Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Process k.exe and random popup in windows

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Process k.exe and random popup in windows

Unread postby Nebu » April 21st, 2015, 7:24 pm

Greetings,
I've been facing a problem since 1-2 weeks ago, which is a random popup appearing in my desktop from time to time. It is associated with a process that appears in task manager as k.exe. When i close it, after few hours, it appears again. I have no idea how i got it but would love some help to get rid of it. Thanks in advance.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Ricardo (administrator) on GAME-PC on 22-04-2015 00:11:43
Running from C:\Users\Ricardo\Desktop
Loaded Profiles: Ricardo (Available profiles: Ricardo)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Windows\System\3DG4me.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2606280 2015-03-08] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\Run: [3DG4me] => C:\WINDOWS\System\3DG4me.exe [158016 2014-01-13] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\...\Run: [Spotify Web Helper] => C:\Users\Ricardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-11-26] (Spotify Ltd)
HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Ricardo\Desktop\dds.scr
Startup: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.vbs [2015-04-05] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?pc=BDT1&ocid=BDT1DHP
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ricardo\AppData\Roaming\Mozilla\Firefox\Profiles\f4wonli5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-11-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations) [File not signed]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-11-26] (BitRaider, LLC)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2011-01-12] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152328 2015-03-08] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878856 2015-03-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22916936 2015-03-08] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-03] (Electronic Arts)
S2 PinnacleUpdateSvc; d:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2015-01-13] ()
R2 TeamViewer; d:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2014-02-04] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [125296 2010-12-21] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2014-02-04] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 nvoclk64; C:\Windows\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-03-08] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 USBADVAU; C:\Windows\system32\drivers\cm11264.sys [4135936 2013-11-01] (C-Media Electronics Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 00:11 - 2015-04-22 00:11 - 02099712 _____ (Farbar) C:\Users\Ricardo\Desktop\FRST64.exe
2015-04-22 00:11 - 2015-04-22 00:11 - 00015657 _____ () C:\Users\Ricardo\Desktop\FRST.txt
2015-04-22 00:11 - 2015-04-22 00:11 - 00000000 ____D () C:\FRST
2015-04-21 21:30 - 2015-04-21 21:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 19:32 - 2015-04-18 19:32 - 00000302 _____ () C:\WINDOWS\PFRO.log
2015-04-18 18:54 - 2015-04-18 18:54 - 00000173 _____ () C:\Users\Ricardo\AppData\Roaming\GAME-PC - 543.txt
2015-04-18 11:10 - 2015-04-21 20:33 - 00002320 _____ () C:\WINDOWS\setupact.log
2015-04-18 11:10 - 2015-04-18 11:10 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-17 23:42 - 2015-04-21 23:37 - 00436693 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-15 00:10 - 2015-04-15 00:10 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-14 21:41 - 2015-04-08 21:32 - 00560968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-04-14 21:40 - 2015-04-09 01:58 - 31570064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 30397072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 25375048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 24053576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 15818528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 15716232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 14006752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 12852784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 11380728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 10423952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-04-14 21:40 - 2015-04-09 01:58 - 02896528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 02573456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 01895568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435012.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435012.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 01086424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 01047368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 01037640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00970568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00962192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00927440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00849552 _____ () C:\WINDOWS\system32\nvmcumd.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00499344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00402576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00346256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00100680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2015-04-14 21:40 - 2015-04-09 01:58 - 00039056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2015-04-14 20:24 - 2015-04-14 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Care Suite
