Hi My PC is progressively getting worse performance wise. I have done a defragmentation and removed files but still to no avail.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 4007 Mb
Graphics Card: Intel(R) HD Graphics Family, 1811 Mb
Hard Drives: C: Total - 463737 MB, Free - 364158 MB; Q: Total - 11999 MB, Free - 2492 MB;
Motherboard: LENOVO, 11433KG
Antivirus: Microsoft Security Essentials, Updated and Enabled

Good day everyone,

its really been years since I posted in here, and I remember attempting to be a trainee years back. A lot has changed here, but it seems the heart here at TechGuy still remains to assist others with computer problems. Years ago it was mostly HJT and some other spyware removers that were the easiest ways to get rid of malware/etc but my old ways cease to exist.

Anyways, here's technical info:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz, Intel64 Family 6 Model 37 Stepping 2
Processor Count: 4
RAM: 8119 Mb
Graphics Card: NVIDIA GeForce GT 320, 1024 Mb
Hard Drives: C: Total - 935334 MB, Free - 545954 MB;
Motherboard: Acer, H57M01
Antivirus: Ad-Aware Antivirus, Updated and Enabled

And heres problems:
I lent my desktop to the person who birthed me for almost 3 years, and she was a facebook fiend who click on everything flashy, so no matter what website I visit I get on page advertisements assisted by many popups. I have run adaware and spybot S&D in safe mode many times without these programs finding anything.

I need help!

Please run the following diagnostic scans so I can ascertain the state of your computer.

STEP 1
Farbar Recovery Scan Tool (FRST) Scan

• Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
• Right-Click FRST64.exe and select Run as administrator to run the programme.
• Click Yes to the disclaimer.
• Ensure the Addition.txt box is checked.
• Click the Scan button and let the programme run.
• Upon completion, click OK, then OK on the Addition.txt pop up screen.
• Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 2
aswMBR

• Please download aswMBR and save the file to your Desktop.
• Temporarily disable your anti-virus software. For instructions, please refer to the following link.
• Right-Click aswMBR.exe and select Run as administrator to run the programme.
• Click Yes when prompted to download avast! virus definitions. Wait until AVAST engine defs: ### appears.
• If you are prompted to enable the use of "Virtualization Technology", click Yes.
• Click the AV Scan: drop down box and click C:\.
• Click Scan.
• Upon completion, you will see Scan finished successfully. Click Save log. Save the log to your Desktop.
• Re-enable your anti-virus software.
• Copy the contents of the log and paste in your next reply.

Note: Do NOT click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your Desktop. Do NOT click or delete it.

======================================================

STEP 3
Logs
In your next reply please include the following logs.

• FRST.txt
• Addition.txt
• aswMBR log

Been trying to get rid of JW player and gamesdestop 025. but whenever I got to uninstall the thing simply installs a bunch of junk on my comp. JW player doesn't seem to want to go away and I have used several malware programs to try and get rid of these including malware bytes, Awshredder, Spybot S&D.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz, Intel64 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 8125 Mb
Graphics Card: NVIDIA GeForce GTS 450, 1024 Mb
Hard Drives: C: Total - 953866 MB, Free - 855539 MB; D: Total - 476733 MB, Free - 334031 MB;
Motherboard: Intel Corporation, DP965LT
Antivirus: None

Hi Ladyheath,

Welcome to Tech Support Guy. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

• Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
• All of the assistants and staff at Tech Support Guy are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date.
• Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
• If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
• While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
• Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
• Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  
  
  - Save ALL Tools to your Desktop-
  
  All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
  
  Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
  Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
  "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
  Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
  and the click the "Select Folder" button. Click OK to get out of the Options menu.
  Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
  select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
  NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
  

Let's get started....

Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.

• Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• If an update is available, the program will inform you and download the update. Allow it do this please.
• Once the tool shows "The tool is ready to use." message, please press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Chrome browser often gets stuck and even crashes since I installed a free browser add-on named as AdSupply. I searched a lot on the google and there are many claims like this one that the add-on I installed is malware. So how can I get rid of this malware? TSG Sysinfo utility can solve this problem? The system I run is Windows 7.:confused:

I'm a xbox lover & gamer. I want to know that game download from this website "http://downloadgamestorrents.com/category/xbox-360" is safe & secured. does anyone have idea about this!

Hi

Read some previous posts in this regard. Please assist. I did the OTS and attached file.

Thanks

Attached Files

OTS.Txt (221.9 KB)

Hi Stephq,
-------------------------------------------------------------
Run Junkware Removal Tool
Please download Junkware Removal Tool to your desktop.

