Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
GoSave and 1 other keep coming back
Message
<blockquote data-quote="jtutmark" data-source="post: 323809" data-attributes="member: 32526"><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014</p><p>Ran by Jeff (administrator) on JEFFSRIG on 29-12-2014 11:32:52</p><p>Running from C:\Users\Jeff\Downloads</p><p>Loaded Profile: Jeff (Available profiles: Jeff)</p><p>Platform: Windows 8.1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: Chrome)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe</p><p>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe</p><p>(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dasHost.exe</p><p>(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe</p><p>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe</p><p>() C:\Windows\System32\PnkBstrA.exe</p><p>() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe</p><p>(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe</p><p>(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe</p><p>() C:\Program Files\Plantronics\GameCom780\GameCom780.exe</p><p>(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe</p><p>(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe</p><p>(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe</p><p>(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe</p><p>() C:\Program Files (x86) (x86)\Dell Photo AIO Printer 966\memcard.exe</p><p>(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe</p><p>(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe</p><p>(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe</p><p>(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe</p><p>(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe</p><p>(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe</p><p>(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)</p><p>HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart</p><p>HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [776480 2013-05-09] ()</p><p>HKLM-x32\...\Run: [] => [X]</p><p>HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)</p><p>HKLM-x32\...\Run: [dlcqmon.exe] => C:\Program Files (x86) (x86)\Dell Photo AIO Printer 966\dlcqmon.exe [292080 2007-06-29] ()</p><p>HKLM-x32\...\Run: [MemoryCardManager] => C:\Program Files (x86) (x86)\Dell Photo AIO Printer 966\memcard.exe [304368 2007-06-29] ()</p><p>HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)</p><p>HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)</p><p>HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)</p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-27] (Electronic Arts)</p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [GoogleChromeAutoLaunch_1D9E4397701B26121F48AD4BA9175EBF] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-21] (Google Inc.)</p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)</p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)</p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5105288 2014-10-15] (Plex, Inc.)</p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)</p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {269b2a65-6122-11e4-8271-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" </p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {d67c0475-bee6-11e3-825b-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" </p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {dc6c749e-f958-11e3-8264-001fbc087dcd} - "H:\VerizonSWUpgradeAssistantLauncher.exe" </p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {e09ab3a8-471a-11e4-826f-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" </p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {fd749ce4-11b8-11e4-8266-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" </p><p>CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKU\S-1-5-21-1516866678-2134814311-3096657-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = <a href="http://www.msn.com/?ocid=iehp" target="_blank">http://www.msn.com/?ocid=iehp</a></p><p>SearchScopes: HKLM-x32 -> DefaultScope value is missing.</p><p>SearchScopes: HKU\S-1-5-21-1516866678-2134814311-3096657-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = <a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a></p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.1</p><p></p><p>FireFox:</p><p>========</p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()</p><p>FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)</p><p>FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)</p><p>FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)</p><p>FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p></p><p>Chrome: </p><p>=======</p><p>CHR dev: Chrome dev build detected! <======= ATTENTION</p><p>CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jeff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-12-10]</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-08-16] () [File not