2015-04-14 18:25 - 2015-03-23 22:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-14 18:25 - 2015-03-23 22:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-14 18:25 - 2015-03-23 22:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-14 18:25 - 2015-03-23 22:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-14 18:25 - 2015-03-23 22:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-14 18:25 - 2015-03-20 05:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-14 18:25 - 2015-03-20 05:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-14 18:25 - 2015-03-20 05:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-14 18:25 - 2015-03-20 04:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-14 18:25 - 2015-03-20 03:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-14 18:25 - 2015-03-20 03:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-14 18:25 - 2015-03-20 03:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-14 18:25 - 2015-03-14 09:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-14 18:25 - 2015-03-14 09:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-14 18:25 - 2015-03-13 05:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-14 18:25 - 2015-03-13 03:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-14 18:25 - 2015-03-13 03:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-14 18:25 - 2015-02-21 00:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-14 18:24 - 2015-03-22 23:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-14 18:24 - 2015-03-22 23:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-14 18:24 - 2015-03-22 23:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-14 18:24 - 2015-03-22 23:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-14 18:24 - 2015-03-22 23:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-14 18:24 - 2015-03-22 23:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-14 18:24 - 2015-03-22 23:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-14 18:24 - 2015-03-14 09:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 18:24 - 2015-03-14 02:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 18:24 - 2015-03-14 02:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 18:24 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 18:24 - 2015-03-14 02:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 18:24 - 2015-03-14 02:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 18:24 - 2015-03-14 01:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 18:24 - 2015-03-14 01:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 18:24 - 2015-03-14 01:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 18:24 - 2015-03-14 01:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 18:24 - 2015-03-14 01:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 18:24 - 2015-03-14 01:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 18:24 - 2015-03-14 01:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 18:24 - 2015-03-14 01:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 18:24 - 2015-03-14 01:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 18:24 - 2015-03-14 01:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 18:24 - 2015-03-14 00:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 18:24 - 2015-03-14 00:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 18:24 - 2015-03-13 05:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-14 18:24 - 2015-03-13 05:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-14 18:24 - 2015-03-13 04:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-14 18:24 - 2015-03-13 04:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-14 18:24 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-14 18:24 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-14 18:24 - 2015-03-13 04:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-14 18:24 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-14 18:24 - 2015-03-13 04:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-14 18:24 - 2015-03-13 04:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-14 18:24 - 2015-03-13 04:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-14 18:24 - 2015-03-13 04:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-14 18:24 - 2015-03-13 04:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-14 18:24 - 2015-03-13 03:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-14 18:24 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-14 18:24 - 2015-03-13 03:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-14 18:24 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-14 18:24 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-14 18:24 - 2015-03-13 03:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-14 18:24 - 2015-03-13 03:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-14 18:24 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-14 18:24 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-14 18:24 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-14 18:24 - 2015-03-04 11:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-14 18:24 - 2015-03-04 04:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-14 18:24 - 2015-03-04 03:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-14 18:24 - 2015-02-24 09:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-14 18:24 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-04-11 22:18 - 2015-04-11 22:18 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Criterion Games
2015-04-05 23:52 - 2015-04-05 23:52 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-05 23:52 - 2015-04-05 23:52 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-05 14:35 - 2015-04-05 14:35 - 00000000 ____D () C:\Users\Ricardo\.tikione
2015-04-05 14:11 - 2015-04-05 14:11 - 05346704 _____ (Piriform Ltd) C:\Users\Ricardo\AppData\Roaming\ccsetup504pro.exe
2015-04-05 14:11 - 2015-04-05 14:11 - 00560798 _____ () C:\Users\Ricardo\AppData\Roaming\system.vbs
2015-03-30 22:00 - 2015-03-30 22:00 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-03-30 21:53 - 2015-04-03 11:53 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-03-30 21:53 - 2012-01-26 10:25 - 00081664 _____ () C:\WINDOWS\SysWOW64\CNC1763D.TBL
2015-03-30 21:53 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2015-03-30 21:52 - 2015-03-30 21:52 - 00000000 ____D () C:\WINDOWS\system32\STRING
2015-03-30 21:52 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2015-03-30 21:52 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2015-03-30 21:52 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2015-03-25 18:59 - 2015-03-25 18:59 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Macromedia
2015-03-25 18:51 - 2015-03-25 18:51 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Mozilla
2015-03-25 18:51 - 2015-03-25 18:51 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Mozilla
2015-03-25 18:50 - 2015-04-22 00:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-25 18:50 - 2015-03-25 18:50 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-25 18:50 - 2015-03-25 18:50 - 00000000 ____D () C:\ProgramData\Mozilla

