PDA

View Full Version : my farbar report, please help :)



ShadyMike
2015-01-08, 00:14
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by Mike (administrator) on GAMINGDT on 06-01-2015 16:32:08
Running from C:\Users\Mike\Desktop
Loaded Profile: Mike (Available profiles: Mike)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(AVM Software Inc.) C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-27] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-05-16] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2567192 2014-06-25] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [765048 2014-09-02] (Webroot)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2561848 2014-12-10] (Malwarebytes Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [9882448 2014-10-06] (Visicom Media Inc.)
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\Run: [Spotify] => C:\Users\Mike\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\MountPoints2: {7fa67075-78fb-11e3-be90-d43d7edc1b53} - "D:\LaunchU3.exe" -a
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\MountPoints2: {f9cb0db4-a47e-11e3-bea2-d43d7edc1b53} - "D:\MotorolaDeviceManagerSetup.exe" -a
AppInit_DLLs: C:\Users\Mike\AppData\Local\Linkey\IEEXTE~1\ietlb64.dll => C:\Users\Mike\AppData\Local\Linkey\IEEXTE~1\ietlb64.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-1604162695-591277231-4055239372-1002] => Internet Explorer proxy is enabled.
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blackle.com/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.599\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.7.599\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.599\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-1604162695-591277231-4055239372-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1604162695-591277231-4055239372-1002 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wlidNSP.dll [49664] (Microsoft Corporation)
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [49664] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\WINDOWS\system32\wlidnsp.dll [73216] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [73216] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default
FF SearchEngineOrder.1: default-search.net
FF Homepage: hxxp://astroempires.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default\user.js
FF Extension: LastPass - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default\Extensions\support@lastpass.com [2014-12-31]
FF Extension: Yahoo! Toolbar - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-09-17]
FF Extension: Webroot Password Manager - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2014-07-15]
FF Extension: Astroempires Angel (w/DSIS) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default\Extensions\{A143C337-CA7A-4348-8AB6-CDE6E91EDB39} [2014-12-08]
FF Extension: Adblock Plus - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.599
FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.599 [2014-06-25]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-07-15]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-01]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Yahoo Extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-09-17]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-03-05]
CHR Extension: (Overhaul) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnnljphfgfobhobaedphncakfgcepbdd [2013-08-15]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-07-15]
CHR Extension: (AVG SafeGuard) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-09-09]
CHR Extension: (Google Wallet) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.40.crx [2014-08-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-07-02] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-02-11] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1807896 2014-06-25] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [765048 2014-09-02] (Webroot)
R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-06-25] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2014-12-10] ()
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-06] ()
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2014-11-09] (Webroot)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 16:32 - 2015-01-06 16:32 - 00028895 _____ () C:\Users\Mike\Desktop\FRST.txt
2015-01-06 16:30 - 2015-01-06 16:32 - 00000000 ____D () C:\FRST
2015-01-06 16:29 - 2015-01-06 16:30 - 02123776 _____ (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2015-01-06 16:23 - 2015-01-06 16:23 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-GAMINGDT-Microsoft-Windows-8.1-(64-bit).dat
2015-01-06 16:22 - 2015-01-06 16:22 - 00002251 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-06 16:22 - 2015-01-06 16:22 - 00000000 ____D () C:\RegBackup
2015-01-06 16:22 - 2015-01-06 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-06 16:22 - 2015-01-06 16:22 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-06 16:17 - 2015-01-06 16:19 - 04215584 _____ () C:\Users\Mike\Desktop\tweaking.com_registry_backup_setup.exe
2015-01-06 04:36 - 2015-01-06 04:36 - 01055936 _____ (Adobe) C:\Users\Mike\Downloads\install_flashplayer16x32_mssa_aaa_aih(1).exe
2015-01-06 04:35 - 2015-01-06 04:35 - 01055936 _____ (Adobe) C:\Users\Mike\Downloads\install_flashplayer16x32_mssa_aaa_aih.exe
2015-01-06 00:23 - 2015-01-06 00:23 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-01-02 04:56 - 2015-01-02 04:56 - 00003080 _____ () C:\WINDOWS\System32\Tasks\{A0E30F5E-C064-4900-BAF9-C8F449B89A59}
