Jump to content

Programs wont start, keep getting errors.


Recommended Posts

Hello.

 

I recently noticed that whenever I try to start up and play certain games, or start up certain programs such as iTunes, DivX Player or other programs, I keep getting " ______ has stopped working". I noticed this began after I updated to the newest software update on my nvidia graphics card. Never had this problem before and cant figure out how to fix it. I've tried uninstalling and reinstalling programs, I've ran Malwarebytes Premium and it did not find any infections/Trojans. Any help would be greatly appreciated. Here is my log.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Daniel (administrator) on DANIEL-PC on 01-05-2015 09:46:08
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available profiles: Daniel & DefaultAppPool)
Platform: Windows 8 Pro (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\Plantronics\GameCom780\GameCom780.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-28] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2859344 2012-07-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [shadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [776480 2013-05-09] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\Run: [bitTorrent] => C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe [1742936 2015-03-21] (BitTorrent Inc.)
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [175880 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175880 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-04-08] (NVIDIA Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-196365847-3672760997-2460973386-1000 -> {523A0814-2575-4BAA-9894-2246EF433D79} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-05-31] (Qualcomm Atheros Commnucations)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\d6slsw3d.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @Webzen.com/NPBrowserExt -> C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll [2012-03-27] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-196365847-3672760997-2460973386-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-23] (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-13]

Chrome:
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-16]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-16]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-16]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-16]
CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-16]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-16]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows ® Win 7 DDK provider) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-25] (Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3209160 2014-04-02] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [341504 2013-06-26] (Qualcomm Atheros) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3812048 2013-05-30] (Qualcomm Atheros, Inc.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 CrystalSysInfo; C:\Program Files\AudioCoder x64\SysInfoX64.sys [18128 2007-09-25] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-25] (Microsoft Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299664 2015-04-08] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PlantronicsGC; C:\Windows\system32\drivers\PLTGC.sys [1327104 2013-04-12] (C-Media Electronics Inc)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 VaneFltr; C:\Windows\system32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
S3 catchme; \??\C:\Uninstall.exe\catchme.sys [X]
U3 idsvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-01 09:46 - 2015-05-01 09:46 - 00021449 _____ () C:\Users\Daniel\Desktop\FRST.txt
2015-05-01 09:44 - 2015-05-01 09:44 - 02101248 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-04-29 19:48 - 2015-04-29 19:48 - 00000030 _____ () C:\Users\Daniel\Desktop\Track shipment.txt
2015-04-23 07:34 - 2015-04-23 07:34 - 00000000 ____D () C:\ProgramData\Battle.net
2015-04-23 07:24 - 2015-04-23 07:24 - 00001144 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2015-04-23 07:24 - 2015-04-23 07:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-04-21 08:51 - 2015-04-21 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-04-21 08:51 - 2015-04-21 08:51 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-04-21 08:49 - 2015-04-08 19:58 - 31570064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 30397072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 25375048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 24053576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 17176128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 15818528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 15716232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 14617288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 14006752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 12852784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 11380728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 10423952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-04-21 08:49 - 2015-04-08 19:58 - 02935416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 02896528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 02573456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01895568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435012.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435012.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01047368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01037640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00970568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00962192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00499344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00402576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00346256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00299664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvkflt.sys
2015-04-21 08:49 - 2015-04-08 19:58 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-04-15 13:43 - 2015-04-15 13:43 - 18178736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-04-11 14:19 - 2015-04-11 14:19 - 00000822 _____ () C:\Users\Daniel\Desktop\Detection Times for AAS.txt
2015-04-10 19:49 - 2015-04-10 19:49 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\Program Files\iTunes
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\Program Files\iPod
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-07 20:54 - 2015-04-07 20:54 - 00013312 ___SH () C:\Users\Daniel\Desktop\Thumbs.db
2015-04-07 20:46 - 2015-04-07 20:46 - 00343976 _____ () C:\WINDOWS\Minidump\040715-32718-01.dmp
2015-04-07 20:45 - 2015-04-07 20:45 - 904528258 _____ () C:\WINDOWS\MEMORY.DMP
2015-04-04 13:48 - 2015-04-05 14:26 - 00000000 ____D () C:\Users\Daniel\Downloads\Heroes Season 1, 2, 3 & 4 + Extras BDRip TSV
2015-04-01 19:48 - 2015-04-01 20:05 - 00000000 ____D () C:\Users\Daniel\Downloads\Heroes - Complete

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-01 09:46 - 2014-11-18 13:59 - 00000000 ____D () C:\FRST
2015-05-01 09:43 - 2013-09-22 13:46 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-01 09:43 - 2013-07-27 13:32 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-01 09:41 - 2013-07-27 12:24 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2015-05-01 09:08 - 2013-07-27 18:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-196365847-3672760997-2460973386-1000
2015-05-01 09:00 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-01 08:40 - 2014-06-25 20:53 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-01 08:39 - 2013-09-22 13:46 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 00:23 - 2013-07-27 18:09 - 00000000 ____D () C:\Users\Daniel
2015-04-29 19:10 - 2015-03-21 14:31 - 00032768 ___SH () C:\Users\Daniel\Downloads\Thumbs.db
2015-04-29 18:59 - 2013-07-27 18:16 - 01956494 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-29 12:24 - 2014-03-19 21:00 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net
2015-04-29 08:27 - 2014-11-23 17:23 - 02788243 _____ () C:\WINDOWS\setupact.log
2015-04-29 07:42 - 2012-07-26 02:28 - 00980582 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-25 13:21 - 2013-07-28 13:28 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Deployment
2015-04-25 13:20 - 2014-06-25 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-25 13:20 - 2014-06-25 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 13:20 - 2013-07-27 09:36 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-23 07:24 - 2014-03-19 21:00 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-21 08:51 - 2013-07-27 18:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-21 08:34 - 2013-08-22 12:14 - 00001377 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-21 08:33 - 2013-09-24 20:56 - 00001127 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2015-04-21 08:33 - 2013-09-24 20:56 - 00001062 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2015-04-21 08:33 - 2013-09-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-04-21 08:33 - 2013-08-27 17:30 - 00001611 _____ () C:\Users\Daniel\Desktop\DivX Movies.lnk
2015-04-21 08:33 - 2013-08-27 17:25 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-04-21 08:33 - 2013-08-27 17:23 - 00000000 ____D () C:\ProgramData\DivX
2015-04-15 13:43 - 2013-07-27 13:32 - 00003742 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 09:38 - 2014-06-25 20:53 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-06-25 20:53 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2013-07-27 09:36 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-14 05:23 - 2012-07-26 02:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-10 19:49 - 2013-09-24 21:37 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-09 12:22 - 2013-07-29 00:14 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-04-08 19:58 - 2014-09-19 14:26 - 12689592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-04-08 19:58 - 2014-09-19 14:26 - 01086424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-04-08 19:58 - 2013-10-22 14:23 - 00927440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 03317344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 00029329 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-04-08 16:30 - 2013-07-27 18:31 - 06841488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 03478344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 01047696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 00936264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-04-08 16:30 - 2013-07-27 18:31 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-04-08 12:52 - 2013-07-27 18:31 - 04336074 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-04-07 23:19 - 2013-07-27 13:42 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-04-07 20:49 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-07 20:46 - 2013-07-27 18:07 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-07 20:45 - 2014-11-28 00:06 - 00015470 _____ () C:\WINDOWS\PFRO.log
2015-04-05 14:26 - 2013-07-27 14:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\BitTorrent