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 00:02 - 2013-10-17 23:22 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Skype
2015-04-22 00:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-21 23:45 - 2014-01-04 23:19 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-21 20:36 - 2014-09-11 00:27 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{766C22A7-5361-499F-8A58-1157D87E8A3E}
2015-04-21 01:37 - 2013-09-30 05:04 - 00876144 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-21 01:31 - 2015-01-01 16:28 - 00119296 _____ () C:\WINDOWS\SysWOW64\zlib.dll
2015-04-21 01:31 - 2013-10-18 05:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-21 01:31 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-21 01:31 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-20 22:43 - 2013-10-18 05:23 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4283003898-1242420336-2286038146-1001
2015-04-17 22:42 - 2013-11-23 23:28 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\uTorrent
2015-04-17 20:46 - 2015-02-01 17:02 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 20:45 - 2015-02-01 17:03 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 20:45 - 2015-02-01 17:02 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-17 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-17 18:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-16 23:23 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 20:43 - 2013-10-17 23:22 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 00:10 - 2014-12-09 20:27 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 21:41 - 2013-10-18 05:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-14 21:41 - 2013-10-17 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-14 20:24 - 2013-12-17 00:59 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-14 18:53 - 2013-11-17 15:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-14 18:52 - 2013-11-17 15:18 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-14 18:45 - 2014-01-04 23:19 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 00:24 - 2014-12-09 20:29 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 00:24 - 2014-12-09 20:29 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 13:53 - 2013-12-13 12:55 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Battle.net
2015-04-12 13:31 - 2013-12-26 23:55 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\vlc
2015-04-11 17:17 - 2013-10-18 05:14 - 00000000 ____D () C:\Users\Ricardo
2015-04-09 01:58 - 2015-03-19 01:42 - 14617288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-04-09 01:58 - 2015-03-19 01:42 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2015-04-09 01:58 - 2015-02-10 23:26 - 02935416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-04-09 01:58 - 2015-02-01 17:23 - 00078480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-04-09 01:58 - 2015-02-01 17:23 - 00066704 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-04-09 01:58 - 2015-02-01 17:17 - 17176128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-04-09 01:58 - 2015-02-01 17:17 - 12689592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-04-09 01:58 - 2015-02-01 17:17 - 03317344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-04-09 01:58 - 2015-02-01 17:17 - 00029329 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-04-08 22:30 - 2015-02-01 17:23 - 06841488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-04-08 22:30 - 2015-02-01 17:23 - 03478344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-04-08 22:30 - 2015-02-01 17:23 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-04-08 22:30 - 2015-02-01 17:23 - 00936264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-04-08 22:30 - 2015-02-01 17:23 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-04-08 22:30 - 2015-02-01 17:23 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-04-08 18:52 - 2015-02-01 17:23 - 04336074 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-04-05 14:40 - 2013-12-13 12:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-03-30 21:53 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-29 17:33 - 2015-02-14 00:09 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-29 12:28 - 2013-10-17 22:17 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Adobe
2015-03-26 22:52 - 2013-12-13 12:55 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-26 22:15 - 2013-11-17 18:37 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\InfiniteCrisis
2015-03-25 18:55 - 2013-12-02 22:00 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Google
2015-03-25 18:55 - 2013-12-02 22:00 - 00000000 ____D () C:\Program Files (x86)\Google