2015-01-02 02:02 - 2015-01-06 09:44 - 00004970 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GAMINGDT-Mike gamingdt
2015-01-02 00:12 - 2015-01-02 00:41 - 159747880 _____ (AVG Technologies) C:\Users\Mike\Downloads\avg_free_x86_all_2015_5645a8758.exe
2015-01-01 22:21 - 2015-01-01 22:21 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\AVG2015
2015-01-01 22:11 - 2015-01-01 22:11 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-01 22:09 - 2015-01-01 22:14 - 00000000 ___HD () C:\$AVG
2015-01-01 22:09 - 2015-01-01 22:13 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-01 21:44 - 2015-01-01 23:36 - 00000000 ____D () C:\Users\Mike\AppData\Local\Avg2015
2015-01-01 21:36 - 2015-01-01 21:42 - 172583240 _____ (AVG Technologies) C:\Users\Mike\Downloads\avg_free_x64_all_2015_5645a8758.exe
2015-01-01 21:22 - 2015-01-01 21:22 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-01 21:22 - 2015-01-01 21:22 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-01 21:16 - 2015-01-06 15:43 - 00000451 _____ () C:\WINDOWS\wininit.ini
2015-01-01 21:11 - 2015-01-01 21:13 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mike\Downloads\spybot-2.4(1).exe
2015-01-01 20:23 - 2015-01-01 20:23 - 02073112 _____ (Trend Micro Inc.) C:\Users\Mike\Downloads\HousecallLauncher.exe
2015-01-01 20:23 - 2015-01-01 20:23 - 00000036 _____ () C:\Users\Mike\AppData\Local\housecall.guid.cache
2015-01-01 09:01 - 2015-01-01 10:14 - 00000000 ____D () C:\Users\Mike\AppData\Local\ManyCam
2015-01-01 09:01 - 2015-01-01 09:01 - 00001027 _____ () C:\Users\Public\Desktop\ManyCam.lnk
2015-01-01 09:01 - 2015-01-01 09:01 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\ManyCam
2015-01-01 09:01 - 2015-01-01 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2015-01-01 09:00 - 2015-01-01 09:01 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2015-01-01 09:00 - 2015-01-01 09:00 - 00000000 ____D () C:\ProgramData\ManyCam
2015-01-01 08:57 - 2015-01-01 08:58 - 42501864 _____ (Visicom Media Inc.) C:\Users\Mike\Downloads\ManyCamSetup_v4.0.110.exe
2015-01-01 08:56 - 2015-01-01 08:56 - 00217904 _____ () C:\Users\Mike\Downloads\ManyCamWebInstaller(1).exe
2015-01-01 08:53 - 2015-01-01 08:53 - 00217904 _____ () C:\Users\Mike\Downloads\ManyCamWebInstaller.exe
2015-01-01 05:26 - 2015-01-01 05:26 - 01080608 _____ (Unity Technologies ApS) C:\Users\Mike\Downloads\UnityWebPlayer.exe
2015-01-01 04:25 - 2015-01-01 04:25 - 00000000 __SHD () C:\Users\Mike\AppData\Local\EmieBrowserModeList
2015-01-01 03:32 - 2015-01-01 03:32 - 00002232 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2015-01-01 03:32 - 2015-01-01 03:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-01-01 03:30 - 2015-01-01 03:30 - 00880784 _____ (Google Inc.) C:\Users\Mike\Downloads\GoogleEarthSetup.exe
2014-12-30 16:59 - 2014-12-30 16:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-12-29 16:34 - 2014-12-29 16:35 - 02980680 _____ (Odem Mortis ) C:\Users\Mike\Downloads\OMC_ModPack_Installer(4).exe
2014-12-29 16:06 - 2014-12-29 16:06 - 00002149 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-29 16:05 - 2014-12-12 18:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-29 16:04 - 2014-12-13 04:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-29 16:04 - 2014-12-13 04:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-29 16:04 - 2014-12-13 04:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-29 16:04 - 2014-10-09 11:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-29 16:04 - 2014-10-09 11:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-29 16:04 - 2014-10-09 01:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-29 16:01 - 2015-01-01 09:01 - 00000117 _____ () C:\WINDOWS\setupact.log
2014-12-29 16:01 - 2014-12-29 16:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-12-29 16:01 - 2014-11-22 04:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-29 16:01 - 2014-11-22 04:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-28 19:56 - 2015-01-06 14:23 - 00762931 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-28 01:34 - 2015-01-06 00:14 - 00012932 _____ () C:\WINDOWS\PFRO.log
2014-12-16 00:52 - 2015-01-06 11:07 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-12-16 00:52 - 2014-12-16 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-12-16 00:52 - 2014-12-16 00:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-12-16 00:51 - 2014-12-16 00:51 - 02967032 _____ (Malwarebytes ) C:\Users\Mike\Downloads\mbae-setup-1.05.1.1016.exe
2014-12-12 23:43 - 2014-11-26 15:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-12 23:43 - 2014-11-26 15:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 23:38 - 2014-12-12 23:38 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-11 12:56 - 2014-10-30 16:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-11 12:56 - 2014-10-30 16:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 08:22 - 2014-11-09 20:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 08:22 - 2014-11-09 19:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 08:22 - 2014-10-30 17:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 08:22 - 2014-10-30 17:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 08:10 - 2014-12-03 17:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 08:10 - 2014-12-03 17:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 08:10 - 2014-12-02 17:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 08:10 - 2014-12-02 17:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 08:10 - 2014-12-02 17:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 08:10 - 2014-12-02 17:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 08:10 - 2014-12-02 17:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 08:10 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 08:10 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 08:10 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 08:10 - 2014-11-21 20:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 08:10 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 08:10 - 2014-11-21 20:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 08:10 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 08:10 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 08:10 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 08:10 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 08:10 - 2014-11-21 20:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 08:10 - 2014-11-21 20:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 08:10 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 08:10 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 08:10 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 08:10 - 2014-11-21 19:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 08:10 - 2014-11-21 19:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 08:10 - 2014-11-21 19:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 08:10 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 08:10 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 08:10 - 2014-11-21 19:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 08:10 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 08:10 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 08:10 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 08:10 - 2014-11-21 19:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 08:10 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 08:10 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 08:10 - 2014-11-21 19:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 08:10 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 08:10 - 2014-11-21 19:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 08:10 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 08:10 - 2014-11-21 19:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 08:10 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 08:10 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 08:10 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 08:10 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 08:10 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 08:10 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 08:10 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 08:10 - 2014-11-06 22:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 08:10 - 2014-11-06 21:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 08:10 - 2014-10-31 17:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 08:10 - 2014-10-31 17:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 08:10 - 2014-10-12 20:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 08:10 - 2014-10-12 20:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 08:10 - 2014-10-12 20:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 08:10 - 2014-10-12 20:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-09 20:43 - 2014-06-01 18:21 - 02510528 _____ (Sysinternals - www.sysinternals.com) C:\Users\Mike\Desktop\Procmon.exe
2014-12-09 20:35 - 2013-08-22 07:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20141209-203514.backup
2014-12-09 20:28 - 2013-08-22 07:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20141209-202847.backup
2014-12-09 20:19 - 2013-08-22 07:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20141209-201928.backup
2014-12-09 20:18 - 2013-08-22 07:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20141209-201806.backup
2014-12-08 21:24 - 2014-12-08 21:24 - 00260888 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2014-12-08 12:08 - 2014-11-12 18:20 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434475.dll
2014-12-08 12:08 - 2014-11-12 18:20 - 01540424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434475.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 16:27 - 2013-08-14 20:47 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604162695-591277231-4055239372-1002
2015-01-06 16:21 - 2014-01-14 05:51 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Skype
2015-01-06 16:09 - 2013-09-12 21:42 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-06 16:02 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-06 15:58 - 2013-08-08 11:32 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 15:46 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-06 15:43 - 2014-10-20 20:24 - 00000000 ____D () C:\Program Files (x86)\Convert Files for Free
2015-01-06 14:08 - 2014-11-07 09:34 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-06 13:56 - 2013-08-14 21:45 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-06 13:33 - 2014-07-14 13:17 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-06 13:09 - 2013-08-14 23:03 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Spotify
2015-01-06 11:38 - 2014-01-07 15:18 - 00003778 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B8A09453-0E38-4113-AD41-4ADCCD2DF31C}
2015-01-06 03:32 - 2013-08-14 23:05 - 00000000 ____D () C:\Users\Mike\AppData\Local\Spotify
2015-01-06 00:28 - 2013-09-29 22:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-06 00:24 - 2014-10-01 14:01 - 00000000 ____D () C:\Users\Mike\Tracing