==================== Files in the root of some directories =======

2013-07-27 09:08 - 2013-07-27 19:11 - 0000000 _____ () C:\Users\Daniel\AppData\Local\BluetoothPresent.flag
2015-03-03 19:27 - 2015-03-03 19:27 - 0003584 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-27 09:08 - 2013-07-27 19:11 - 0000000 _____ () C:\Users\Daniel\AppData\Local\Driver_Jupiter_01Present.flag
2013-07-27 09:08 - 2013-07-27 19:11 - 0000000 _____ () C:\Users\Daniel\AppData\Local\Driver_LOM_8161Present.flag
2013-07-27 18:38 - 2013-07-27 19:01 - 0000955 _____ () C:\Users\Daniel\AppData\Local\killertool.log
2013-07-30 22:17 - 2013-07-30 22:17 - 0007628 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\temp\DivXSetup.exe
C:\Users\Daniel\AppData\Local\temp\jre-8u31-windows-au.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-27 16:29

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Daniel at 2015-05-01 09:46:38
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-196365847-3672760997-2460973386-500 - Administrator - Disabled)
Daniel (S-1-5-21-196365847-3672760997-2460973386-1000 - Administrator - Enabled) => C:\Users\Daniel
Guest (S-1-5-21-196365847-3672760997-2460973386-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-196365847-3672760997-2460973386-1006 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Mr. Robot Client (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\3630573967.www.askmrrobot.com) (Version:  - www.askmrrobot.com)
AudioCoder x64 0.8.22 (HKLM-x32\...\AudioCoder x64) (Version: 0.8.22 - Broad Intelligence)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Curse Client (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ETDWare PS/2-X64 11.13.0.2_WHQL (HKLM\...\Elantech) (Version: 11.13.0.2 - ELAN Microelectronic Corp.)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FlacSquisher 1.0.13 (HKLM-x32\...\FlacSquisher) (Version: 1.0.13 - FlacSquisher)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iExplorer 3.3.2.1 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mu_Rebirth (HKLM-x32\...\{60C622A1-692A-440B-B115-DBF8811DC59E}) (Version: 0.01 - )
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 3.10.0001 - Plantronics)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.228 - Qualcomm Atheros Communications) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{A0F333BA-7846-473A-B8D7-1F7618ECCAA4}) (Version: 1.0.25.1224 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 3.0.2 - UNKNOWN)
Warcraft Logs Uploader (x32 Version: 3.0.2 - UNKNOWN) Hidden
WEBZEN Browser Extension (HKLM-x32\...\{95723791-2C44-454B-9220-C65D47D70E9C}) (Version: 1.12.010 - WEBZEN)
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB  (04/21/2011 01.0.0.0) (HKLM\...\BEA7B05370C19B9C86893BB484FD6B9CC52B0CD8) (Version: 04/21/2011 01.0.0.0 - Cambridge Silicon Radio Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-196365847-3672760997-2460973386-1000_Classes\CLSID\{820b44b6-dd3f-4cb3-940c-68fca9a2c934}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