• Shut down/disable your antivirus now to avoid potential conflicts. Usually you can do this by right clicking the Antivirus icon in the System Tray (lower right corner of screen).
• Run the tool by double-clicking it. If you are using Vista, Win7, or Win8, right-click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient, as this can take a while to complete, depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next reply.

-----------------------------------------------------------
Download and Run the Farbar Scan Tool

• Download FRST64 and save to your Desktop.
  
• Double click Frst64.exe to launch it.
• FRST64 will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
  • Please post them in your next reply.

If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

Let me know how it goes.
We are beginning to experience bad weather here, so I may not be able to answer for a while.
askey127

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i3-4130T CPU @ 2.90GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 4
RAM: 6044 Mb
Graphics Card: Intel(R) HD Graphics 4400, -1984 Mb
Hard Drives: C: Total - 926979 MB, Free - 833419 MB;
Motherboard: LENOVO, INVALID
Antivirus: Bitdefender Antivirus, Updated: Yes, On-Demand Scanner: Enabled

When I switch on my computer I get a black window 'C:,windows\system32\cmd.exe' opening followed by another window saying 'windows can't find program files (x86)\searchextensions\client.exe make sure you typed name correctly' .

How can I stop this please?

I have the Artemis trojan on my computer. McAfee detected this multiple times and quarantined and removed it but it keeps coming back. The trojan has disabled my windows defender and I cannot turn it back on. I have uninstalled the adware that it had put on my computer but the ads keep coming back.

Here is my computer information:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8061 Mb
Graphics Card: Intel(R) HD Graphics 4000, -1984 Mb
Hard Drives: C: Total - 940260 MB, Free - 837755 MB;
Motherboard: Dell Inc., 0YMFG1
Antivirus: Windows Defender, Disabled

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3935 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1839 Mb
Hard Drives: C: Total - 297340 MB, Free - 168620 MB;
Motherboard: Sony Corporation, VAIO
Antivirus: Microsoft Security Essentials, Updated and Enabled

Popups (adchoice, etc.), can't access email account, it is as if something has taken over my computer

I accidentally installed something that must've had a virus on it, because when I start my computer up, it shows the blue screen. The mouse pointer freezes in the top right corner, and I can't move it at all. I've backed up all my files, so they'll be fine, but how do I fix this? I'm not very tech savvy, so if you could explain everything in a simple way, I would appreciate it. I have windows 8.

I just noticed several threads with the same problem at Malwarebytes.org Forum, have a read at the following link:

https://forums.malwarebytes.org/inde...-malwarebytes/

Are you ok to mark this up as solved?

Thanks,

Kevin..

step 1
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Thanks guys,malware bytes patched it :D

Thank you for the logs. Please run the scan below and post the results. You can copy and paste the logs into a post directly (don't use Code or Quote boxes). Thank you.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++
Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.

• Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• If an update is available, the program will inform you and download the update. Allow it do this please.
• Once the tool shows "The tool is ready to use." message, please press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Hi Everyone, Last night Malwarebytes Anti-Malware was detecting Trojan, here is a photo http://imgur.com/6wyageu
I was searching online how to remove it, and i found this http://forums.techguy.org/virus-othe...n-vawtrak.html

I Downloaded Microsoft Security Essentials Installer and i run it.
And i also downloaded the Farbar Scan Tool and also i run it..

Here are my results:
FRST64:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by User (administrator) on USER-PC on 24-06-2015 08:36:27
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(The OpenVPN Project) C:\Program Files\AVAST Software\Avast\OpenVPN\openvpn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-16] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-05-26] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-02] (Electronic Arts)
HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\Run: [f.lux] => C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\MountPoints2: {880d7dfd-b0d7-11e4-9e78-c0fa4a5d693e} - F:\Bin\ASSETUP.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-16] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-16] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-16] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 217.23.207.3 217.23.192.14

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\jmp75und.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-23] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-23] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-09]