2015-01-06 00:24 - 2013-12-11 15:58 - 00000000 __RDO () C:\Users\Mike\SkyDrive
2015-01-06 00:24 - 2013-08-08 11:32 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 00:23 - 2013-12-11 15:31 - 00000000 ____D () C:\Users\Mike
2015-01-06 00:23 - 2013-08-08 11:48 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-01-06 00:22 - 2013-12-11 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-06 00:22 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-03 20:31 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-03 19:01 - 2013-08-15 12:18 - 00000000 ____D () C:\ProgramData\WRData
2015-01-02 04:00 - 2014-03-31 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-02 02:10 - 2014-11-07 09:34 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-01 22:27 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-01 21:52 - 2013-08-14 21:50 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-01 20:25 - 2014-07-14 13:17 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-01 04:02 - 2013-08-20 13:18 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\TS3Client
2015-01-01 03:32 - 2013-08-14 21:32 - 00000000 ____D () C:\Users\Mike\AppData\Local\Google
2015-01-01 03:32 - 2013-08-08 11:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-29 16:54 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-29 16:49 - 2014-10-16 22:08 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2014-12-29 16:49 - 2014-10-16 22:04 - 00001139 _____ () C:\Users\Public\Desktop\OMC ModPack Update- ReConfigure.lnk
2014-12-29 16:35 - 2014-10-16 22:04 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2014-12-29 16:35 - 2014-10-16 22:04 - 00000000 ____D () C:\Program Files (x86)\OMC ModPack Client
2014-12-29 16:06 - 2013-08-08 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-28 01:14 - 2013-12-27 00:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-28 01:14 - 2013-08-14 22:13 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\uTorrent
2014-12-27 17:47 - 2014-09-18 06:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-27 17:47 - 2014-01-14 05:51 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 16:26 - 2014-03-27 13:58 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-16 08:41 - 2013-08-22 08:45 - 00000000 ____D () C:\WINDOWS\Setup
2014-12-13 04:08 - 2014-10-22 16:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 04:08 - 2014-04-08 23:21 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 04:08 - 2013-10-27 09:12 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 04:08 - 2013-10-27 09:12 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 04:08 - 2013-10-27 09:12 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 04:08 - 2013-10-27 09:12 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 04:08 - 2013-08-08 11:45 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-13 04:08 - 2013-08-08 11:45 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-13 02:03 - 2013-12-11 15:28 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 02:03 - 2013-12-11 15:28 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 02:03 - 2013-12-11 15:28 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 02:03 - 2013-12-11 15:28 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 02:03 - 2013-12-11 15:28 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 02:03 - 2013-12-11 15:28 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-12 23:38 - 2014-07-11 11:46 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 23:38 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 23:38 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 23:38 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 23:38 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-12 18:12 - 2014-06-30 17:04 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-12 18:12 - 2014-06-30 17:04 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-12 18:12 - 2013-12-11 17:21 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-12 18:12 - 2013-12-11 17:21 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-12 17:11 - 2013-12-11 15:28 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 12:59 - 2013-08-15 12:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 12:56 - 2013-08-15 12:11 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 14:30 - 2013-12-01 18:43 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\XBMC
2014-12-11 00:38 - 2013-12-20 20:38 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Xfire
2014-12-11 00:38 - 2013-12-20 20:38 - 00000000 ____D () C:\ProgramData\Xfire
2014-12-11 00:35 - 2013-12-20 20:38 - 00000000 ____D () C:\Program Files (x86)\Xfire2
2014-12-10 16:42 - 2014-02-11 13:27 - 00000000 ____D () C:\ProgramData\Origin
2014-12-10 08:02 - 2013-08-08 11:32 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-09 12:09 - 2013-09-12 21:42 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-08 12:09 - 2013-12-11 15:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-08 11:29 - 2013-08-22 08:44 - 00520800 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-08 11:27 - 2013-08-20 11:35 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-07 20:54 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-07 20:54 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-07 20:54 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:54 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:54 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-07 20:54 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