11-04-2015 11:41:50 Scheduled Checkpoint
21-04-2015 08:25:25 Scheduled Checkpoint
01-05-2015 09:24:12 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 00:26 - 2014-10-24 13:31 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02653D78-AD69-4921-B89F-B8B86780681A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0BDC8FCF-3594-4B83-9986-516F1174D733} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {19265FD1-A084-4EE7-8172-2A0B8B934CA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {1E489C07-1F09-422E-9A81-AEC10C97FD9B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {290CF274-1325-4DFC-A5E4-C4A5067AC9B6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {2D29CC86-34F2-4F69-8605-176C2E5B23F0} - System32\Tasks\{4580278E-D5E0-4967-80DD-262E5D01AED7} => pcalua.exe -a "C:\Program Files (x86)\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert II\RA2\RA2MD.exe" -d C:\WINDOWS\system32
Task: {2E06A651-3E57-4B50-9FCB-A617BFFDD6FB} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {31F49C3C-433A-43B3-B1EA-1B5F30A0F813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {322A173A-14EE-4F37-AC7B-FF001C5D0F70} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {367ADBF3-B597-42E1-B1B0-2A48478A4E5E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3CA5EA69-E033-4A6A-9A27-B64AD5EEDE26} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {44F3E536-2D39-4FE8-A40C-D12F9E216A11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4DDB8D02-A3BD-4FEF-A943-5E7B73E40583} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {56FB8818-3025-4DE3-9505-0DE53E318FD0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {62F8D865-198A-4A52-A807-F7609A262400} - System32\Tasks\{5B7CC93C-B090-402C-AACC-837629649F79} => pcalua.exe -a "C:\Program Files (x86)\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert II\RA2\YURI.exe" -d "C:\Program Files (x86)\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert II\RA2" -c -win
Task: {6C19B6FF-0310-4830-AA15-04B498AC18DE} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install => C:\WINDOWS\system32\NotificationUI.exe [2014-08-20] (Microsoft Corporation)
Task: {6E2461F0-ECD7-4826-B8B9-28DD739A7A5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {74FD313D-575F-4DE7-80F4-D4C39C6DE795} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7509B393-9DDE-4336-BF84-1FDAD82B1752} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {7AA53D05-B6A3-4BB2-B445-926BF3703B0A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8DFAF93D-DD41-4CBC-B022-76399F14C831} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {94234102-35B4-4138-A53F-D7118A544AEF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {997DB911-161F-4554-89F1-49D8CE03D964} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {A1C3BB68-E156-4088-B081-351940B71820} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {A900B1E6-4B4D-40A2-9DDA-C42A2284B408} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AC03F885-6DC8-4FF1-8F31-85B8FE69FB7B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {AC835453-9B6C-44DC-A998-67F356DB2DC3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {AF3524C6-AC6B-4BFA-8278-CB6FC61EB553} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B8F196B8-CE71-4CE5-AA14-DDCC33066BE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {B8FFFA86-F666-41AC-99A7-6A00EBFF2595} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {CC8EB555-7CC5-467F-83BB-F1C300413B84} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {D4F2EF8C-B890-4BF2-9875-93F062B6140A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E3ED0271-5698-4851-A4C0-02FFC5E9DB5D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {E6225D9A-358B-40B7-AD9E-2315F4244499} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {E89FD082-E8F2-4885-BA00-9FECDA6514C8} - System32\Tasks\Microsoft\Windows\Setup\Windows Setup Resume Task => C:\$Windows.~BT\Sources\SetupHost.Exe [2014-09-18] (Microsoft Corporation)
Task: {FC9BC9B4-2B6C-47B3-BED4-B890CEB6457C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-22 14:23 - 2015-04-08 19:58 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-07-27 18:31 - 2015-04-08 16:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-07-14 23:44 - 2010-07-14 23:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-02-07 22:16 - 2013-05-09 17:55 - 00776480 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe
2014-01-10 00:26 - 2014-01-10 00:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-07-27 18:24 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-07 22:16 - 2013-05-09 17:55 - 00149792 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll
2014-01-10 00:28 - 2014-01-10 00:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-196365847-3672760997-2460973386-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\StartupApproved\Run: => "NETGEARGenie"
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\StartupApproved\Run: => "BitTorrent"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{9BFD4736-947D-42D0-831A-BA431B2CD10A}] => (Allow) C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1D83BEE7-03E5-433C-9B85-D31EF95DA218}] => (Allow) C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F785DC0C-B29A-4867-9B08-17B42FB8B09F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9C7B37B4-1685-4F4D-8595-E3C5034586CC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E48C927B-0297-4542-9497-9FF2614E48C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B96CDD2C-32E4-4531-B5E9-BBB47F190347}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E761F978-F3A9-40B0-80A6-B1A0561863B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0A3C5988-DAD4-4237-865E-E994FA9D4895}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{CB6CDE5E-99F9-4C4C-9B87-43DAE4C828BE}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{6577C9EC-6C15-4D7C-8F63-1A6F89397B0E}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{5B2FE9BB-CC60-4FF8-9B0C-98FAFA9DDF5B}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{171CC118-07C7-4EA1-A6B6-8E907DA436C0}] => (Allow) C:\Program Files\Microsoft Office\Office14\outlook.exe
FirewallRules: [TCP Query User{BC2471C4-6727-4706-969E-8FD6DE5FB8BC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [uDP Query User{AB927D85-3E16-4F01-85CF-D593595D5E3E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{2577C715-73BB-42D8-8CE3-9283AB6B267D}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{B977D3B4-2404-4FFF-8B10-F5D4650AFC36}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{24E05929-DC4F-4DB6-B164-9BE2A2602866}C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe] => (Allow) C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe
FirewallRules: [uDP Query User{6728CC98-9623-4308-B0E1-8F0EBA5FC109}C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe] => (Allow) C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe
FirewallRules: [{C9D7EF9D-D194-4EEE-B544-255E4FE5F60E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B311FD3B-E3E0-491D-BD32-97D46366B8B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BA1D6ACF-0B53-4403-8B98-6BBA99EA24FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{51B27D98-34F4-4EAE-8BB3-36E156ED7C2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5E57474B-926E-4EED-8003-D015A73438E8}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{F8BDEDE6-3DDF-4716-80E5-707AC2F43E7F}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{6CADE336-2B38-4C9E-925D-F3BF4AA9FD6A}] => (Allow) C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe
FirewallRules: [{0D5B1CF3-C3D8-4B99-B794-97305C451A52}] => (Allow) C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe
FirewallRules: [{682F69AD-A54E-414D-A316-F89C5181CF88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EF81BF88-5233-43AB-98FA-1BC1C63460DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{55E6D273-CA37-4D7E-A4AD-7661B3C6D8DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D953AD0C-8C8F-425F-93EE-767412F4EBD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{664800A5-5F62-4CB9-8655-C984745BA72A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{80BBBC0E-CAB8-4191-9942-866AE557925D}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{3175A3AC-4D07-42C5-981E-61EE3A409EE6}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{5D5E4668-E8F3-4F48-B3D4-D3249F7E65ED}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{2CA1FB88-AFD4-4BB0-A06E-08B61DD45434}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [uDP Query User{714251DA-13C8-400C-A592-92C7EE9E2809}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{9A8051F1-2144-4A55-917F-F0FDE5C95092}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8ABCD385-EB84-400B-A1B6-EF7AF21DAD9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E326D1AE-915C-4265-8F72-37BEA7F188B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CC5547C-735B-4060-B6E4-31574C947877}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{256B4265-3BED-4A79-933F-010ED950F4F2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E5BD5108-1006-4A30-8D54-B9CAD3AA7E60}] => (Allow) LPort=2869
FirewallRules: [{899220E9-4FD6-4A89-8642-CB5A74AC6477}] => (Allow) LPort=1900
FirewallRules: [{42492713-D390-4594-8CDF-D2121743DB3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{55453A54-83C0-497C-870F-0DD9E4B8FBE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D64B4052-1444-45C5-861C-6FD5BF074748}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1D0EE55C-2382-47B1-AE44-FD6069685639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BE89438B-4E34-43F3-99B9-DF06696A40C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3A04773B-03D1-4227-AAC1-A04AA6415381}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AB88860A-1591-4553-ACAE-58971BE9DE60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{928B78FE-816F-44D0-B7F4-ABD46E405688}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9DC3D585-E5FF-48AD-8976-00C3514FAED9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F8D75AE-195C-46F2-8DF5-5D959EDDC398}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{42DF2176-AA1E-4A57-959B-260504C1C424}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7D27284F-AFD9-4C53-89BC-AA658B311F5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1DC77BFE-5DDD-4D86-A83D-EA9436115D58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1AFE21DE-487D-44DB-A7A3-F245FC1B91ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2A93D247-20C6-4B0E-8234-30D585222B61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3DAA966F-1350-4F1F-A36A-D181CFA43608}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{221B8C1A-F831-4073-B326-B62F4651549A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6569C553-EB4A-4ECC-9D3E-186BFC276509}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E776CCFA-C618-4524-89A7-71B638F5CB37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6C82FDE9-ADEA-4A62-A84E-5092F3A96D29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9E2A0EB8-62E8-4F24-8E75-D735EC129B23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C90E76D3-9899-406D-98B0-7D40BB7CA412}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4956225B-46EB-496B-ABEA-D4ECB6E505DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{AA29C572-CCC6-4D22-B136-8440B5CAD649}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{863D01B6-D54C-4984-84EE-3D516B636996}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{0CC6784F-1E20-482C-BE63-3C2791AAA15C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{11044A81-BCFF-4A7D-8236-56E4B1DC078B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{560D6425-F97C-488C-8810-AEB9F4E386CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{59257162-2BEC-4535-A47D-8A2E0EDD9BCC}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [uDP Query User{0B03E187-B849-44BC-B5DC-F16A611A51C9}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{330E1993-F622-4F32-9EE0-C4F780E5280D}] => (Allow) LPort=8888
FirewallRules: [{FD4F0A15-C96C-44CC-8D8E-91C313F58829}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{A3FF4632-EB12-4072-8CFA-373F49A62928}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{DDE0C810-3E4E-4C36-871E-F5DD3E03179D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{44536CC1-F693-456E-9133-ED99475906DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{6BBFAAD4-33C0-42BD-A26A-2FEF3F6E380C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{104F942C-82DE-41C4-9184-F7F02C0B9816}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{1355027E-2098-4743-8D30-C776D5AEF858}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{20911320-ED26-4EB4-BCCF-5DD2E1CD5BB1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{809F2C14-A582-4227-BD88-E3B5F9515E01}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{1B84ADDE-395B-4983-B36E-9CE39B9F5333}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{40AD3C4E-D76D-41B4-9105-07D36A2CF6E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A3E1D664-AD5E-41D3-91BF-3F9463650BDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{AB91D06D-F296-4950-A6E7-D0F9175C4FB8}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [uDP Query User{1D340022-718F-492B-B775-B34455BE1901}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [TCP Query User{54905437-458A-4216-AD53-036CAC232E21}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [uDP Query User{863EF665-F330-4DA1-9CE6-E68CABF06D3D}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [{681BADD1-A549-4B85-B68E-4EE74054E2A3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9B9289AA-1E39-40B4-9C55-575B4D4B4854}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F0233867-5A04-4298-8EFA-C47EBF960594}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