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-09]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-09]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-09]
CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-05-16]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-16]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-09]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-09]
CHR HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-16] (Avast Software s.r.o.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-01-13] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-28] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-16] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-16] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-16] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-16] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-16] (Avast Software s.r.o.)
R3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-02-09] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-16] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-01-10] (Synaptics Incorporated)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-24 08:36 - 2015-06-24 08:36 - 00017282 _____ C:\Users\User\Desktop\FRST.txt
2015-06-24 08:36 - 2015-06-24 08:36 - 00000000 ____D C:\FRST
2015-06-24 08:35 - 2015-06-24 08:35 - 02109952 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-06-23 21:37 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-23 21:37 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-23 21:37 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-23 21:37 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-23 21:36 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-23 21:36 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-23 21:36 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-23 21:36 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-23 21:36 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-23 21:36 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-23 21:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-23 21:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-23 21:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-23 21:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-23 21:33 - 2015-06-23 21:33 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-06-23 21:25 - 2015-06-23 21:25 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-23 21:25 - 2015-06-23 21:25 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-23 21:25 - 2015-06-23 21:25 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-23 21:25 - 2015-06-23 21:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-23 21:23 - 2015-06-23 21:23 - 14243008 _____ (Microsoft Corporation) C:\Users\User\Desktop\mseinstall.exe
2015-06-23 20:50 - 2015-06-23 20:50 - 00000000 _____ C:\autoexec.bat
2015-06-23 20:42 - 2015-06-24 08:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-23 20:42 - 2015-06-23 20:42 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-23 20:42 - 2015-06-23 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-23 20:42 - 2015-06-23 20:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-23 20:42 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-23 20:42 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-23 20:42 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-23 16:31 - 2015-06-23 16:31 - 12084408 _____ C:\Users\User\Downloads\Loving Gamer.zip
2015-06-20 22:29 - 2015-06-20 22:29 - 00000000 ____D C:\Users\User\Tracing
2015-06-20 17:42 - 2015-06-20 17:42 - 00000000 ____D C:\ProgramData\ATI
2015-06-20 17:41 - 2015-06-20 17:41 - 00053564 _____ C:\Windows\SysWOW64\CCCInstall_201506201741003645.log
2015-06-20 17:41 - 2015-06-20 17:41 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-06-20 17:40 - 2015-06-20 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-06-20 17:40 - 2015-06-20 17:40 - 00000000 ____D C:\Program Files (x86)\AMD
2015-06-20 17:12 - 2015-06-20 17:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software
2015-06-20 17:12 - 2015-06-20 17:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software
2015-06-20 17:02 - 2015-06-20 17:02 - 00053564 _____ C:\Windows\SysWOW64\CCCInstall_201506201702288387.log
2015-06-20 17:00 - 2015-06-20 17:37 - 00000000 ____D C:\Program Files\AMD
2015-06-20 16:55 - 2015-06-20 16:55 - 00052689 _____ C:\Windows\SysWOW64\CCCInstall_201506201655498808.log
2015-06-20 16:08 - 2015-06-20 16:08 - 00053564 _____ C:\Windows\SysWOW64\CCCInstall_201506201608255475.log
2015-06-19 14:35 - 2015-06-23 17:29 - 00000080 _____ C:\Users\User\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-19 14:35 - 2015-06-19 14:37 - 00000000 ____D C:\Users\User\Documents\Rockstar Games
2015-06-19 14:35 - 2015-06-19 14:35 - 00000000 ____D C:\Users\User\AppData\Local\Rockstar Games
2015-06-19 14:34 - 2015-06-19 14:37 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-19 14:34 - 2015-06-19 14:36 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-19 14:33 - 2015-06-20 14:33 - 00000684 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2015-06-19 14:33 - 2015-06-19 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-06-18 19:37 - 2015-06-18 19:37 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-06-16 14:45 - 2015-06-16 14:45 - 00000000 ____D C:\Users\User\AppData\Local\ESN
2015-06-16 11:43 - 2015-06-16 11:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-06-14 18:19 - 2015-06-14 18:21 - 00000000 ____D C:\Users\User\AppData\Local\Zombie Army Trilogy
2015-06-14 15:55 - 2015-06-14 15:55 - 00001135 _____ C:\Users\Public\Desktop\Movavi Video Converter 15.lnk
2015-06-14 15:55 - 2015-06-14 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 15
2015-06-14 15:55 - 2015-06-14 15:55 - 00000000 ____D C:\Program Files (x86)\Movavi Video Converter 15
2015-06-14 11:44 - 2015-06-14 15:14 - 00000000 ____D C:\Users\User\AppData\Local\Movavi
2015-06-14 11:43 - 2015-06-14 11:43 - 00000000 ____D C:\ProgramData\Movavi Video Converter 15
2015-06-14 11:43 - 2015-06-14 11:43 - 00000000 ____D C:\ProgramData\Movavi
2015-06-13 23:07 - 2015-06-13 23:07 - 00000000 ____D C:\Users\User\AppData\Roaming\AVS4YOU
2015-06-13 23:06 - 2015-06-14 11:17 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2015-06-13 23:06 - 2015-06-13 23:07 - 00000000 ____D C:\ProgramData\AVS4YOU
