:\Users\Sean\Downloads\[Hatsuyuki]_Maken-ki!_Two_-_08_[8bit][720p][07364FB5].mp4 2014-03-18 23:29 - 2014-03-18 23:29 - 00000000 ____D () C:\Windows\SysWOW64\- Some content of TEMP: ==================== C:\Users\Sean\AppData\Local\Temp\0ozaolkf.dll C:\Users\Sean\AppData\Local\Temp\ExPromo.exe C:\Users\Sean\AppData\Local\Temp\GenericWndApi.dll C:\Users\Sean\AppData\Local\Temp\iqu_bootstrap.exe C:\Users\Sean\AppData\Local\Temp\J2Hy.dll C:\Users\Sean\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Sean\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Sean\AppData\Local\Temp\opera.dll C:\Users\Sean\AppData\Local\Temp\radqv.dll C:\Users\Sean\AppData\Local\Temp\SearchProtectionSetup.exe C:\Users\Sean\AppData\Local\Temp\SearchWithGoogleUpdate.exe C:\Users\Sean\AppData\Local\Temp\SkypeSetup.exe C:\Users\Sean\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Sean\AppData\Local\Temp\Uninstall.exe C:\Users\Sean\AppData\Local\Temp\utt48C5.tmp.exe C:\Users\Sean\AppData\Local\Temp\uttDA1F.tmp.exe C:\Users\Sean\AppData\Local\Temp\wlsetup-cvr.exe C:\Users\Sean\AppData\Local\Temp\YontooSetup-S.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll [2011-05-23 13:03] - [2010-11-20 06:27] - 0515072 ____A (Microsoft Corporation) 6B23B4D153F20B26B564868B945457A5 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-09 10:24 ==================== End Of Log ============================ Addition.txt. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01 Ran by Sean at 2014-04-17 13:43:14 Running from C:\Users\Sean\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== 1ClickDownloader (HKLM-x32\...\1ClickDownloader) (Version: 2.1 Build 26473 - 1ClickDownload) <==== ATTENTION AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.) Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Reader X (10.1.7) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated) ApRadar 3.3.0.14 (HKLM-x32\...\{ED90F5E3-960A-4BED-B1EF-777D6E4E080F}_is1) (Version: - ApneaSoft) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.9.1.0 - Ask.com) <==== ATTENTION Atlantis Word Processor (HKLM-x32\...\Atlantis Word Processor) (Version: - ) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.) BitTorrentBar Toolbar (HKLM-x32\...\BitTorrentBar Toolbar) (Version: 6.8.5.1 - BitTorrentBar) Click to Call with Skype (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8153 - Skype Technologies S.A.) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Corel WordPerfect Office - iFilter 64 Bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.01.000 - Corel Corporation) DataPilot 7 (HKLM-x32\...\InstallShield_{27CAB1BD-7AED-46AE-855C-D6E3B45FF24B}) (Version: 7.00.0001 - Susteen) DataPilot 7 (x32 Version: 7.00.0001 - Susteen) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{131CD369-AA3B-424F-A83C-54DF3534B95C}) (Version: - Microsoft) Driver Detective (HKLM-x32\...\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}) (Version: 8.0.1 - PC Drivers HeadQuarters) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) FINAL FANTASY XI (HKLM-x32\...\InstallShield_{678F6475-D227-432A-94FF-806178A34520}) (Version: 1.00 - SQUARE ENIX CO., LTD.) FINAL FANTASY XI (x32 Version: 1.00 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI Seekers of Adoulin (x32 Version: 1.50.0 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI Test Client (HKLM-x32\...\InstallShield_{27DDD216-365D-4FB8-8E2A-038B971990C2}) (Version: 1.0.0 - SQUARE ENIX CO., LTD.) FINAL FANTASY XI Test Client (x32 Version: 1.0.0 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI: Chains of Promathia (HKLM-x32\...\InstallShield_{3C0619B4-4A2C-4244-8077-488E420DF907}) (Version: 1.20.1 - SQUARE ENIX CO., LTD.) FINAL FANTASY XI: Chains of Promathia (x32 Version: 1.20.1 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI: Rise of the Zilart (HKLM-x32\...\InstallShield_{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}) (Version: 1.00 - SQUARE ENIX CO., LTD.) FINAL FANTASY XI: Rise of the Zilart (x32 Version: 1.00 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI: Seekers of Adoulin (HKLM-x32\...\InstallShield_{E86A33A7-6C77-48F3-9D72-2D8F4C1AD5AC}) (Version: 1.50.0 - SQUARE ENIX CO., LTD.) FINAL FANTASY XI: Treasures of Aht Urhgan (HKLM-x32\...\InstallShield_{A606C6FF-12E7-40BE-B777-D8F360FF00CD}) (Version: 1.30.1 - SQUARE ENIX CO., LTD.) FINAL FANTASY XI: Treasures of Aht Urhgan (x32 Version: 1.30.1 - SQUARE ENIX CO., LTD.) Hidden FINAL FANTASY XI: Wings of the Goddess (HKLM-x32\...\InstallShield_{5B037ED7-0755-48D4-9554-808E5AF50F17}) (Version: 1.40.1 - SQUARE ENIX CO., LTD.) FINAL FANTASY XI: Wings of the Goddess (x32 Version: 1.40.1 - SQUARE ENIX CO., LTD.) Hidden GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.57.5189 - Gretech Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden Impulse® (HKLM-x32\...