==================== Faulty Device Manager Devices =============

Name: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
Description: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Killer
Service: Ke2200
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 09:41:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iTunes.exe, version: 12.1.2.27, time stamp: 0x55236b62
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x44e4
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3
Faulting package full name: iTunes.exe4
Faulting package-relative application ID: iTunes.exe5

Error: (05/01/2015 09:41:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iTunes.exe, version: 12.1.2.27, time stamp: 0x55236b62
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x2c40
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3
Faulting package full name: iTunes.exe4
Faulting package-relative application ID: iTunes.exe5

Error: (05/01/2015 09:40:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iTunes.exe, version: 12.1.2.27, time stamp: 0x55236b62
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x16d4
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3
Faulting package full name: iTunes.exe4
Faulting package-relative application ID: iTunes.exe5

Error: (05/01/2015 09:39:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iTunes.exe, version: 12.1.2.27, time stamp: 0x55236b62
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x35bc
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3
Faulting package full name: iTunes.exe4
Faulting package-relative application ID: iTunes.exe5

Error: (05/01/2015 09:22:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingNews_8wekyb3d8bbwe!AppexNews failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingNews_8wekyb3d8bbwe!AppexNews failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/01/2015 08:38:59 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

System errors:
=============
Error: (05/01/2015 09:22:02 AM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexNews.AppXm7hnj7tzqqzrmb6spmf0x4fb91edcc71.mca

Error: (05/01/2015 08:52:07 AM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: App.AppXckhq7ex47a0jh2z0wj5cd086mqkeegzy.mca

Error: (05/01/2015 08:52:07 AM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexTravel.AppX1txy617paw32bwt6jvkgze7a08a7e8dv.mca

Error: (05/01/2015 08:52:07 AM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexSports.AppXzwt95zf827jx8vevssdmkdacbwrgjgeb.mca

Error: (05/01/2015 08:52:07 AM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexNews.AppXm7hnj7tzqqzrmb6spmf0x4fb91edcc71.mca

Error: (04/30/2015 00:22:12 AM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexSports.AppXzwt95zf827jx8vevssdmkdacbwrgjgeb.mca

Error: (04/30/2015 00:22:12 AM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexTravel.AppX1txy617paw32bwt6jvkgze7a08a7e8dv.mca

Error: (04/29/2015 11:52:11 PM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: App.AppXckhq7ex47a0jh2z0wj5cd086mqkeegzy.mca

Error: (04/29/2015 11:22:11 PM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexNews.AppXm7hnj7tzqqzrmb6spmf0x4fb91edcc71.mca

Error: (04/29/2015 10:22:09 PM) (Source: DCOM) (EventID: 10010) (User: Daniel-PC)
Description: AppexTravel.AppX1txy617paw32bwt6jvkgze7a08a7e8dv.mca

Microsoft Office Sessions:
=========================
Error: (05/01/2015 09:41:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iTunes.exe12.1.2.2755236b62unknown0.0.0.000000000c0000005000000000000000044e401d0841ce54ede00C:\Program Files\iTunes\iTunes.exeunknown23cf9b98-f010-11e4-bef8-bc855661d0ca

Error: (05/01/2015 09:41:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iTunes.exe12.1.2.2755236b62unknown0.0.0.000000000c000000500000000000000002c4001d0841cddcdcc1bC:\Program Files\iTunes\iTunes.exeunknown1cfa3362-f010-11e4-bef8-bc855661d0ca

Error: (05/01/2015 09:40:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iTunes.exe12.1.2.2755236b62unknown0.0.0.000000000c0000005000000000000000016d401d0841cb7f6efdeC:\Program Files\iTunes\iTunes.exeunknownf668d1da-f00f-11e4-bef8-bc855661d0ca

Error: (05/01/2015 09:39:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iTunes.exe12.1.2.2755236b62unknown0.0.0.000000000c0000005000000000000000035bc01d0841c9ab1aa7fC:\Program Files\iTunes\iTunes.exeunknownde4ae440-f00f-11e4-bef8-bc855661d0ca