signed]</p><p>R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)</p><p>R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]</p><p>R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)</p><p>R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)</p><p>R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)</p><p>R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)</p><p>S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-27] (Electronic Arts)</p><p>R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-22] ()</p><p>R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-11] ()</p><p>R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()</p><p>R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)</p><p>R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2011-01-19] (Devguru Co., Ltd)</p><p>R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)</p><p>R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)</p><p>R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-29] (Malwarebytes Corporation)</p><p>R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)</p><p>R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)</p><p>R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)</p><p>R3 PlantronicsGC; C:\Windows\system32\drivers\PLTGC.sys [1327104 2013-04-12] (C-Media Electronics Inc)</p><p>R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-04] (Razer Inc)</p><p>R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)</p><p>R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)</p><p>R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)</p><p>R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-12-29 11:32 - 2014-12-29 11:32 - 00000000 ____D () C:\Users\Jeff\Downloads\FRST-OlderVersion</p><p>2014-12-29 10:28 - 2014-12-29 10:28 - 00007334 _____ () C:\Users\Jeff\Desktop\zoek-results.txt</p><p>2014-12-29 10:27 - 2014-12-29 10:08 - 00024064 _____ () C:\Windows\zoek-delete.exe</p><p>2014-12-29 10:09 - 2014-12-29 10:28 - 00007334 _____ () C:\zoek-results.log</p><p>2014-12-29 10:08 - 2014-12-29 10:25 - 00000000 ____D () C:\zoek_backup</p><p>2014-12-29 09:50 - 2014-12-29 11:32 - 00000000 ____D () C:\FRST</p><p>2014-12-28 10:36 - 2014-12-28 10:36 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help</p><p>2014-12-28 10:36 - 2014-12-28 10:36 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help</p><p>2014-12-28 09:45 - 2014-12-28 09:45 - 00000000 ____D () C:\Windows\PCHEALTH</p><p>2014-12-28 09:45 - 2014-12-28 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office</p><p>2014-12-28 09:45 - 2014-12-28 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services</p><p>2014-12-28 09:44 - 2014-12-28 09:44 - 00000000 __RHD () C:\MSOCache</p><p>2014-12-28 09:44 - 2014-12-28 09:44 - 00000000 ____D () C:\Program Files\Microsoft Office</p><p>2014-12-28 09:44 - 2014-12-28 09:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services</p><p>2014-12-28 05:55 - 2014-12-28 05:55 - 00000000 ____D () C:\Windows\Minidump</p><p>2014-12-28 05:54 - 2014-12-29 10:28 - 00001852 _____ () C:\Windows\PFRO.log</p><p>2014-12-27 18:26 - 2014-12-27 18:26 - 00002145 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk</p><p>2014-12-27 18:25 - 2014-12-12 16:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe</p><p>2014-12-27 18:24 - 2014-12-27 18:25 - 00000000 ____D () C:\Windows\LastGood.Tmp</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00834880 _____ () C:\Windows\system32\nvmcumd.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll</p><p>2014-12-27 18:24 - 2014-12-13 02:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll</p><p>2014-12-27 18:24 - 2014-10-09 09:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys</p><p>2014-12-27 18:24 - 2014-10-09 09:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll</p><p>2014-12-27 18:24 - 2014-10-08 23:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll</p><p>2014-12-25 12:38 - 2014-12-25 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppName</p><p>2014-12-25 12:37 - 2014-12-25 12:37 - 00000218 _____ () C:\Users\Jeff\AppData\Local\recently-used.xbel</p><p>2014-12-24 08:06 - 2014-12-24 08:06 - 00004312 _____ () C:\Windows\DPINST.LOG</p><p>2014-12-24 08:05 - 2014-12-27 18:25 - 00003936 _____ () C:\Windows\setupact.log</p><p>2014-12-24 08:05 - 2014-12-24 08:05 - 00000000 _____ () C:\Windows\setuperr.log</p><p>2014-12-20 20:58 - 2014-12-29 11:31 - 01783487 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-12-18 19:22 - 2014-12-18 19:22 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll</p><p>2014-12-17 11:24 - 2014-12-17 11:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET</p><p>2014-12-16 11:28 - 2014-11-22 02:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys</p><p>2014-12-16 11:28 - 2014-11-22 02:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll</p><p>2014-12-14 10:16 - 2014-12-14 10:16 - 00000000 ____D () C:\Users\Public\Documents\LeapFrog</p><p>2014-12-14 10:15 - 2014-12-14 