==================== Files in the root of some directories =======

2015-04-05 14:11 - 2015-04-05 14:11 - 5346704 _____ (Piriform Ltd) C:\Users\Ricardo\AppData\Roaming\ccsetup504pro.exe
2015-04-18 18:54 - 2015-04-18 18:54 - 0000173 _____ () C:\Users\Ricardo\AppData\Roaming\GAME-PC - 543.txt
2015-04-05 14:11 - 2015-04-05 14:11 - 0560798 _____ () C:\Users\Ricardo\AppData\Roaming\system.vbs
2014-06-14 01:26 - 2014-06-20 22:25 - 0007597 _____ () C:\Users\Ricardo\AppData\Local\Resmon.ResmonCfg
2014-01-05 01:46 - 2014-01-05 01:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Ricardo\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Ricardo\AppData\Local\Temp\k.exe
C:\Users\Ricardo\AppData\Local\Temp\q.exe
C:\Users\Ricardo\AppData\Local\Temp\stady.exe
C:\Users\Ricardo\AppData\Local\Temp\upda.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-16 23:23

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by Ricardo at 2015-04-22 00:11:59
Running from C:\Users\Ricardo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version: - Beamdog)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft Montréal)
Crysis (HKLM-x32\...\Steam App 17300) (Version: - Crytek)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Devil May Cry 3: Special Edition (HKLM-x32\...\Steam App 6550) (Version: - CAPCOM Co., Ltd.)
Doc's Unofficial Far Cry Patch 1.41 (HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\...\Doc's Unofficial Far Cry Patch 1.41) (Version: - )
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version: - Gas Powered Games)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
ESET NOD32 Antivirus (HKLM\...\{50E9E32F-063A-412A-9627-553D5DA57C17}) (Version: 4.2.71.2 - ESET, spol. s r.o.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Expeditions: Conquistador (HKLM-x32\...\Steam App 237430) (Version: - Logic Artists)
Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
Fallout Fixt alpha 6.7.2 - Full Custom (HKLM-x32\...\{83D6B5DC-9C8C-4DE2-B66C-14FA5C8680B5}_is1) (Version: alpha 6.7.2 - Full Custom - Sduibek)
Far Cry (HKLM-x32\...\Steam App 13520) (Version: - Crytek Studios)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
Full Mojo Rampage (HKLM-x32\...\Steam App 225280) (Version: - Over the Top Games)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hard Reset (HKLM-x32\...\Steam App 98400) (Version: - Flying Wild Hog)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Jade Empire: Special Edition (HKLM-x32\...\Steam App 7110) (Version: - BioWare Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Karmaflow: The Rock Opera Videogame (HKLM-x32\...\Steam App 317940) (Version: - Basecamp Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version: - Almost Human Games)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version: - Traveller's Tales)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.5 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.0.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.0.9 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.1.3 - PowerUp Software)
Prince of Persia: The Sands of Time (HKLM-x32\...\Steam App 13600) (Version: - Kudosoft)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - The Indie Stone)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RAW - Realms of Ancient War (HKLM-x32\...\Steam App 209730) (Version: - Wizarbox)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version: - Volition)
Sang-Froid - Tales of Werewolves (HKLM-x32\...\Steam App 227220) (Version: - Artifice Studio)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
Sennheiser 3D G4ME1 (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB6}) (Version: 1.00.0002 - )
Septerra Core (HKLM-x32\...\Steam App 253940) (Version: - )
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 4.0.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version: - City Interactive)
Spellforce: Platinum Edition (HKLM-x32\...\Steam App 39540) (Version: - Phenomic)
Spotify (HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows Phone Recovery Tool 1.1.0 (HKLM-x32\...\{a8b207a1-a05f-462d-a981-403c43525256}) (Version: 1.1.0 - Microsoft)
WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
X3: Terran Conflict (HKLM-x32\...\Steam App 2820) (Version: - Egosoft)
X-Blades (HKLM-x32\...\Steam App 7510) (Version: - Topware Interactive)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2943558D-6772-412D-81C0-D34EB19D30E7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5D42051E-CED7-4468-AD78-36920DE7D0B6} - System32\Tasks\{B4782A9D-C50E-4943-AF05-19C187D16E9E} => Iexplore.exe http://ui.skype.com/ui/0/6.22.0.107/en/ ... age=tsMain