Error: (05/01/2015 09:22:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927141

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927141

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927141

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927141

Error: (05/01/2015 08:52:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927141

Error: (05/01/2015 08:38:59 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

CodeIntegrity Errors:
===================================
  Date: 2015-03-29 22:19:48.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-29 20:58:19.820
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-18 20:42:56.277
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-04 18:47:36.280
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-04 18:44:01.854
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-04 10:33:22.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 22:18:02.877
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-11 21:03:34.917
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-11 18:58:21.761
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-03 19:50:34.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core i7-4800MQ CPU @ 2.70GHz
Percentage of memory in use: 17%
Total physical RAM: 16272.29 MB
Available physical RAM: 13383.82 MB
Total Pagefile: 21890.29 MB
Available Pagefile: 18420.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:421.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 683611C3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Hello drico2006! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
P2P/Piracy Warning:

If you're using Peer 2 Peer software such as BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

When you are ready, please generate new fresh FRST log files.

Link to post
Share on other sites

Hello, here is the fresh FRST log files.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Daniel (administrator) on DANIEL-PC on 03-05-2015 12:56:36
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available profiles: Daniel & DefaultAppPool)
Platform: Windows 8 Pro (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\Plantronics\GameCom780\GameCom780.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-28] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2859344 2012-07-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [shadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [776480 2013-05-09] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\Run: [bitTorrent] => C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe [1742936 2015-03-21] (BitTorrent Inc.)
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [175880 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175880 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-04-08] (NVIDIA Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-196365847-3672760997-2460973386-1000 -> {523A0814-2575-4BAA-9894-2246EF433D79} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-05-31] (Qualcomm Atheros Commnucations)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\d6slsw3d.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin-x32: @Webzen.com/NPBrowserExt -> C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll [2012-03-27] (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-196365847-3672760997-2460973386-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-23] (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-13]

Chrome:
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-16]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-16]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-16]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-16]
CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-16]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-16]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows ® Win 7 DDK provider) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-25] (Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3209160 2014-04-02] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [341504 2013-06-26] (Qualcomm Atheros) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3812048 2013-05-30] (Qualcomm Atheros, Inc.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 CrystalSysInfo; C:\Program Files\AudioCoder x64\SysInfoX64.sys [18128 2007-09-25] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-25] (Microsoft Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299664 2015-04-08] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PlantronicsGC; C:\Windows\system32\drivers\PLTGC.sys [1327104 2013-04-12] (C-Media Electronics Inc)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 VaneFltr; C:\Windows\system32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
S3 catchme; \??\C:\Uninstall.exe\catchme.sys [X]
U3 idsvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-03 12:56 - 2015-05-03 12:56 - 00021515 _____ () C:\Users\Daniel\Desktop\FRST.txt
2015-05-03 07:49 - 2015-05-03 07:49 - 00027998 _____ () C:\Users\Daniel\Documents\cc_20150503_074858.reg
2015-05-01 09:44 - 2015-05-01 09:44 - 02101248 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-04-29 19:48 - 2015-04-29 19:48 - 00000030 _____ () C:\Users\Daniel\Desktop\Track shipment.txt
2015-04-23 07:34 - 2015-04-23 07:34 - 00000000 ____D () C:\ProgramData\Battle.net
2015-04-23 07:24 - 2015-04-23 07:24 - 00001144 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2015-04-23 07:24 - 2015-04-23 07:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-04-21 08:51 - 2015-04-21 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-04-21 08:51 - 2015-04-21 08:51 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-04-21 08:49 - 2015-04-08 19:58 - 31570064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 30397072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 25375048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 24053576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 17176128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 15818528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 15716232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 14617288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 14006752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 12852784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 11380728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 10423952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-04-21 08:49 - 2015-04-08 19:58 - 02935416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 02896528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 02573456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01895568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435012.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435012.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01047368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 01037640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00970568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00962192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00499344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00402576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00346256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00299664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvkflt.sys
2015-04-21 08:49 - 2015-04-08 19:58 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-04-21 08:49 - 2015-04-08 19:58 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-04-15 13:43 - 2015-04-15 13:43 - 18178736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-04-11 14:19 - 2015-04-11 14:19 - 00000822 _____ () C:\Users\Daniel\Desktop\Detection Times for AAS.txt
2015-04-10 19:49 - 2015-04-10 19:49 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\Program Files\iTunes
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\Program Files\iPod
2015-04-10 19:49 - 2015-04-10 19:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-07 20:54 - 2015-04-07 20:54 - 00013312 ___SH () C:\Users\Daniel\Desktop\Thumbs.db
2015-04-04 13:48 - 2015-04-05 14:26 - 00000000 ____D () C:\Users\Daniel\Downloads\Heroes Season 1, 2, 3 & 4 + Extras BDRip TSV