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapFrog Connect</p><p>2014-12-14 10:15 - 2014-12-14 10:15 - 00000000 ____D () C:\ProgramData\Leapfrog</p><p>2014-12-14 10:15 - 2014-12-14 10:15 - 00000000 ____D () C:\Program Files (x86)\LeapFrog</p><p>2014-12-14 10:13 - 2014-10-30 14:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe</p><p>2014-12-14 10:13 - 2014-10-30 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe</p><p>2014-12-14 10:09 - 2014-12-14 10:09 - 00000000 ____D () C:\Windows\system32\appraiser</p><p>2014-12-09 22:41 - 2014-12-03 15:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll</p><p>2014-12-09 22:41 - 2014-12-03 15:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll</p><p>2014-12-09 22:41 - 2014-12-02 15:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll</p><p>2014-12-09 22:41 - 2014-12-02 15:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll</p><p>2014-12-09 22:41 - 2014-12-02 15:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll</p><p>2014-12-09 22:41 - 2014-12-02 15:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll</p><p>2014-12-09 22:41 - 2014-12-02 15:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll</p><p>2014-12-09 22:41 - 2014-11-09 18:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll</p><p>2014-12-09 22:41 - 2014-11-09 17:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll</p><p>2014-12-09 22:41 - 2014-11-06 20:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll</p><p>2014-12-09 22:41 - 2014-11-06 19:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll</p><p>2014-12-09 22:41 - 2014-10-31 15:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll</p><p>2014-12-09 22:41 - 2014-10-31 15:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll</p><p>2014-12-09 22:41 - 2014-10-12 18:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys</p><p>2014-12-09 22:41 - 2014-10-12 18:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys</p><p>2014-12-09 22:41 - 2014-10-12 18:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys</p><p>2014-12-09 22:41 - 2014-10-12 18:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys</p><p>2014-12-09 22:40 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec</p><p>2014-12-09 22:40 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec</p><p>2014-12-09 22:40 - 2014-11-21 18:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll</p><p>2014-12-09 22:40 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2014-12-09 22:40 - 2014-11-21 17:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2014-12-09 22:40 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2014-12-09 22:40 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll</p><p>2014-12-09 22:40 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2014-12-09 22:40 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2014-12-09 22:40 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll</p><p>2014-12-09 22:40 - 2014-10-30 15:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll</p><p>2014-12-09 22:40 - 2014-10-30 15:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll</p><p>2014-12-02 07:55 - 2014-12-02 07:55 - 00000000 ____D () C:\Users\Jeff\Documents\Rockstar Games</p><p>2014-12-02 07:46 - 2014-12-02 07:46 - 00000000 __SHD () C:\ProgramData\SecuROM</p><p>2014-12-02 07:46 - 2014-12-02 07:46 - 00000000 ____D () C:\Users\Jeff\Documents\Games for Windows - LIVE Demos</p><p>2014-12-02 07:45 - 2014-12-02 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace</p><p>2014-12-02 07:31 - 2014-12-02 07:47 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Rockstar Games</p><p>2014-12-02 07:31 - 2014-12-02 07:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE</p><p>2014-12-02 07:31 - 2014-12-02 07:31 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll</p><p>2014-12-02 07:31 - 2014-12-02 07:31 - 00000000 __RHD () C:\Users\Jeff\AppData\Roaming\SecuROM</p><p>2014-12-02 07:31 - 2014-12-02 07:31 - 00000000 ____D () C:\Windows\SysWOW64\xlive</p><p>2014-12-01 08:15 - 2014-12-29 11:32 - 00014897 _____ () C:\Users\Jeff\Downloads\FRST.txt</p><p>2014-12-01 08:15 - 2014-12-01 08:16 - 00029566 _____ () C:\Users\Jeff\Downloads\Addition.txt</p><p>2014-12-01 08:14 - 2014-12-29 11:32 - 02123264 _____ (Farbar) C:\Users\Jeff\Downloads\FRST64.exe</p><p>2014-12-01 08:14 - 2014-12-01 08:14 - 00000000 __SHD () C:\Users\Jeff\AppData\Local\EmieBrowserModeList</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2014-12-29 11:20 - 2014-04-21 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help</p><p>2014-12-29 11:11 - 2014-02-23 13:03 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1516866678-2134814311-3096657-1001</p><p>2014-12-29 11:08 - 2014-08-13 21:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2014-12-29 11:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru</p><p>2014-12-29 10:47 - 2014-03-13 12:20 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-12-29 10:33 - 2014-02-23 13:04 