Task: {6EFEE9C2-2655-49AD-B974-4A0CD27B9107} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {861E3A60-9696-47D3-A0D2-E3E491A64793} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {895CAB33-636A-4A6C-871E-4295A6BE7A14} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {8B9A2CC4-898B-4BC2-8C03-1392A0A8B3B2} - System32\Tasks\{D531208B-8512-4B7B-9FC7-A57AFF3EF533} => Iexplore.exe http://ui.skype.com/ui/0/6.9.0.106/en/a ... =tsInstall
Task: {8CD4A733-3779-412D-AE0E-762AE509318B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-14] (Microsoft Corporation)
Task: {93F3516C-D69A-47C2-9706-42697D875D01} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {9EA11636-2BAF-410F-A272-F6C4B49FFDB1} - System32\Tasks\MSIAfterburner => D:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {B3C6BE1A-AA77-4E77-92E3-813DCBD523F9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {D1B4E6AF-944C-4FC3-8981-8898DD9EFC78} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {D59DAC33-3B63-4F7E-B2B9-87548EE511D3} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-21 12:26 - 2013-10-23 16:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 22:11 - 2015-01-13 23:31 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-01-05 01:41 - 2013-09-17 19:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-02-01 17:23 - 2015-04-08 22:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-25 23:47 - 2014-11-25 23:47 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-02-19 23:17 - 2014-01-13 15:35 - 00158016 ____N () C:\Windows\System\3DG4me.exe
2015-02-02 21:50 - 2015-02-02 21:50 - 00090624 _____ () C:\Users\Ricardo\AppData\Local\Packages\36114Feras.ReddHub_f4gsjrqj9hqv6\AC\Microsoft\CLR_v4.0\NativeImages\ReddHubBack507f6cee#\814e4735e1af4f52cf811a4874a52f60\ReddHubBackgroundTask.ni.dll
2015-02-01 20:19 - 2015-02-01 20:19 - 01782272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\f1407bb1d381cf5dee299c4e5f0fdf9d\Windows.ApplicationModel.ni.dll
2015-02-02 21:50 - 2015-02-02 21:50 - 00691200 _____ () C:\Users\Ricardo\AppData\Local\Packages\36114Feras.ReddHub_f4gsjrqj9hqv6\AC\Microsoft\CLR_v4.0\NativeImages\SharedLibs\e94b121f41ec8d312fd905a6190d3bd4\SharedLibs.ni.dll
2015-02-01 20:19 - 2015-02-01 20:19 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\eea3e743a58cb4d556fe113d6336020b\Windows.Storage.ni.dll
2015-02-01 20:19 - 2015-02-01 20:19 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\b3972424579e18e6699549ecb948c4ef\Windows.Foundation.ni.dll
2015-02-02 21:50 - 2015-02-02 21:50 - 00110592 _____ () C:\Users\Ricardo\AppData\Local\Packages\36114Feras.ReddHub_f4gsjrqj9hqv6\AC\Microsoft\CLR_v4.0\NativeImages\WinRtUtility\78f369527524d11c80b3c646b640ddda\WinRtUtility.ni.dll
2015-02-02 21:50 - 2015-02-02 21:50 - 00573440 _____ () C:\Users\Ricardo\AppData\Local\Packages\36114Feras.ReddHub_f4gsjrqj9hqv6\AC\Microsoft\CLR_v4.0\NativeImages\Notificatioc5a47191#\ec4c3f08fe5e7264593913e1287cd697\NotificationsExtensions.ni.dll
2015-02-01 20:19 - 2015-02-01 20:19 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\e291aa8a59dc390d0cdf99d3c6d8b6e5\Windows.Data.ni.dll
2015-02-01 20:19 - 2015-02-01 20:19 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\5c9c0b89a558d0e589c254af6b1ca238\Windows.UI.ni.dll
2014-01-05 01:41 - 2015-04-21 01:32 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-01-05 01:41 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-01-05 01:34 - 2013-08-08 14:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-08 17:30 - 2015-03-08 13:40 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-01-05 01:41 - 2011-07-12 20:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-01-05 01:41 - 2010-10-05 09:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-01-05 01:41 - 2012-10-08 18:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-01-05 01:41 - 2013-04-15 15:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-01-05 01:41 - 2012-05-28 22:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-01-05 01:41 - 2011-09-19 21:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-01-05 01:41 - 2011-07-21 10:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-01-05 01:41 - 2012-08-29 19:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-01-05 01:41 - 2010-10-05 09:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-01-05 01:41 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-02-19 23:17 - 2014-01-13 15:35 - 00149824 ____N () C:\Windows\System\3DG4me.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Ricardo\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\Control Panel\Desktop\\Wallpaper -> e:\Users\Ricardo\SkyDrive\Pictures\Saved pictures\symple-hd-simple-492897.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4283003898-1242420336-2286038146-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Accounts: =============================