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-03 12:56 - 2014-11-18 13:59 - 00000000 ____D () C:\FRST
2015-05-03 12:43 - 2013-09-22 13:46 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-03 12:43 - 2013-07-27 13:32 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-03 12:33 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-03 12:31 - 2014-06-25 20:53 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-03 08:34 - 2013-07-27 18:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-196365847-3672760997-2460973386-1000
2015-05-03 07:54 - 2013-11-24 14:57 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TS3Client
2015-05-03 07:54 - 2013-08-22 20:09 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Ventrilo
2015-05-03 07:54 - 2013-07-27 18:07 - 00000000 ____D () C:\WINDOWS\Minidump
2015-05-03 07:54 - 2013-07-27 14:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\BitTorrent
2015-05-03 07:54 - 2013-07-27 12:24 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashDumps
2015-05-03 07:50 - 2014-03-19 21:00 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net
2015-05-03 07:43 - 2014-10-23 15:40 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-03 07:42 - 2014-10-23 15:40 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-03 07:41 - 2013-07-27 18:16 - 01064738 ____N () C:\WINDOWS\WindowsUpdate.log
2015-05-03 07:20 - 2013-09-22 13:46 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-03 07:19 - 2013-07-27 18:09 - 00000000 ____D () C:\Users\Daniel
2015-05-02 20:51 - 2014-05-24 19:58 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-05-02 20:48 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-02 20:45 - 2012-07-26 02:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-01 09:50 - 2013-07-28 13:28 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Deployment
2015-04-29 19:10 - 2015-03-21 14:31 - 00032768 ___SH () C:\Users\Daniel\Downloads\Thumbs.db
2015-04-29 07:42 - 2012-07-26 02:28 - 00980582 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-25 13:20 - 2014-06-25 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-25 13:20 - 2014-06-25 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 13:20 - 2013-07-27 09:36 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-23 07:24 - 2014-03-19 21:00 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-21 08:51 - 2013-07-27 18:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-21 08:34 - 2013-08-22 12:14 - 00001377 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-21 08:33 - 2013-09-24 20:56 - 00001127 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2015-04-21 08:33 - 2013-09-24 20:56 - 00001062 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2015-04-21 08:33 - 2013-09-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-04-21 08:33 - 2013-08-27 17:30 - 00001611 _____ () C:\Users\Daniel\Desktop\DivX Movies.lnk
2015-04-21 08:33 - 2013-08-27 17:25 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-04-21 08:33 - 2013-08-27 17:23 - 00000000 ____D () C:\ProgramData\DivX
2015-04-15 13:43 - 2013-07-27 13:32 - 00003742 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 09:38 - 2014-06-25 20:53 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-06-25 20:53 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2013-07-27 09:36 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-10 19:49 - 2013-09-24 21:37 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-09 12:22 - 2013-07-29 00:14 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-04-08 19:58 - 2014-09-19 14:26 - 12689592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-04-08 19:58 - 2014-09-19 14:26 - 01086424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-04-08 19:58 - 2013-10-22 14:23 - 00927440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 03317344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-04-08 19:58 - 2013-07-27 18:30 - 00029329 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-04-08 16:30 - 2013-07-27 18:31 - 06841488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 03478344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 01047696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 00936264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-04-08 16:30 - 2013-07-27 18:31 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-04-08 16:30 - 2013-07-27 18:31 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-04-08 12:52 - 2013-07-27 18:31 - 04336074 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-04-07 23:19 - 2013-07-27 13:42 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2015-04-07 20:49 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

==================== Files in the root of some directories =======

2013-07-27 09:08 - 2013-07-27 19:11 - 0000000 _____ () C:\Users\Daniel\AppData\Local\BluetoothPresent.flag
2015-03-03 19:27 - 2015-03-03 19:27 - 0003584 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-27 09:08 - 2013-07-27 19:11 - 0000000 _____ () C:\Users\Daniel\AppData\Local\Driver_Jupiter_01Present.flag
2013-07-27 09:08 - 2013-07-27 19:11 - 0000000 _____ () C:\Users\Daniel\AppData\Local\Driver_LOM_8161Present.flag
2013-07-27 18:38 - 2013-07-27 19:01 - 0000955 _____ () C:\Users\Daniel\AppData\Local\killertool.log
2013-07-30 22:17 - 2013-07-30 22:17 - 0007628 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-27 16:29

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Daniel at 2015-05-03 12:57:10
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-196365847-3672760997-2460973386-500 - Administrator - Disabled)
Daniel (S-1-5-21-196365847-3672760997-2460973386-1000 - Administrator - Enabled) => C:\Users\Daniel
Guest (S-1-5-21-196365847-3672760997-2460973386-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-196365847-3672760997-2460973386-1006 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Mr. Robot Client (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\3630573967.www.askmrrobot.com) (Version:  - www.askmrrobot.com)
AudioCoder x64 0.8.22 (HKLM-x32\...\AudioCoder x64) (Version: 0.8.22 - Broad Intelligence)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Curse Client (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ETDWare PS/2-X64 11.13.0.2_WHQL (HKLM\...\Elantech) (Version: 11.13.0.2 - ELAN Microelectronic Corp.)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FlacSquisher 1.0.13 (HKLM-x32\...\FlacSquisher) (Version: 1.0.13 - FlacSquisher)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iExplorer 3.3.2.1 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mu_Rebirth (HKLM-x32\...\{60C622A1-692A-440B-B115-DBF8811DC59E}) (Version: 0.01 - )
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 3.10.0001 - Plantronics)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.228 - Qualcomm Atheros Communications) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{A0F333BA-7846-473A-B8D7-1F7618ECCAA4}) (Version: 1.0.25.1224 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 3.0.2 - UNKNOWN)
Warcraft Logs Uploader (x32 Version: 3.0.2 - UNKNOWN) Hidden
WEBZEN Browser Extension (HKLM-x32\...\{95723791-2C44-454B-9220-C65D47D70E9C}) (Version: 1.12.010 - WEBZEN)
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB  (04/21/2011 01.0.0.0) (HKLM\...\BEA7B05370C19B9C86893BB484FD6B9CC52B0CD8) (Version: 04/21/2011 01.0.0.0 - Cambridge Silicon Radio Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-196365847-3672760997-2460973386-1000_Classes\CLSID\{820b44b6-dd3f-4cb3-940c-68fca9a2c934}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