2015-06-13 23:06 - 2010-05-11 13:17 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-06-13 23:06 - 2010-05-11 13:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2015-06-13 22:31 - 2015-06-13 22:40 - 00000000 ____D C:\Users\User\AppData\Roaming\GHISLER
2015-06-13 19:32 - 2015-06-13 19:32 - 00000000 ____D C:\Users\User\AppData\Roaming\Publish Providers
2015-06-13 19:25 - 2015-06-13 19:28 - 00000000 ____D C:\Users\User\AppData\Local\Sony
2015-06-13 19:25 - 2015-06-13 19:25 - 00001038 _____ C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
2015-06-13 19:25 - 2015-06-13 19:25 - 00000000 ____D C:\ProgramData\Sony
2015-06-13 19:25 - 2015-06-13 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-06-13 19:25 - 2015-06-13 19:25 - 00000000 ____D C:\Program Files\Sony
2015-06-13 19:25 - 2015-06-13 19:25 - 00000000 ____D C:\Program Files (x86)\Sony
2015-06-13 19:24 - 2015-06-13 19:32 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony
2015-06-12 09:47 - 2015-06-12 09:47 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia
2015-06-12 09:45 - 2015-06-12 09:45 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-12 09:45 - 2015-06-12 09:45 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2015-06-12 09:45 - 2015-06-12 09:45 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2015-06-12 09:45 - 2015-06-12 09:45 - 00000000 ____D C:\ProgramData\Mozilla
2015-06-12 09:45 - 2015-06-12 09:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-11 15:56 - 2015-06-11 15:56 - 00000000 ____D C:\Program Files\Speccy
2015-06-07 09:29 - 2015-06-07 09:29 - 00003484 _____ C:\Windows\System32\Tasks\HP Deskjet 1050 J410 series.exe_{0D3A7075-3BF5-42B0-81C4-225AACD9535F}
2015-06-07 09:24 - 2015-06-15 11:48 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2015-06-07 09:24 - 2015-06-07 09:24 - 00000057 _____ C:\ProgramData\Ament.ini
2015-06-07 09:24 - 2015-06-07 09:24 - 00000000 ____D C:\ProgramData\Visan
2015-06-07 09:24 - 2015-06-07 09:24 - 00000000 ____D C:\ProgramData\HP
2015-06-07 09:23 - 2015-06-07 09:25 - 00000000 ____D C:\Users\User\AppData\Local\HP
2015-06-07 09:17 - 2015-06-15 11:54 - 00000000 ____D C:\Program Files (x86)\Hp
2015-06-06 14:42 - 2015-06-06 14:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-06-06 14:42 - 2015-06-06 14:42 - 00000000 ____D C:\Users\User\AppData\Local\FluxSoftware
2015-06-04 22:27 - 2015-06-14 19:20 - 00000000 ___RD C:\Users\User\Desktop\Games
2015-06-03 19:15 - 2015-06-03 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The Old Blood
2015-05-29 15:46 - 2015-05-29 15:46 - 00000000 ____D C:\Windows\system32\appmgmt
2015-05-29 14:36 - 2015-05-29 14:42 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-05-29 14:33 - 2015-05-29 14:33 - 00000000 ____D C:\Users\User\AppData\Local\Futuremark
2015-05-28 19:18 - 2015-05-28 19:18 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-05-28 19:05 - 2015-06-15 18:33 - 00000000 ____D C:\Users\User\Documents\Battlefield 4
2015-05-28 16:25 - 2015-05-28 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2015-05-27 20:23 - 2015-05-27 20:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Steam
2015-05-27 00:41 - 2015-05-27 00:41 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00102128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00096448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-05-27 00:41 - 2015-05-27 00:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-05-27 00:40 - 2015-05-27 00:40 - 09411256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-05-27 00:38 - 2015-05-27 00:38 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-05-27 00:35 - 2015-05-27 00:35 - 19339264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-05-27 00:28 - 2015-05-27 00:28 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-05-27 00:28 - 2015-05-27 00:28 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-05-27 00:28 - 2015-05-27 00:28 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-05-27 00:28 - 2015-05-27 00:28 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-05-27 00:28 - 2015-05-27 00:28 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-05-27 00:28 - 2015-05-27 00:28 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-05-27 00:27 - 2015-05-27 00:27 - 40989696 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-05-27 00:26 - 2015-05-27 00:26 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-27 00:26 - 2015-05-27 00:26 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-27 00:20 - 2015-05-27 00:20 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-05-27 00:15 - 2015-05-27 00:15 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-05-27 00:14 - 2015-05-27 00:14 - 05837824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-05-27 00:14 - 2015-05-27 00:14 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-05-27 00:14 - 2015-05-27 00:14 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-05-27 00:14 - 2015-05-27 00:14 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-05-27 00:14 - 2015-05-27 00:14 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-05-27 00:12 - 2015-05-27 00:12 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-05-27 00:12 - 2015-05-27 00:12 - 00641088 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-05-27 00:12 - 2015-05-27 00:12 - 00641088 _____ C:\Windows\system32\atiapfxx.blb