Some content of TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\WRupdate141124968.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate141138281.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate159294593.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate159304093.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate2562468.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate2574187.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate26011437.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate26023687.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate491125.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate512421.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate56002875.exe
C:\Users\Mike\AppData\Local\Temp\WRupdate56018421.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-05-07 10:55

==================== End Of Log ============================

and the additional:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by Mike at 2015-01-06 16:32:48
Running from C:\Users\Mike\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Disabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Disabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.599 - AVG Technologies)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.15221 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
COWON Media Center - jetAudio Plus VX (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.11 - COWON)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 1.0.0.222 - Electronic Arts)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.6.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.0 - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyCam 4.0.110 (HKLM-x32\...\ManyCam) (Version: 4.0.110 - Visicom Media Inc.)
MechWarrior Online (HKLM-x32\...\{6e1168d7-2c3b-442d-99b0-e3d234179efc}) (Version: 1.4.2.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 6.2 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MultiBit 0.5.16 (HKLM-x32\...\MultiBit 0.5.16) (Version: 0.5.16 - )
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OMC ModPack Client version 1.1.11.6 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.1.11.6 - Odem Mortis)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
Paltalk Messenger 11.4 (HKLM-x32\...\Paltalk Messenger) (Version: 11.4.564.16415 - AVM Software Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version: - )
Spotify (HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.4.123 - Webroot)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version: - Wargaming.net)
XBMC (HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\XBMC) (Version: - Team XBMC)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version: - )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1604162695-591277231-4055239372-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