\Impulse®) (Version: 3.29 - GameStop) Impulse® (x32 Version: 3.29 - GameStop) Hidden InstaCodecs (HKLM-x32\...\InstaCodecs_is1) (Version: 1.0 - ) InstallIQ Updater (HKLM-x32\...\{5EFA68C8-CFFD-407F-8B17-7D7C61D2F93A}) (Version: 1.1.2.0 - W3i, LLC) Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation) Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft) Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation) Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version: - ) MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig) NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation) NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.6 - Pando Networks Inc.) PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC) PL-2303 USB-to-Serial (x32 Version: 1.00.000 - Prolific Technology INC) Hidden PlayOnline Viewer & Tetra Master (HKLM-x32\...\InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.) PlayOnline Viewer & Tetra Master (x32 Version: 1.18.00 - SQUARE ENIX CO., LTD.) Hidden POLUtils (HKLM-x32\...\POLUtils) (Version: - ) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) Search Protection (HKCU\...\Search Protection) (Version: 7.5.0.1 - Spigot, Inc.) Search Toolbar (HKLM-x32\...\Search Toolbar) (Version: 1.2 - Zugo Ltd) Skype™ 6.0 (HKLM-x32\...\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}) (Version: 6.0.126 - Skype Technologies S.A.) Songbird 1.8.0 (Build 1800) (HKLM-x32\...\Songbird-release-1800) (Version: - ) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2553092) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.7.0 - Flagship Industries, Inc.) VideoLAN VLC media player 0.8.6f (HKLM-x32\...\VLC media player) (Version: 0.8.6f - VideoLAN Team) VideoMate T, M, P, S Series Driver (HKLM-x32\...\{41E340F0-0BD6-4A87-AF29-E9E584471756}) (Version: 1.38.800 - ) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Windower (HKCU\...\Windower) (Version: 3.4.3.2 - Windower Team) Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - ) Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 22-01-2014 18:26:48 Scheduled Checkpoint 03-02-2014 21:48:47 Scheduled Checkpoint 10-02-2014 11:42:35 Windows Update 17-02-2014 15:29:10 avast! antivirus system restore point 19-02-2014 15:51:30 Windows Update 05-03-2014 15:35:24 Scheduled Checkpoint 10-03-2014 11:00:26 Windows Update 17-03-2014 16:10:23 Scheduled Checkpoint 07-04-2014 15:41:12 Windows Update 11-04-2014 12:15:03 Windows Update ==================== Hosts content: ========================== 2009-07-13 19:34 - 2012-03-10 07:47 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {11672CE8-3161-4934-96B8-20B4B3C3F009} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation) Task: {152EF018-8FB2-48C1-8D21-915203097DD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24] (Google Inc.) Task: {20B287DB-1EC1-47DC-AFE7-8EE34D396890} - System32\Tasks\{C9447FCA-1018-42B0-B03C-53C1F70959E3} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.111/en/abandoninstall?page=tsChrome&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault Task: {20BB3E39-1966-47E1-B3DA-4F4F02D69969} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-17] (AVAST Software) Task: {30A3076B-D20C-4554-9B8D-8CB02E411E03} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-24] (Google Inc.) Task: {34ACF835-2AF0-439D-9A8F-7141AFF100CA} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION Task: {452ECD47-45E4-4413-B2BA-A3E3B16E62D9} - System32\Tasks\{CC8B934B-8922-4D3B-BFD9-0B6DC75CB768} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-11-09] (Skype Technologies S.A.) Task: {50DB27F7-D3A9-4676-8505-464F74275E15} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation) Task: {9C2C15B2-77B5-4E0B-9590-06152211B626} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2010-09-28] () <==== ATTENTION Task: {DC095267-9429-48DC-8D01-97C36201CCA1} - System32\Tasks\4572 => Wscript.exe C:\Users\Sean\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION Task: {E15CC46E-1D7C-4FD2-87C9-EB1E75B57E0E} - System32\Tasks\{13885368-E5CC-4CEE-90EE-4CE75EC59E12} => C:\Program Files (x86)\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe [2011-08-29] (SQUARE ENIX CO., LTD.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-18 04:05 - 2013-01-18 08:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-04-17 09:04 - 2014-04-17 12:28 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041703\algo.dll 2013-10-27 11:12 - 2013-10-27 11:12 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: ehRecvr => 3 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: WMPNetworkSvc => 3 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/17/2014 01:38:40 PM) (Source: CVHSVC) (User: ) Description: Information only. Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 10:51:37 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (04/17/2014 10:51:37 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (04/17/2014 10:45:48 AM) (Source: CVHSVC) (User: ) Description: Information only. Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 09:07:18 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (04/17/2014 09:07:18 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (04/17/2014 09:02:14 AM) (Source: CVHSVC) (User: ) Description: Information only. Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 08:56:47 AM) (Source: CVHSVC) (User: ) Description: Information only. Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 07:25:54 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis. Error: (04/17/2014 07:10:25 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. System errors: ============= Error: (04/17/2014 01:42:07 PM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (04/17/2014 01:42:07 PM) (Source: Service Control Manager) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (04/17/2014 01:40:06 PM) (Source: Service Control Manager) (User: ) Description: The Client Virtualization Handler service hung on starting. Error: (04/17/2014 01:38:37 PM) (Source: Service Control Manager) (User: ) Description: The Power service terminated with the following error: %%4203 Error: (04/17/2014 01:38:18 PM) (Source: Application Popup) (User: ) Description: \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (04/17/2014 10:49:16 AM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (04/17/2014 10:49:16 AM) (Source: Service Control Manager) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (04/17/2014 10:47:16 AM) (Source: Service Control Manager) (User: ) Description: The Client Virtualization Handler service hung on starting. Error: (04/17/2014 10:45:41 AM) (Source: Service Control Manager) (User: ) Description: The Power service terminated with the following error: %%4203 Error: (04/17/2014 10:45:26 AM) (Source: Application Popup) (User: ) Description: \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Microsoft Office Sessions: ========================= Error: (04/17/2014 01:38:40 PM) (Source: CVHSVC)(User: ) Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 10:51:37 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY) Description: WmiApRplWmiApRpl8F20300004D070000 Error: (04/17/2014 10:51:37 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY) Description: Performance1637070000000000000000000009030000 Error: (04/17/2014 10:45:48 AM) (Source: CVHSVC)(User: ) Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 09:07:18 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY) Description: WmiApRplWmiApRpl8F20300004D070000 Error: (04/17/2014 09:07:18 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY) Description: Performance1637070000000000000000000009030000 Error: (04/17/2014 09:02:14 AM) (Source: CVHSVC)(User: ) Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 08:56:47 AM) (Source: CVHSVC)(User: ) Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure. Error: (04/17/2014 07:25:54 AM) (Source: SideBySide)(User: ) Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8 Error: (04/17/2014 07:10:25 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY) Description: WmiApRplWmiApRpl8F20300004D070000 CodeIntegrity Errors: =================================== Date: 2013-10-27 05:02:26.368 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 05:02:25.980 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 05:02:25.617 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 04:56:08.960 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 04:56:08.608 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 04:56:08.264 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 04:56:07.880 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 04:56:07.540 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 04:56:07.196 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2013-10-27 04:51:57.726 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 4094.55 MB Available physical RAM: 2597.6 MB Total Pagefile: 8187.29 MB Available Pagefile: 6572.32 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.51 GB) (Free:286.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C66D64C5) Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ TDSSKiller didn't find any threats so I didn't see any options to skip or save