2015-05-27 00:12 - 2015-05-27 00:12 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-05-27 00:12 - 2015-05-27 00:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-05-27 00:12 - 2015-05-27 00:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-05-27 00:12 - 2015-05-27 00:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-05-27 00:12 - 2015-05-27 00:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-05-27 00:11 - 2015-05-27 00:11 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-05-27 00:11 - 2015-05-27 00:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-05-27 00:11 - 2015-05-27 00:11 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-05-27 00:09 - 2015-05-27 00:09 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-05-27 00:09 - 2015-05-27 00:09 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-05-27 00:08 - 2015-05-27 00:08 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-05-27 00:07 - 2015-05-27 00:07 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-05-27 00:07 - 2015-05-27 00:07 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-05-27 00:07 - 2015-05-27 00:07 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-05-27 00:07 - 2015-05-27 00:07 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-05-27 00:04 - 2015-05-27 00:04 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-05-27 00:04 - 2015-05-27 00:04 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-05-27 00:04 - 2015-05-27 00:04 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-05-27 00:04 - 2015-05-27 00:04 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-05-27 00:04 - 2015-05-27 00:04 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-05-27 00:04 - 2015-05-27 00:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-05-27 00:04 - 2015-05-27 00:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-05-27 00:03 - 2015-05-27 00:03 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-05-27 00:03 - 2015-05-27 00:03 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-05-27 00:03 - 2015-05-27 00:03 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-05-26 21:13 - 2015-05-26 21:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2015-05-26 18:32 - 2015-05-26 18:32 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2015-05-26 18:30 - 2015-05-26 18:30 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-24 08:33 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-24 08:33 - 2009-07-14 06:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-24 08:28 - 2015-02-09 20:52 - 01525574 _____ C:\Windows\WindowsUpdate.log
2015-06-24 08:28 - 2015-02-09 14:16 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-24 08:28 - 2015-02-09 14:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-06-24 08:27 - 2015-05-16 20:40 - 00000000 ____D C:\ProgramData\Origin
2015-06-24 08:25 - 2015-05-16 20:39 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-24 08:25 - 2015-02-09 14:16 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-24 08:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-24 08:24 - 2009-07-14 06:51 - 00042918 _____ C:\Windows\setupact.log
2015-06-23 23:30 - 2015-02-09 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2015-06-23 23:30 - 2015-02-09 20:55 - 00000000 ____D C:\Program Files\KMSpico
2015-06-23 23:23 - 2015-02-09 20:53 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-23 22:56 - 2015-05-16 20:51 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-23 21:34 - 2015-02-09 14:17 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-23 21:12 - 2010-11-21 05:47 - 00020842 _____ C:\Windows\PFRO.log
2015-06-20 17:41 - 2015-05-16 19:17 - 00000000 ____D C:\ProgramData\AMD
2015-06-20 17:35 - 2015-05-16 19:12 - 00000000 ____D C:\AMD
2015-06-20 16:05 - 2015-05-16 19:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-19 20:48 - 2015-05-16 20:07 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-19 16:37 - 2015-05-16 20:07 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-06-19 14:34 - 2015-02-09 14:12 - 00102146 _____ C:\Windows\DirectX.log
2015-06-19 14:33 - 2015-02-09 14:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-19 14:25 - 2015-05-18 09:42 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2015-06-18 19:57 - 2015-02-09 20:54 - 00000000 ____D C:\ProgramData\Adobe
2015-06-18 19:57 - 2015-02-09 20:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-18 19:48 - 2015-02-09 14:15 - 00112648 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-18 19:47 - 2009-07-14 06:45 - 05064272 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-18 19:44 - 2015-02-09 14:19 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2015-06-18 19:36 - 2015-02-09 20:56 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2015-06-17 22:13 - 2015-05-16 20:15 - 00348672 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-06-17 17:43 - 2015-05-16 20:50 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-17 09:59 - 2015-05-16 20:13 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-06-13 23:10 - 2015-05-16 19:24 - 00000000 ____D C:\Users\User\Heaven
2015-06-12 14:56 - 2015-05-16 21:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-12 11:34 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-12 09:45 - 2015-02-09 20:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-09 17:35 - 2015-05-16 20:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2015-06-09 09:25 - 2009-07-14 07:13 - 00785302 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-08 21:34 - 2015-02-09 14:13 - 00000000 ____D C:\ProgramData\Skype
2015-06-02 08:29 - 2015-05-16 20:40 - 00000000 ____D C:\Program Files (x86)\Origin
2015-05-30 23:04 - 2015-05-16 20:51 - 00001090 _____ C:\Users\User\Desktop\MSI Afterburner.lnk
2015-05-30 15:30 - 2015-05-16 19:24 - 02128896 _____ C:\Users\User\AppData\Local\file__0.localstorage
2015-05-30 14:02 - 2015-05-21 22:28 - 00000000 ____D C:\Users\User\AppData\Local\Ubisoft Game Launcher
2015-05-28 19:08 - 2015-05-16 20:15 - 00000000 ____D C:\Users\User\AppData\Local\PunkBuster
2015-05-28 16:25 - 2015-05-16 20:07 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-27 00:41 - 2014-11-21 04:44 - 01359752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-05-27 00:41 - 2014-11-21 04:44 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-05-27 00:41 - 2014-11-21 04:44 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-05-27 00:41 - 2014-11-21 04:44 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-05-27 00:40 - 2014-11-21 04:44 - 11089120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-05-27 00:40 - 2014-11-21 04:44 - 01136736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-05-27 00:40 - 2014-11-21 04:43 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-05-27 00:40 - 2014-11-21 04:43 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-05-27 00:40 - 2014-11-21 04:43 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-05-27 00:40 - 2014-11-21 04:43 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-05-27 00:07 - 2014-11-21 04:12 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-05-27 00:05 - 2014-11-21 04:10 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-05-27 00:04 - 2014-11-21 04:09 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll