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI</p><p>2014-12-29 10:28 - 2014-11-18 11:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-12-29 10:28 - 2014-10-31 09:14 - 00000008 __RSH () C:\ProgramData\ntuser.pol</p><p>2014-12-29 10:28 - 2014-03-13 12:20 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2014-12-29 10:28 - 2014-02-23 13:08 - 00000000 ____D () C:\Program Files (x86)\Origin</p><p>2014-12-29 10:28 - 2014-02-23 13:05 - 00000000 ____D () C:\ProgramData\NVIDIA</p><p>2014-12-29 10:28 - 2014-02-23 12:59 - 00000000 ___DO () C:\Users\Jeff\SkyDrive</p><p>2014-12-29 10:28 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp</p><p>2014-12-29 10:28 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Comodo</p><p>2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google</p><p>2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo</p><p>2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google</p><p>2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo</p><p>2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google</p><p>2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo</p><p>2014-12-29 10:25 - 2014-03-13 12:20 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Google</p><p>2014-12-29 10:25 - 2014-02-23 12:56 - 00000000 ____D () C:\Users\Jeff</p><p>2014-12-29 10:25 - 2013-08-22 07:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy</p><p>2014-12-29 10:25 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy</p><p>2014-12-29 09:18 - 2014-02-23 13:06 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D4A74657-D0D1-4B84-A9B3-3252CA9AD32A}</p><p>2014-12-29 09:15 - 2014-02-23 13:09 - 00000000 ____D () C:\ProgramData\Origin</p><p>2014-12-28 10:25 - 2013-08-22 06:44 - 00479064 _____ () C:\Windows\system32\FNTCACHE.DAT</p><p>2014-12-28 10:24 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\BBI</p><p>2014-12-28 09:56 - 2014-05-22 07:55 - 00000000 ___RD () C:\Users\Jeff\Google Drive</p><p>2014-12-28 09:45 - 2014-04-21 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition</p><p>2014-12-28 09:45 - 2014-04-21 17:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office</p><p>2014-12-28 09:44 - 2013-08-22 11:11 - 00000000 ____D () C:\Windows\ShellNew</p><p>2014-12-28 09:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared</p><p>2014-12-28 05:54 - 2013-08-22 00:21 - 00256251 ____N () C:\Windows\Minidump\122814-16453-01.dmp</p><p>2014-12-27 18:26 - 2014-02-23 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation</p><p>2014-12-26 17:27 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness</p><p>2014-12-20 21:02 - 2014-03-29 15:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild</p><p>2014-12-20 21:02 - 2013-08-22 05:25 - 00000076 _____ () C:\Windows\win.ini</p><p>2014-12-20 20:57 - 2014-02-23 13:06 - 00000000 ____D () C:\Program Files (x86)\Steam</p><p>2014-12-17 10:42 - 2014-03-15 14:51 - 00955392 ___SH () C:\Users\Jeff\Desktop\Thumbs.db</p><p>2014-12-14 23:20 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache</p><p>2014-12-14 10:15 - 2014-08-07 08:48 - 00000000 ____D () C:\Program Files\DIFX</p><p>2014-12-14 10:09 - 2014-07-10 09:14 - 00000000 ___SD () C:\Windows\system32\CompatTel</p><p>2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS</p><p>2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS</p><p>2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\PolicyDefinitions</p><p>2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppCompat</p><p>2014-12-13 02:08 - 2014-11-10 09:22 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll</p><p>2014-12-13 02:08 - 2014-11-10 09:22 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll</p><p>2014-12-13 02:08 - 2014-02-23 22:38 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll</p><p>2014-12-13 02:08 - 2014-02-23 22:38 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll</p><p>2014-12-13 02:08 - 2014-02-23 13:04 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll</p><p>2014-12-13 02:08 - 2014-02-23 13:04 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll</p><p>2014-12-13 02:08 - 2013-10-27 09:12 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll</p><p>2014-12-13 02:08 - 2013-10-27 09:12 - 00027983 _____ () C:\Windows\system32\nvinfo.pb</p><p>2014-12-13 00:03 - 2014-02-23 13:04 - 06859408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll</p><p>2014-12-13 00:03 - 2014-02-23 13:04 - 03513488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll</p><p>2014-12-13 00:03 - 2014-02-23 13:04 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll</p><p>2014-12-13 00:03 - 2014-02-23 13:04 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe</p><p>2014-12-13 00:03 - 2014-02-23 13:04 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll</p><p>2014-12-13 00:03 - 2014-02-23 13:04 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll</p><p>2014-12-12 16:12 - 2014-09-20 10:00 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll</p><p>2014-12-12 