Administrator (S-1-5-21-4283003898-1242420336-2286038146-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4283003898-1242420336-2286038146-1007 - Limited - Enabled)
Guest (S-1-5-21-4283003898-1242420336-2286038146-501 - Limited - Disabled)
Ricardo (S-1-5-21-4283003898-1242420336-2286038146-1001 - Administrator - Enabled) => C:\Users\Ricardo

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2015 00:00:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 50c

Start Time: 01d07c8640c488f8

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 34ae5231-e87a-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App

Error: (04/21/2015 11:46:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: gta3.exe, version: 0.0.0.0, time stamp: 0x3d131204
Faulting module name: gta3.exe, version: 0.0.0.0, time stamp: 0x3d131204
Exception code: 0xc0000005
Fault offset: 0x001c078a
Faulting process id: 0x1748
Faulting application start time: 0xgta3.exe0
Faulting application path: gta3.exe1
Faulting module path: gta3.exe2
Report Id: gta3.exe3
Faulting package full name: gta3.exe4
Faulting package-relative application ID: gta3.exe5

Error: (04/21/2015 11:45:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 50c

Start Time: 01d07c84285375a4

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 1bd0318a-e878-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App

Error: (04/21/2015 11:30:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1250

Start Time: 01d07c820fe1d543

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 035ebfe2-e876-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App

Error: (04/21/2015 11:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: gta3.exe, version: 0.0.0.0, time stamp: 0x3d131204
Faulting module name: gta3.exe, version: 0.0.0.0, time stamp: 0x3d131204
Exception code: 0xc0000005
Fault offset: 0x001c078a
Faulting process id: 0x11e0
Faulting application start time: 0xgta3.exe0
Faulting application path: gta3.exe1
Faulting module path: gta3.exe2
Report Id: gta3.exe3
Faulting package full name: gta3.exe4
Faulting package-relative application ID: gta3.exe5

Error: (04/21/2015 11:15:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11f0

Start Time: 01d07c7ff770f6f7

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: eaed09cc-e873-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App

Error: (04/21/2015 10:51:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1780

Start Time: 01d07c7ca6281692

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 99a40072-e870-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App

Error: (04/21/2015 10:45:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2f8

Start Time: 01d07c7bc68e58ee

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: ba0a1f16-e86f-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App

Error: (04/21/2015 10:30:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14fc

Start Time: 01d07c79ae1d4eda

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: a1999317-e86d-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App

Error: (04/21/2015 10:15:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5d8

Start Time: 01d07c7795abc8ec

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 89283ad3-e86b-11e4-82b7-0026833832b7

Faulting package full name: 36114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6

Faulting package-relative application ID: App


System errors:
=============
Error: (04/21/2015 08:35:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/21/2015 01:31:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/21/2015 01:31:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/20/2015 00:13:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/18/2015 07:32:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/18/2015 07:32:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/18/2015 00:14:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/17/2015 00:40:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (04/16/2015 11:23:45 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/15/2015 09:01:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (04/22/2015 00:00:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741550c01d07c8640c488f84294967295C:\WINDOWS\system32\backgroundTaskHost.exe34ae5231-e87a-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App

Error: (04/21/2015 11:46:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta3.exe0.0.0.03d131204gta3.exe0.0.0.03d131204c0000005001c078a174801d07c826a37b640D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exeD:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe422aec06-e878-11e4-82b7-0026833832b7

Error: (04/21/2015 11:45:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741550c01d07c84285375a44294967295C:\WINDOWS\system32\backgroundTaskHost.exe1bd0318a-e878-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App

Error: (04/21/2015 11:30:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415125001d07c820fe1d5434294967295C:\WINDOWS\system32\backgroundTaskHost.exe035ebfe2-e876-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App

Error: (04/21/2015 11:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta3.exe0.0.0.03d131204gta3.exe0.0.0.03d131204c0000005001c078a11e001d07c7e9caf9a8bD:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exeD:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exea4459864-e875-11e4-82b7-0026833832b7

Error: (04/21/2015 11:15:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741511f001d07c7ff770f6f74294967295C:\WINDOWS\system32\backgroundTaskHost.exeeaed09cc-e873-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App

Error: (04/21/2015 10:51:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415178001d07c7ca62816924294967295C:\WINDOWS\system32\backgroundTaskHost.exe99a40072-e870-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App