==================== Files in the root of some directories =======

2015-05-16 19:24 - 2015-05-30 15:30 - 2128896 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2015-06-07 09:24 - 2015-06-07 09:24 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\User\AppData\Local\Temp\ExPromo.exe
C:\Users\User\AppData\Local\Temp\iv_uninstall.exe
C:\Users\User\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\User\AppData\Local\Temp\raptrpatch.exe
C:\Users\User\AppData\Local\Temp\raptr_stub.exe
C:\Users\User\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-23 23:26

==================== End of log ============================










Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by User at 2015-06-24 08:36:59
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2819173519-3316955608-1711254667-500 - Administrator - Disabled)
Guest (S-1-5-21-2819173519-3316955608-1711254667-501 - Limited - Disabled)
User (S-1-5-21-2819173519-3316955608-1711254667-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{637D7E6D-2798-E0D0-D257-1796F13B951F}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.)
f.lux (HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\...\Flux) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4080 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movavi Video Converter 15 (HKLM-x32\...\Movavi Video Converter 15) (Version: 15.2.3 - Movavi)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OpenEncodeVFW codec (Remove Only) (HKLM\...\OpenEncode) (Version: - )
OpenEncodeVFW codec (Remove Only) (HKLM-x32\...\OpenEncode) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Winrar Activator version 1.2 (HKLM-x32\...\{AE0B3F2A-EB65-4D01-A3E1-6D879C6AAF2A}_is1) (Version: 1.2 - Rarlab)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2819173519-3316955608-1711254667-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