16:12 - 2014-09-20 10:00 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll</p><p>2014-12-12 16:12 - 2014-02-23 22:39 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll</p><p>2014-12-12 16:12 - 2014-02-23 22:39 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll</p><p>2014-12-12 15:11 - 2014-02-23 13:04 - 04151176 _____ () C:\Windows\system32\nvcoproc.bin</p><p>2014-12-10 10:46 - 2014-04-10 17:48 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\VERIZON</p><p>2014-12-10 10:38 - 2014-09-13 12:20 - 00000000 ____D () C:\ProgramData\ASGVIS</p><p>2014-12-10 10:06 - 2014-02-25 13:11 - 00000000 ____D () C:\Windows\system32\MRT</p><p>2014-12-10 10:04 - 2014-02-25 13:11 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2014-12-09 14:21 - 2014-11-18 10:16 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys</p><p>2014-12-09 10:08 - 2014-08-13 21:28 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater</p><p>2014-12-04 11:59 - 2014-11-18 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2014-12-04 11:59 - 2014-11-18 11:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-11-29 02:01 - 2014-06-23 13:11 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Plex Media Server</p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2014-12-29 11:11</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="jtutmark, post: 323809, member: 32526"] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014 Ran by Jeff (administrator) on JEFFSRIG on 29-12-2014 11:32:52 Running from C:\Users\Jeff\Downloads Loaded Profile: Jeff (Available profiles: Jeff) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\System32\PnkBstrA.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Program Files\Plantronics\GameCom780\GameCom780.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe () C:\Program Files (x86) (x86)\Dell Photo AIO Printer 966\memcard.exe (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [776480 2013-05-09] () HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.) HKLM-x32\...\Run: [dlcqmon.exe] => C:\Program Files (x86) (x86)\Dell Photo AIO Printer 966\dlcqmon.exe [292080 2007-06-29] () HKLM-x32\...\Run: [MemoryCardManager] => C:\Program Files (x86) (x86)\Dell Photo AIO Printer 966\memcard.exe [304368 2007-06-29] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-12-27] (Electronic Arts) HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [GoogleChromeAutoLaunch_1D9E4397701B26121F48AD4BA9175EBF] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-21] (Google Inc.) HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google) HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation) HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5105288 2014-10-15] (Plex, Inc.) HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd) HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {269b2a65-6122-11e4-8271-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {d67c0475-bee6-11e3-825b-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {dc6c749e-f958-11e3-8264-001fbc087dcd} - "H:\VerizonSWUpgradeAssistantLauncher.exe" HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {e09ab3a8-471a-11e4-826f-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\MountPoints2: {fd749ce4-11b8-11e4-8266-001fbc087dcd} - "H:\VZW_Software_upgrade_assistant.exe" CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]www.google.com[/url] HKU\S-1-5-21-1516866678-2134814311-3096657-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [url]http://www.msn.com/?ocid=iehp[/url] SearchScopes: HKLM-x32 -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-1516866678-2134814311-3096657-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [url]http://www.google.com/search?q={searchTerms}[/url] BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default CHR HKU\S-1-5-21-1516866678-2134814311-3096657-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jeff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-12-10] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-08-16] () [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation) R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-27] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-22] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-11] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2011-01-19] (Devguru Co., Ltd) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-29] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 PlantronicsGC; C:\Windows\system32\drivers\PLTGC.sys [1327104 2013-04-12] (C-Media Electronics Inc) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-04] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation) R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-29 11:32 - 2014-12-29 11:32 - 00000000 ____D () C:\Users\Jeff\Downloads\FRST-OlderVersion 2014-12-29 10:28 - 2014-12-29 10:28 - 00007334 _____ () C:\Users\Jeff\Desktop\zoek-results.txt 2014-12-29 10:27 - 2014-12-29 10:08 