07-12-2014 19:08:50 Windows Update
12-12-2014 12:50:27 Windows Update
29-12-2014 16:54:05 Windows Update
31-12-2014 00:39:39 MechWarrior Online
01-01-2015 21:51:40 Installed AVG 2015
01-01-2015 22:09:10 Installed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02ADB99C-0F66-4DF7-9B33-8AEA80BDAB4A} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {21BF8C41-AB61-44F6-A05D-F8E16245BB5F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {3243135E-D5E2-48F8-B71F-17ABCB11D26A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {3741BEB5-282F-4F93-A8B7-CC1900BFF353} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {548F91B5-76FE-4A66-A5EA-FDF561E238A8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for GAMINGDT-Mike gamingdt => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {8319FC22-9C38-46B9-86B6-1CE13E4AFBA4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8C8BE2B1-56C5-4182-80D8-3B33B1E1E34A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {A4AE1C1A-FFF9-4410-ABC7-06BB514D34C9} - System32\Tasks\{A0E30F5E-C064-4900-BAF9-C8F449B89A59} => Firefox.exe http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsWLM
Task: {A777F7C0-BF1F-476E-BD22-1131842DF513} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {AA88AB53-2FB5-46CB-B92F-3B983FD1A3EB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {B3915F3C-F9EA-4575-A739-73E0E59AE4C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {BAC227F4-C8F8-4BED-BDBB-89412A3F3232} - \PastaQuotes No Task File <==== ATTENTION
Task: {C3E649FC-0413-42FB-B00D-0E68614829C2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1604162695-591277231-4055239372-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {CB4BC690-A7AC-405E-9452-F79BF83B786C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {D2C0EE95-5C01-436D-ABF5-C0A0CE6E8B7F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {DDE905D6-DBF5-440B-874A-64BDBB2EFE36} - System32\Tasks\IEError => C:\Program Files (x86)\Portable Booster\IEError.exe
Task: {DF57FEC2-2EF4-495D-B322-4B4C7AE87AE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {F304927A-FF56-4F71-AEF9-98824858C611} - System32\Tasks\boosterpop => C:\Program Files (x86)\Portable Booster\WarningPopUp.exe
Task: {F6C119A1-5955-4C00-9BDC-6A112E2C927B} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Portable Booster\updater.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-11 15:28 - 2014-12-13 02:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-01 17:38 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-02-13 11:35 - 2013-02-13 11:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 11:35 - 2013-02-13 11:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-07-02 13:05 - 2014-07-02 13:05 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2013-08-14 20:52 - 2011-12-14 18:53 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2014-12-05 19:11 - 2014-09-23 07:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-01 21:22 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-01 21:22 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-01 21:22 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-01 21:22 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-01 21:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-08-14 20:52 - 2011-12-14 11:22 - 00368640 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2012-11-13 21:22 - 2012-11-13 21:22 - 02010624 _____ () C:\Program Files (x86)\ManyCam\opencv_core220.dll
2012-11-13 21:23 - 2012-11-13 21:23 - 01241088 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc220.dll
2012-11-13 21:23 - 2012-11-13 21:23 - 00241152 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect220.dll
2012-11-13 21:23 - 2012-11-13 21:23 - 00775680 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui220.dll
2012-11-13 21:23 - 2012-11-13 21:23 - 00201216 _____ () C:\Program Files (x86)\ManyCam\opencv_video220.dll
2014-09-17 09:51 - 2014-02-20 16:11 - 38713856 _____ () C:\Program Files (x86)\Paltalk Messenger\libcef.dll
2014-08-13 10:25 - 2014-08-13 10:25 - 00042064 _____ () C:\Program Files (x86)\Paltalk Messenger\ctrlkey.dll
2014-09-17 09:51 - 2014-06-24 09:58 - 02219520 _____ () C:\Program Files (x86)\Paltalk Messenger\Images.dll
2014-12-05 19:11 - 2014-12-05 19:11 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2013-08-08 11:32 - 2013-05-16 17:05 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-07-07 22:56 - 2014-11-11 05:37 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-30 23:44 - 2014-12-30 23:44 - 01020928 _____ () C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\qgcpmds1.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Mike\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "iSCTsysTray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NETGEAR WNDA3100v2 Genie.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass FF RunOnce.lnk"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Super-Charger"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk"
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1604162695-591277231-4055239372-1002\...\StartupApproved\Run: => "Skype"

========================= Accounts: ==========================

Administrator (S-1-5-21-1604162695-591277231-4055239372-500 - Administrator - Disabled)
Guest (S-1-5-21-1604162695-591277231-4055239372-501 - Limited - Disabled)
Mike (S-1-5-21-1604162695-591277231-4055239372-1002 - Administrator - Enabled) => C:\Users\Mike

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2015 08:37:23 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/06/2015 03:48:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpotifyWebHelper.exe, version: 0.9.15.27, time stamp: 0x54803b75
Faulting module name: SpotifyWebHelper.exe, version: 0.9.15.27, time stamp: 0x54803b75
Exception code: 0xc0000005
Fault offset: 0x000063c3
Faulting process id: 0x3738
Faulting application start time: 0xSpotifyWebHelper.exe0
Faulting application path: SpotifyWebHelper.exe1
Faulting module path: SpotifyWebHelper.exe2
Report Id: SpotifyWebHelper.exe3
Faulting package full name: SpotifyWebHelper.exe4
Faulting package-relative application ID: SpotifyWebHelper.exe5

Error: (01/05/2015 04:51:05 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/04/2015 08:37:24 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/03/2015 07:50:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ManyCam.exe, version: 4.0.110.10, time stamp: 0x543282c3
Faulting module name: ManyCam.exe, version: 4.0.110.10, time stamp: 0x543282c3
Exception code: 0xc0000005
Fault offset: 0x00166ff2
Faulting process id: 0x11320
Faulting application start time: 0xManyCam.exe0
Faulting application path: ManyCam.exe1
Faulting module path: ManyCam.exe2
Report Id: ManyCam.exe3
Faulting package full name: ManyCam.exe4
Faulting package-relative application ID: ManyCam.exe5

Error: (01/03/2015 03:13:56 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/02/2015 08:37:25 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/02/2015 02:06:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program JetShell.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4618

Start Time: 01d02661a7eb5931

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\JetAudio\JetShell.exe

Report Id: 4bd248e0-9256-11e4-bf10-d43d7edc1b53

Faulting package full name:

Faulting package-relative application ID:

Error: (01/01/2015 10:14:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: GAMINGDT)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1316. The specified account already exists.