18-06-2015 20:32:28 Device Driver Package Install: TAP-Windows Provider V9 Network adapters
19-06-2015 14:33:06 Installed Grand Theft Auto V
20-06-2015 16:04:42 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
20-06-2015 16:05:07 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
20-06-2015 16:32:43 Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters
20-06-2015 17:38:32 Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters
23-06-2015 21:28:44 Windows Update
23-06-2015 21:36:30 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B52CCE-22F7-43D8-8062-DFF2FC737452} - System32\Tasks\HP Deskjet 1050 J410 series.exe_{0D3A7075-3BF5-42B0-81C4-225AACD9535F} => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe
Task: {041A237F-8485-41EF-93CC-7B79ECC1718B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-23] (Adobe Systems Incorporated)
Task: {177557F9-BC7F-475E-AE09-C38343734828} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {381A8346-488D-4C43-B71A-E532DDE07525} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5555D503-ECF9-438B-89E0-3BC48E16D491} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5B87A1CB-FBF0-4CB3-93BA-4D713B93A773} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
Task: {656C8286-7074-4CBC-A7B7-55BCA9338925} - \AutoPico Daily Restart No Task File <==== ATTENTION
Task: {6AD7F487-FF4A-45E8-846B-5D7AD2729863} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
Task: {A2C8B2BB-4569-412F-A27D-2299268A30F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-02-09 20:58 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-05-28 19:18 - 2015-05-28 19:18 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-10-01 21:36 - 2012-10-01 21:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-05-16 20:35 - 2015-05-16 20:35 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-16 20:35 - 2015-05-16 20:35 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-23 17:02 - 2015-06-23 17:02 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062303\algo.dll
2015-06-24 08:28 - 2015-06-24 08:28 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062307\algo.dll
2015-02-09 20:58 - 2015-06-24 08:24 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-02-09 20:58 - 2014-01-28 05:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2012-10-01 21:37 - 2012-10-01 21:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-05-16 20:42 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-16 20:42 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-16 20:42 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-16 20:42 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-16 20:42 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-16 20:42 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-16 20:42 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-16 20:42 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-16 20:42 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-16 20:42 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-16 20:42 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-16 20:48 - 2015-06-02 08:28 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-05-16 20:48 - 2015-06-02 08:28 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-05-16 20:35 - 2015-05-16 20:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-16 20:42 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-09 14:16 - 2015-02-09 14:16 - 00083968 _____ () C:\Program Files\AVAST Software\Avast\OpenVpn\lzo2.dll
2015-02-09 14:16 - 2015-02-09 14:16 - 00065024 _____ () C:\Program Files\AVAST Software\Avast\OpenVpn\libpkcs11-helper-1.dll
2015-02-09 14:26 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-23 09:32 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 09:32 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-23 09:32 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dl l

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2819173519-3316955608-1711254667-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper. jpg
DNS Servers: 77.234.40.79 - 217.23.207.3

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0FC97BC0-4DF9-41FF-BD34-937774682B1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C8EAA7A0-DC03-4369-ABC8-8F4FE31AC8B0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A3AB66F5-9FD3-41C2-9687-A61FB8860187}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7E449C6A-E498-4FA1-87BB-F9D7C23A0F1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1E67604A-DAB1-4E3E-B544-7CCC005FE80F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4FC20DDA-54A2-45FD-A64D-2B2C9D5911E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9AA8568C-8FF3-47F7-9CA5-45A5D054BD02}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0ABA05BB-2517-4844-B915-5ED3D3F19F83}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2FA951E9-AF8A-43FB-85D7-2E238C278E84}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7A373CBE-90A2-48C3-A25F-676BE616C8E1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{956EAFF5-0AA3-4B6E-AA37-AC3A83D3348A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{1094CACC-D3F7-4D62-92CA-4969C0E86DE0}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4B218BA7-4A12-4AC0-AE85-A0509C2402C9}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{CF9A6E20-AD65-4FE5-8172-476A6CB36752}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7AFD668A-F976-45D3-9250-AC2E6DDEE748}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{57A4CBC3-A9F2-443C-BC33-E9E2CF2E47D1}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7D8964D4-8E87-447A-A04B-DE989F296833}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6F2575F2-274F-4DCE-8504-4F407DC1C018}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E6F9F248-D12C-41D7-BC41-539217194851}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C1DB33A-A2A6-4488-ABCE-244033811280}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B65A2582-66CC-473E-AACA-EFED8ABF59D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F7617AF9-16E3-402F-B891-CACD154ABB6B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{519537B4-01E7-4679-AD1E-C634DDD71A52}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{27B4C8F4-D447-4677-9B1E-6AFA76073B6B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{41F1026B-5614-46CE-B9F8-65FF326C4C19}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CBBDB237-885B-432D-A02E-A44597F1D820}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{BC6DE208-BDFC-4F32-849E-38F9A6308379}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{719DCFAC-F10F-4049-A00B-F9A8D920D5E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{29FFB91B-502F-44B6-B370-E408CEFD73DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{9E942288-451E-4CEF-9E4F-E42E69D013A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F6C03ECF-DFA5-41BA-B64F-317DDEF65EE9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{45FA9FE6-FC4C-4A55-9244-4F7D19C6F119}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{23393FB1-669E-436B-BABB-8875F1149178}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [TCP Query User{14E38EAB-DB69-41A8-B25C-68F586477035}D:\stefan\games\gta5.exe] => (Allow) D:\stefan\games\gta5.exe
FirewallRules: [UDP Query User{149AFC35-849F-4449-9E80-CD7A725DDA7D}D:\stefan\games\gta5.exe] => (Allow) D:\stefan\games\gta5.exe
FirewallRules: [{5E128F71-9B8D-40FD-B63F-B683C301D4EA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{532335B5-2E7F-441C-90DA-FCA69D7DB6A3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{FD99A7B8-804D-41D2-8864-B50797B2E753}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0DA41A55-6F96-4117-8A58-39F5D9B0CCE2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9AF4E398-DD7F-46FB-98B3-E6D49E9C556B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2015 08:26:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 09:33:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 09:13:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 08:32:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 08:57:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2015 05:43:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GTA5.exe version 1.0.372.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1554