11-04-2015 11:41:50 Scheduled Checkpoint
21-04-2015 08:25:25 Scheduled Checkpoint
01-05-2015 09:24:12 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 00:26 - 2014-10-24 13:31 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02653D78-AD69-4921-B89F-B8B86780681A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0BDC8FCF-3594-4B83-9986-516F1174D733} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {19265FD1-A084-4EE7-8172-2A0B8B934CA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {1E489C07-1F09-422E-9A81-AEC10C97FD9B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {290CF274-1325-4DFC-A5E4-C4A5067AC9B6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {2D29CC86-34F2-4F69-8605-176C2E5B23F0} - System32\Tasks\{4580278E-D5E0-4967-80DD-262E5D01AED7} => pcalua.exe -a "C:\Program Files (x86)\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert II\RA2\RA2MD.exe" -d C:\WINDOWS\system32
Task: {2E06A651-3E57-4B50-9FCB-A617BFFDD6FB} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {31F49C3C-433A-43B3-B1EA-1B5F30A0F813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {322A173A-14EE-4F37-AC7B-FF001C5D0F70} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {367ADBF3-B597-42E1-B1B0-2A48478A4E5E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3CA5EA69-E033-4A6A-9A27-B64AD5EEDE26} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {44F3E536-2D39-4FE8-A40C-D12F9E216A11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4DDB8D02-A3BD-4FEF-A943-5E7B73E40583} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {56FB8818-3025-4DE3-9505-0DE53E318FD0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {62F8D865-198A-4A52-A807-F7609A262400} - System32\Tasks\{5B7CC93C-B090-402C-AACC-837629649F79} => pcalua.exe -a "C:\Program Files (x86)\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert II\RA2\YURI.exe" -d "C:\Program Files (x86)\EA Games\Command & Conquer The First Decade\Command & Conquer Red Alert II\RA2" -c -win
Task: {6C19B6FF-0310-4830-AA15-04B498AC18DE} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install => C:\WINDOWS\system32\NotificationUI.exe [2014-08-20] (Microsoft Corporation)
Task: {6E2461F0-ECD7-4826-B8B9-28DD739A7A5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {74FD313D-575F-4DE7-80F4-D4C39C6DE795} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7509B393-9DDE-4336-BF84-1FDAD82B1752} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {7AA53D05-B6A3-4BB2-B445-926BF3703B0A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8DFAF93D-DD41-4CBC-B022-76399F14C831} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {94234102-35B4-4138-A53F-D7118A544AEF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {997DB911-161F-4554-89F1-49D8CE03D964} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {A1C3BB68-E156-4088-B081-351940B71820} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {A900B1E6-4B4D-40A2-9DDA-C42A2284B408} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AC03F885-6DC8-4FF1-8F31-85B8FE69FB7B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {AC835453-9B6C-44DC-A998-67F356DB2DC3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {AF3524C6-AC6B-4BFA-8278-CB6FC61EB553} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B8F196B8-CE71-4CE5-AA14-DDCC33066BE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.)
Task: {B8FFFA86-F666-41AC-99A7-6A00EBFF2595} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {CC8EB555-7CC5-467F-83BB-F1C300413B84} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {D4F2EF8C-B890-4BF2-9875-93F062B6140A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E3ED0271-5698-4851-A4C0-02FFC5E9DB5D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {E89FD082-E8F2-4885-BA00-9FECDA6514C8} - System32\Tasks\Microsoft\Windows\Setup\Windows Setup Resume Task => C:\$Windows.~BT\Sources\SetupHost.Exe [2014-09-18] (Microsoft Corporation)
Task: {EF62F2CE-64C0-4F49-8A4D-9C53ACE0CD7F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {FC9BC9B4-2B6C-47B3-BED4-B890CEB6457C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-22 14:23 - 2015-04-08 19:58 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-07-27 18:31 - 2015-04-08 16:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-07-14 23:44 - 2010-07-14 23:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-02-07 22:16 - 2013-05-09 17:55 - 00776480 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe
2014-01-10 00:26 - 2014-01-10 00:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-07-27 18:24 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-07 22:16 - 2013-05-09 17:55 - 00149792 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll
2014-01-10 00:28 - 2014-01-10 00:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-196365847-3672760997-2460973386-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\StartupApproved\Run: => "NETGEARGenie"
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\StartupApproved\Run: => "BitTorrent"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{9BFD4736-947D-42D0-831A-BA431B2CD10A}] => (Allow) C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1D83BEE7-03E5-433C-9B85-D31EF95DA218}] => (Allow) C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F785DC0C-B29A-4867-9B08-17B42FB8B09F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9C7B37B4-1685-4F4D-8595-E3C5034586CC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E48C927B-0297-4542-9497-9FF2614E48C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B96CDD2C-32E4-4531-B5E9-BBB47F190347}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E761F978-F3A9-40B0-80A6-B1A0561863B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0A3C5988-DAD4-4237-865E-E994FA9D4895}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{CB6CDE5E-99F9-4C4C-9B87-43DAE4C828BE}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{6577C9EC-6C15-4D7C-8F63-1A6F89397B0E}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{5B2FE9BB-CC60-4FF8-9B0C-98FAFA9DDF5B}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{171CC118-07C7-4EA1-A6B6-8E907DA436C0}] => (Allow) C:\Program Files\Microsoft Office\Office14\outlook.exe
FirewallRules: [TCP Query User{BC2471C4-6727-4706-969E-8FD6DE5FB8BC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [uDP Query User{AB927D85-3E16-4F01-85CF-D593595D5E3E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{2577C715-73BB-42D8-8CE3-9283AB6B267D}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{B977D3B4-2404-4FFF-8B10-F5D4650AFC36}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{24E05929-DC4F-4DB6-B164-9BE2A2602866}C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe] => (Allow) C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe
FirewallRules: [uDP Query User{6728CC98-9623-4308-B0E1-8F0EBA5FC109}C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe] => (Allow) C:\program files (x86)\ea games\command & conquer the first decade\command & conquer red alert ii\ra2\gamemd.exe
FirewallRules: [{C9D7EF9D-D194-4EEE-B544-255E4FE5F60E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B311FD3B-E3E0-491D-BD32-97D46366B8B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BA1D6ACF-0B53-4403-8B98-6BBA99EA24FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{51B27D98-34F4-4EAE-8BB3-36E156ED7C2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5E57474B-926E-4EED-8003-D015A73438E8}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{F8BDEDE6-3DDF-4716-80E5-707AC2F43E7F}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{6CADE336-2B38-4C9E-925D-F3BF4AA9FD6A}] => (Allow) C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe
FirewallRules: [{0D5B1CF3-C3D8-4B99-B794-97305C451A52}] => (Allow) C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe
FirewallRules: [{682F69AD-A54E-414D-A316-F89C5181CF88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EF81BF88-5233-43AB-98FA-1BC1C63460DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{55E6D273-CA37-4D7E-A4AD-7661B3C6D8DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D953AD0C-8C8F-425F-93EE-767412F4EBD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{664800A5-5F62-4CB9-8655-C984745BA72A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{80BBBC0E-CAB8-4191-9942-866AE557925D}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{3175A3AC-4D07-42C5-981E-61EE3A409EE6}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{5D5E4668-E8F3-4F48-B3D4-D3249F7E65ED}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{2CA1FB88-AFD4-4BB0-A06E-08B61DD45434}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [uDP Query User{714251DA-13C8-400C-A592-92C7EE9E2809}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{9A8051F1-2144-4A55-917F-F0FDE5C95092}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8ABCD385-EB84-400B-A1B6-EF7AF21DAD9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E326D1AE-915C-4265-8F72-37BEA7F188B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CC5547C-735B-4060-B6E4-31574C947877}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{256B4265-3BED-4A79-933F-010ED950F4F2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E5BD5108-1006-4A30-8D54-B9CAD3AA7E60}] => (Allow) LPort=2869
FirewallRules: [{899220E9-4FD6-4A89-8642-CB5A74AC6477}] => (Allow) LPort=1900
FirewallRules: [{42492713-D390-4594-8CDF-D2121743DB3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{55453A54-83C0-497C-870F-0DD9E4B8FBE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D64B4052-1444-45C5-861C-6FD5BF074748}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1D0EE55C-2382-47B1-AE44-FD6069685639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BE89438B-4E34-43F3-99B9-DF06696A40C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3A04773B-03D1-4227-AAC1-A04AA6415381}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AB88860A-1591-4553-ACAE-58971BE9DE60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{928B78FE-816F-44D0-B7F4-ABD46E405688}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9DC3D585-E5FF-48AD-8976-00C3514FAED9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F8D75AE-195C-46F2-8DF5-5D959EDDC398}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{42DF2176-AA1E-4A57-959B-260504C1C424}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7D27284F-AFD9-4C53-89BC-AA658B311F5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1DC77BFE-5DDD-4D86-A83D-EA9436115D58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1AFE21DE-487D-44DB-A7A3-F245FC1B91ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2A93D247-20C6-4B0E-8234-30D585222B61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3DAA966F-1350-4F1F-A36A-D181CFA43608}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{221B8C1A-F831-4073-B326-B62F4651549A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6569C553-EB4A-4ECC-9D3E-186BFC276509}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E776CCFA-C618-4524-89A7-71B638F5CB37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6C82FDE9-ADEA-4A62-A84E-5092F3A96D29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9E2A0EB8-62E8-4F24-8E75-D735EC129B23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C90E76D3-9899-406D-98B0-7D40BB7CA412}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{59257162-2BEC-4535-A47D-8A2E0EDD9BCC}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [uDP Query User{0B03E187-B849-44BC-B5DC-F16A611A51C9}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{330E1993-F622-4F32-9EE0-C4F780E5280D}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{AB91D06D-F296-4950-A6E7-D0F9175C4FB8}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [uDP Query User{1D340022-718F-492B-B775-B34455BE1901}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [TCP Query User{54905437-458A-4216-AD53-036CAC232E21}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [uDP Query User{863EF665-F330-4DA1-9CE6-E68CABF06D3D}C:\program files (x86)\webzen\mu_rebirth\main.exe] => (Allow) C:\program files (x86)\webzen\mu_rebirth\main.exe
FirewallRules: [{681BADD1-A549-4B85-B68E-4EE74054E2A3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9B9289AA-1E39-40B4-9C55-575B4D4B4854}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F0233867-5A04-4298-8EFA-C47EBF960594}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