Error: (01/01/2015 10:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.9600.16384, time stamp: 0x52158c02
Faulting module name: MSVCR110.dll, version: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting process id: 0x1e50
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3
Faulting package full name: MsiExec.exe4
Faulting package-relative application ID: MsiExec.exe5


System errors:
=============
Error: (01/06/2015 00:22:51 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The WRSVC service hung on starting.

Error: (01/06/2015 00:20:58 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (01/06/2015 00:22:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:06:58 AM on ‎1/‎6/‎2015 was unexpected.

Error: (01/03/2015 08:33:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The WRSVC service hung on starting.

Error: (01/01/2015 11:59:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The WRSVC service hung on starting.

Error: (01/01/2015 10:28:58 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error:
%%3758213661

Error: (01/01/2015 10:28:57 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error:
%%3758213661

Error: (01/01/2015 10:28:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error:
%%3758213661

Error: (01/01/2015 10:28:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error:
%%3758213661

Error: (01/01/2015 10:28:54 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error:
%%3758213661


Microsoft Office Sessions:
=========================
Error: (01/06/2015 08:37:23 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/06/2015 03:48:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpotifyWebHelper.exe0.9.15.2754803b75SpotifyWebHelper.exe0.9.15.2754803b75c0000005000063c3373801d0298b57ec8282C:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe27f38b8e-9589-11e4-bf14-d43d7edc1b53

Error: (01/05/2015 04:51:05 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/04/2015 08:37:24 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/03/2015 07:50:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ManyCam.exe4.0.110.10543282c3ManyCam.exe4.0.110.10543282c3c000000500166ff21132001d02798e7c487c2C:\Program Files (x86)\ManyCam\ManyCam.exeC:\Program Files (x86)\ManyCam\ManyCam.exe112d5e43-93b4-11e4-bf10-d43d7edc1b53

Error: (01/03/2015 03:13:56 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/02/2015 08:37:25 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/02/2015 02:06:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: JetShell.exe0.0.0.0461801d02661a7eb59314294967295C:\Program Files (x86)\JetAudio\JetShell.exe4bd248e0-9256-11e4-bf10-d43d7edc1b53

Error: (01/01/2015 10:14:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: GAMINGDT)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/01/2015 10:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.9600.1638452158c02MSVCR110.dll11.0.51106.15098858ec0000409000a326c1e5001d0263f8011832fC:\Windows\syswow64\MsiExec.exeC:\Windows\SYSTEM32\MSVCR110.dll188fed8a-9235-11e4-bf0f-d43d7edc1b53


CodeIntegrity Errors:
===================================
Date: 2014-11-06 17:51:16.089
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:15.996
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:15.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:11.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:11.624
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:11.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:11.429
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:11.317
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:11.223
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-06 17:51:10.673
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 28%
Total physical RAM: 8120.09 MB
Available physical RAM: 5820.68 MB
Total Pagefile: 9400.09 MB
Available Pagefile: 5990.78 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:620.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1771CDD6)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Ready for assistance, thanks.

OCD
2015-01-08, 04:40
Hi ShadyMike,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check

Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) aswMBR

Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) and save it to your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When asked if you want to download Avast's virus definitions please select Yes.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

=========================

In your next post please provide the following:

checkup.txt
aswMBR.txt
What symptoms are you experiencing?
Please do not place your reply within a quote box.

OCD
2015-01-11, 05:51
Hi ShadyMike,

Just checking in to see if you still need help?

OCD
2015-01-12, 08:48
This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.

If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.