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-12-29 10:09 - 2014-12-29 10:28 - 00007334 _____ () C:\zoek-results.log 2014-12-29 10:08 - 2014-12-29 10:25 - 00000000 ____D () C:\zoek_backup 2014-12-29 09:50 - 2014-12-29 11:32 - 00000000 ____D () C:\FRST 2014-12-28 10:36 - 2014-12-28 10:36 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-12-28 10:36 - 2014-12-28 10:36 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-12-28 09:45 - 2014-12-28 09:45 - 00000000 ____D () C:\Windows\PCHEALTH 2014-12-28 09:45 - 2014-12-28 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-12-28 09:45 - 2014-12-28 09:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services 2014-12-28 09:44 - 2014-12-28 09:44 - 00000000 __RHD () C:\MSOCache 2014-12-28 09:44 - 2014-12-28 09:44 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-12-28 09:44 - 2014-12-28 09:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2014-12-28 05:55 - 2014-12-28 05:55 - 00000000 ____D () C:\Windows\Minidump 2014-12-28 05:54 - 2014-12-29 10:28 - 00001852 _____ () C:\Windows\PFRO.log 2014-12-27 18:26 - 2014-12-27 18:26 - 00002145 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2014-12-27 18:25 - 2014-12-12 16:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-12-27 18:24 - 2014-12-27 18:25 - 00000000 ____D () C:\Windows\LastGood.Tmp 2014-12-27 18:24 - 2014-12-13 02:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-12-27 18:24 - 2014-12-13 02:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00834880 _____ () C:\Windows\system32\nvmcumd.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-12-27 18:24 - 2014-12-13 02:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-12-27 18:24 - 2014-10-09 09:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2014-12-27 18:24 - 2014-10-09 09:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2014-12-27 18:24 - 2014-10-08 23:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll 2014-12-25 12:38 - 2014-12-25 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppName 2014-12-25 12:37 - 2014-12-25 12:37 - 00000218 _____ () C:\Users\Jeff\AppData\Local\recently-used.xbel 2014-12-24 08:06 - 2014-12-24 08:06 - 00004312 _____ () C:\Windows\DPINST.LOG 2014-12-24 08:05 - 2014-12-27 18:25 - 00003936 _____ () C:\Windows\setupact.log 2014-12-24 08:05 - 2014-12-24 08:05 - 00000000 _____ () C:\Windows\setuperr.log 2014-12-20 20:58 - 2014-12-29 11:31 - 01783487 _____ () C:\Windows\WindowsUpdate.log 2014-12-18 19:22 - 2014-12-18 19:22 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll 2014-12-17 11:24 - 2014-12-17 11:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET 2014-12-16 11:28 - 2014-11-22 02:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-12-16 11:28 - 2014-11-22 02:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-12-14 10:16 - 2014-12-14 10:16 - 00000000 ____D () C:\Users\Public\Documents\LeapFrog 2014-12-14 10:15 - 2014-12-14 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapFrog Connect 2014-12-14 10:15 - 2014-12-14 10:15 - 00000000 ____D () C:\ProgramData\Leapfrog 2014-12-14 10:15 - 2014-12-14 10:15 - 00000000 ____D () C:\Program Files (x86)\LeapFrog 2014-12-14 10:13 - 2014-10-30 14:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2014-12-14 10:13 - 2014-10-30 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-12-14 10:09 - 2014-12-14 10:09 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-09 22:41 - 2014-12-03 15:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-09 22:41 - 2014-12-03 15:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-09 22:41 - 2014-12-02 15:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-09 22:41 - 2014-12-02 15:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-09 22:41 - 2014-12-02 15:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-09 22:41 - 2014-12-02 15:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-09 22:41 - 2014-12-02 15:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-09 22:41 - 2014-11-09 18:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll 2014-12-09 22:41 - 2014-11-09 17:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll 2014-12-09 22:41 - 2014-11-06 20:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-09 22:41 - 2014-11-06 19:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-09 22:41 - 2014-10-31 15:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2014-12-09 22:41 - 2014-10-31 15:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2014-12-09 22:41 - 2014-10-12 18:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2014-12-09 22:41 - 2014-10-12 18:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2014-12-09 22:41 - 2014-10-12 18:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2014-12-09 22:41 - 2014-10-12 18:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys 2014-12-09 22:40 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-09 22:40 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-09 22:40 