Start Time: 01d0ad01c4891eff

Termination Time: 44

Application Path: D:\Stefan\Games\GTA5.exe

Report Id:

Error: (06/22/2015 05:06:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GTA5.exe version 1.0.372.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1978

Start Time: 01d0acf319adabc4

Termination Time: 180

Application Path: D:\Stefan\Games\GTA5.exe

Report Id:

Error: (06/22/2015 08:17:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2015 08:22:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GTA5.exe version 1.0.372.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 18c0

Start Time: 01d0ac3ef6e7dcc5

Termination Time: 190

Application Path: D:\Stefan\Games\GTA5.exe

Report Id:

Error: (06/21/2015 11:58:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3679CA35668772304D30A5FB873B0FA77BB70D54.crt> with error: The specified server cannot perform the requested operation.
.


System errors:
=============
Error: (06/23/2015 09:42:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (06/23/2015 09:34:28 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/23/2015 09:34:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (06/23/2015 09:34:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (06/23/2015 09:30:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).

Error: (06/22/2015 08:20:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The cpuz138 service failed to start due to the following error:
%%3

Error: (06/20/2015 05:12:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/20/2015 04:49:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service.

Error: (06/20/2015 04:38:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The cpuz138 service failed to start due to the following error:
%%3

Error: (06/20/2015 04:35:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:33:59 PM on ‎6/‎20/‎2015 was unexpected.


Microsoft Office:
=========================
Error: (06/24/2015 08:26:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 09:33:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 09:13:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 08:32:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2015 08:57:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2015 05:43:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GTA5.exe1.0.372.2155401d0ad01c4891eff44D:\Stefan\Games\GTA5.exe

Error: (06/22/2015 05:06:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GTA5.exe1.0.372.2197801d0acf319adabc4180D:\Stefan\Games\GTA5.exe

Error: (06/22/2015 08:17:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2015 08:22:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GTA5.exe1.0.372.218c001d0ac3ef6e7dcc5190D:\Stefan\Games\GTA5.exe

Error: (06/21/2015 11:58:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://www.download.windowsupdate.co...BB70D54.crtThe specified server cannot perform the requested operation.


CodeIntegrity Errors:
===================================
Date: 2015-06-23 22:55:17.781
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 22:36:32.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 22:14:30.480
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 22:03:52.012
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 21:53:29.269
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 20:59:40.473
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 20:16:51.064
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\c718517 4.inf_amd64_neutral_707af996d048313b\B185106\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 20:16:51.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\c718517 4.inf_amd64_neutral_707af996d048313b\B185106\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 20:16:51.039
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\c718517 4.inf_amd64_neutral_707af996d048313b\B185106\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-06-23 20:16:50.960
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\c718517 4.inf_amd64_neutral_707af996d048313b\B185106\atikmdag.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4150 CPU @ 3.50GHz
Percentage of memory in use: 38%
Total physical RAM: 8129.95 MB
Available physical RAM: 5033.99 MB
Total Pagefile: 16258.11 MB
Available Pagefile: 12399.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.78 GB) (Free:133.57 GB) NTFS
Drive d: () (Fixed) (Total:232.14 GB) (Free:165.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 97BE5B6A)
Partition 1: (Active) - (Size=868 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)

==================== End of log ============================


Am i safe??

Hi, when I start my PC avast says "avast will not be able to protect mails and news (error 10050). Check the avast service isn't blocked by your personal firewall" (this is a translation from italian, sorry for my english). I can't even connect to the internet.
Please help

Hello,

I have recently received this message from ESET -

variant of MSIL/Injector.yt trojan
Unable to clean

I've already reviewed the instruction on bleeping computer.com and it seems that most of the programs are unable to locate the virus.


Looking for help.


Thank you,

Robert


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8, 64 bit
Processor: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 3974 Mb
Graphics Card: LogMeIn Mirror Driver, 4 Mb
Hard Drives: C: Total - 932535 MB, Free - 656572 MB; D: Total - 19820 MB, Free - 2476 MB;
Motherboard: Foxconn, 2ADA
Antivirus: ESET Smart Security 6.0, Updated and Enabled