==================== Faulty Device Manager Devices =============

Name: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
Description: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Killer
Service: Ke2200
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2015 00:51:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [5]

Error: (05/03/2015 11:50:34 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 08:50:27 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 07:19:48 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 00:21:06 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/02/2015 10:52:24 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/02/2015 10:16:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingSports_8wekyb3d8bbwe!AppexSports failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/02/2015 10:16:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/02/2015 09:51:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/02/2015 09:27:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Activation of app Microsoft.BingNews_8wekyb3d8bbwe!AppexNews failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (05/03/2015 07:36:02 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:36:02 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:32:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:31:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:31:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:31:56 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:31:56 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:30:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:30:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Error: (05/03/2015 07:30:57 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 49.

Microsoft Office Sessions:
=========================
Error: (05/03/2015 00:51:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [5]

Error: (05/03/2015 11:50:34 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 08:50:27 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 07:19:48 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 00:21:06 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/02/2015 10:52:24 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/02/2015 10:16:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927141

Error: (05/02/2015 10:16:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel-2144927141

Error: (05/02/2015 09:51:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927141

Error: (05/02/2015 09:27:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Daniel-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927141

CodeIntegrity Errors:
===================================
  Date: 2015-03-29 22:19:48.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-29 20:58:19.820
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-18 20:42:56.277
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-04 18:47:36.280
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-04 18:44:01.854
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-04 10:33:22.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-17 22:18:02.877
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-11 21:03:34.917
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-11 18:58:21.761
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-03 19:50:34.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core i7-4800MQ CPU @ 2.70GHz
Percentage of memory in use: 16%
Total physical RAM: 16272.29 MB
Available physical RAM: 13619.46 MB
Total Pagefile: 21890.29 MB
Available Pagefile: 19094.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:424.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 683611C3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

fixlist.txt

Link to post
Share on other sites

Ok, here is the fixlog.txt

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2015 01
Ran by Daniel at 2015-05-03 13:47:50 Run:1
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available profiles: Daniel & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
FirewallRules: [{9BFD4736-947D-42D0-831A-BA431B2CD10A}] => (Allow) C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1D83BEE7-03E5-433C-9B85-D31EF95DA218}] => (Allow) C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe
2015-05-03 07:54 - 2013-07-27 14:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\BitTorrent
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\...\Run: [bitTorrent] => C:\Users\Daniel\AppData\Roaming\BitTorrent\BitTorrent.exe [1742936 2015-03-21] (BitTorrent Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-196365847-3672760997-2460973386-1000 -> {523A0814-2575-4BAA-9894-2246EF433D79} URL =
EmptyTemp:
Reboot:
end
*****************

Processes closed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BFD4736-947D-42D0-831A-BA431B2CD10A} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D83BEE7-03E5-433C-9B85-D31EF95DA218} => value deleted successfully.
C:\Users\Daniel\AppData\Roaming\BitTorrent => Moved successfully.
HKU\S-1-5-21-196365847-3672760997-2460973386-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-196365847-3672760997-2460973386-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-196365847-3672760997-2460973386-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{523A0814-2575-4BAA-9894-2246EF433D79}" => Key deleted successfully.
HKCR\CLSID\{523A0814-2575-4BAA-9894-2246EF433D79} => Key not found.
EmptyTemp: => Removed 19.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog 13:47:55 ====

Link to post
Share on other sites

Step 1

Please launch Malwarebytes' Anti-Malware, update it and perform a threat scan. Post the log file in your next reply.

Step 2

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
In your next reply, post the following log files:
  • Malwarebytes' Anti-Malware log
  • ESET Online Scanner log
Link to post
Share on other sites

Sorry for the long reply... Here is the malwarebytes log.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/3/2015
Scan Time: 5:12:42 PM
Logfile: malwarebytes log.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.03.06
Rootkit Database: v2015.04.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Daniel

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 424228
Time Elapsed: 15 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

The ESET Online scanner finished and found no threats. There was "List Threats" to click, and I didn't see an Export button aswell. The only there is, is a checkbox that says "Uninstall application on close" and then there is a "Finish" button

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.