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-09 22:40 - 2014-11-21 18:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-12-09 22:40 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-09 22:40 - 2014-11-21 18:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-12-09 22:40 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-09 22:40 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-09 22:40 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-09 22:40 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-09 22:40 - 2014-11-21 18:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-12-09 22:40 - 2014-11-21 18:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-12-09 22:40 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-09 22:40 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-09 22:40 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-09 22:40 - 2014-11-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-12-09 22:40 - 2014-11-21 17:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-12-09 22:40 - 2014-11-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-12-09 22:40 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-09 22:40 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-09 22:40 - 2014-11-21 17:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-09 22:40 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-09 22:40 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-09 22:40 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-09 22:40 - 2014-11-21 17:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-12-09 22:40 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-09 22:40 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-09 22:40 - 2014-11-21 17:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2014-12-09 22:40 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-09 22:40 - 2014-11-21 17:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-12-09 22:40 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-09 22:40 - 2014-11-21 17:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-09 22:40 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-09 22:40 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-09 22:40 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-09 22:40 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-09 22:40 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-09 22:40 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-09 22:40 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-09 22:40 - 2014-10-30 15:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-12-09 22:40 - 2014-10-30 15:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-12-02 07:55 - 2014-12-02 07:55 - 00000000 ____D () C:\Users\Jeff\Documents\Rockstar Games 2014-12-02 07:46 - 2014-12-02 07:46 - 00000000 __SHD () C:\ProgramData\SecuROM 2014-12-02 07:46 - 2014-12-02 07:46 - 00000000 ____D () C:\Users\Jeff\Documents\Games for Windows - LIVE Demos 2014-12-02 07:45 - 2014-12-02 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-12-02 07:31 - 2014-12-02 07:47 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Rockstar Games 2014-12-02 07:31 - 2014-12-02 07:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2014-12-02 07:31 - 2014-12-02 07:31 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2014-12-02 07:31 - 2014-12-02 07:31 - 00000000 __RHD () C:\Users\Jeff\AppData\Roaming\SecuROM 2014-12-02 07:31 - 2014-12-02 07:31 - 00000000 ____D () C:\Windows\SysWOW64\xlive 2014-12-01 08:15 - 2014-12-29 11:32 - 00014897 _____ () C:\Users\Jeff\Downloads\FRST.txt 2014-12-01 08:15 - 2014-12-01 08:16 - 00029566 _____ () C:\Users\Jeff\Downloads\Addition.txt 2014-12-01 08:14 - 2014-12-29 11:32 - 02123264 _____ (Farbar) C:\Users\Jeff\Downloads\FRST64.exe 2014-12-01 08:14 - 2014-12-01 08:14 - 00000000 __SHD () C:\Users\Jeff\AppData\Local\EmieBrowserModeList ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-29 11:20 - 2014-04-21 17:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-29 11:11 - 2014-02-23 13:03 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1516866678-2134814311-3096657-1001 2014-12-29 11:08 - 2014-08-13 21:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-29 11:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru 2014-12-29 10:47 - 2014-03-13 12:20 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-29 10:33 - 2014-02-23 13:04 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-29 10:28 - 2014-11-18 11:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-12-29 10:28 - 2014-10-31 09:14 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-12-29 10:28 - 2014-03-13 12:20 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-29 10:28 - 2014-02-23 13:08 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-12-29 10:28 - 2014-02-23 13:05 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-12-29 10:28 - 2014-02-23 12:59 - 00000000 ___DO () C:\Users\Jeff\SkyDrive 2014-12-29 10:28 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-12-29 10:28 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Comodo 2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google 2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo 2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-12-29 10:25 - 2014-10-31 09:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-12-29 10:25 - 2014-03-13 12:20 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Google 2014-12-29 10:25 - 2014-02-23 12:56 - 00000000 ____D () C:\Users\Jeff 2014-12-29 10:25 - 2013-08-22 07:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-12-29 10:25 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-12-29 09:18 - 2014-02-23 13:06 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D4A74657-D0D1-4B84-A9B3-3252CA9AD32A} 2014-12-29 09:15 - 2014-02-23 13:09 - 00000000 ____D () C:\ProgramData\Origin 2014-12-28 10:25 - 2013-08-22 06:44 - 00479064 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-28 10:24 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-12-28 09:56 - 2014-05-22 07:55 - 00000000 ___RD () C:\Users\Jeff\Google Drive 2014-12-28 09:45 - 2014-04-21 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-12-28 09:45 - 2014-04-21 17:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-12-28 09:44 - 2013-08-22 11:11 - 00000000 ____D () C:\Windows\ShellNew 2014-12-28 09:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-12-28 05:54 - 2013-08-22 00:21 - 00256251 ____N () C:\Windows\Minidump\122814-16453-01.dmp 2014-12-27 18:26 - 2014-02-23 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-12-26 17:27 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-12-20 21:02 - 2014-03-29 15:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-12-20 21:02 - 2013-08-22 05:25 - 00000076 _____ () C:\Windows\win.ini 2014-12-20 20:57 - 2014-02-23 13:06 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-12-17 10:42 - 2014-03-15 14:51 - 00955392 ___SH () C:\Users\Jeff\Desktop\Thumbs.db 2014-12-14 23:20 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache 2014-12-14 10:15 - 2014-08-07 08:48 - 00000000 ____D () C:\Program Files\DIFX 2014-12-14 10:09 - 2014-07-10 09:14 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS 2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS 2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-14 10:09 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppCompat 2014-12-13 02:08 - 2014-11-10 09:22 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-12-13 02:08 - 2014-11-10 09:22 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-12-13 02:08 - 2014-02-23 22:38 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-12-13 02:08 - 2014-02-23 22:38 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-12-13 02:08 - 2014-02-23 13:04 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-12-13 02:08 - 2014-02-23 13:04 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-12-13 02:08 - 2013-10-27 09:12 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-12-13 02:08 - 2013-10-27 09:12 - 00027983 _____ () C:\Windows\system32\nvinfo.pb 2014-12-13 00:03 - 2014-02-23 13:04 - 06859408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-12-13 00:03 - 2014-02-23 13:04 - 03513488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-12-13 00:03 - 2014-02-23 13:04 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-12-13 00:03 - 2014-02-23 13:04 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-12-13 00:03 - 2014-02-23 13:04 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-12-13 00:03 - 2014-02-23 13:04 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-12-12 16:12 - 2014-09-20 10:00 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2014-12-12 16:12 - 2014-09-20 10:00 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-12-12 16:12 - 2014-02-23 22:39 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-12-12 16:12 - 2014-02-23 22:39 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-12-12 15:11 - 2014-02-23 13:04 - 04151176 _____ () C:\Windows\system32\nvcoproc.bin 2014-12-10 10:46 - 2014-04-10 17:48 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\VERIZON 2014-12-10 10:38 - 2014-09-13 12:20 - 00000000 ____D () C:\ProgramData\ASGVIS 2014-12-10 10:06 - 2014-02-25 13:11 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-10 10:04 - 2014-02-25 13:11 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-09 14:21 - 2014-11-18 10:16 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys 2014-12-09 10:08 - 2014-08-13 21:28 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-04 11:59 - 2014-11-18 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-12-04 11:59 - 2014-11-18 11:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-29 02:01 - 2014-06-23 13:11 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Plex Media Server ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-29 11:11 ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top