Error: (04/21/2015 10:45:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.174152f801d07c7bc68e58ee4294967295C:\WINDOWS\system32\backgroundTaskHost.exeba0a1f16-e86f-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App

Error: (04/21/2015 10:30:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741514fc01d07c79ae1d4eda4294967295C:\WINDOWS\system32\backgroundTaskHost.exea1999317-e86d-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App

Error: (04/21/2015 10:15:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.174155d801d07c7795abc8ec4294967295C:\WINDOWS\system32\backgroundTaskHost.exe89283ad3-e86b-11e4-82b7-0026833832b736114Feras.ReddHub_5.13.0.0_neutral__f4gsjrqj9hqv6App


CodeIntegrity Errors:
===================================
Date: 2015-01-01 14:53:09.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2014-12-27 17:41:10.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2014-12-25 23:46:16.629
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2014-11-22 03:24:59.164
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-22 03:24:59.098
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-22 03:24:59.030
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-22 03:24:58.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-21 20:59:53.103
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-21 20:59:53.028
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-11-21 14:14:59.703
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 20%
Total physical RAM: 8159.14 MB
Available physical RAM: 6508.91 MB
Total Pagefile: 9439.14 MB
Available Pagefile: 7475.18 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:111.69 GB) (Free:62.41 GB) NTFS
Drive d: (Disk-1) (Fixed) (Total:465.76 GB) (Free:96.4 GB) NTFS
Drive e: (Disk-2) (Fixed) (Total:931.51 GB) (Free:824.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2D0AAE2A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C86FB504)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00AD3259)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Nebu
Active Member
 
Posts: 3
Joined: April 21st, 2015, 7:17 pm
Advertisement
Register to Remove

Re: Process k.exe and random popup in windows

Unread postby wannabeageek » April 24th, 2015, 10:40 pm

Looking at your logs, be back in a bit.
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Process k.exe and random popup in windows

Unread postby wannabeageek » April 25th, 2015, 12:16 am

Hi Nebu, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



P2P Advisory!
IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s)...indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Remove P2P Program(s)

  1. Right-click in the screen's bottom-left corner and choose the Control Panel from the pop-up menu.
  2. When the Control Panel appears, choose Uninstall a Program from the Programs category.
  3. Locate the following program:
    µTorrent
  4. Click on the Uninstall button to uninstall it.
  5. When Windows asks whether you're sure, click Yes.
    Carefully read any prompts...
    Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
    Repeat steps 2 and 3 for each program listed.
  6. When the program(s) have been uninstalled... Close Control Panel.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program
itself, may be safe but the files may not... use P2P at your own risk! Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

NOTE: Run each step and post the results separately.

Step 2.
Run CKScanner

  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe > select " Run as administrator " then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


Step 3.
MiniToolBox
Please download MiniToolBox.exe and save it to your Desktop.
  • Right click on MiniToolBox and select " Run as administrator " to run it.
  • Check the following in the list:
    • List IP Configuration.
    • List Installed Programs.
    • List Users, partitions, and memory size.
    • List Restore Points.
  • Click Go.
  • A file name Result.txt will be created in the same location where you downloaded MiniToolBox.exe
  • Please post the contents of the Result.txt in your next Reply.


Step 4.
TSG - SysInfo utility
  • Right mouse click on this link:SysInfo utility
  • Select from the pop up box:
    "Save link as..."
  • From the left panel of the pop up box, scroll up and select desktop.
  • Click the "Save" button.
From your desktop:
  • Right Mouse click SysInfo.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  • Right click, select copy and then paste in your next post.


What I need back from you:
Post each Step, separately.
  1. Contents of CKFiles.txt
  2. Contents of Mini Toolbox Result.txt
  3. Contents of SysInfo utility results
  4. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Process k.exe and random popup in windows

Unread postby Nebu » April 25th, 2015, 9:20 am

Hello wbg.
Thank you for helping me. +
I followed your instructions and had no problems during the process. Here are the logs:

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\ricardo\zomboid\lua\keys.ini
scanner sequence 3.NA.11.SVAPUZ
----- EOF -----

MiniToolBox by Farbar Version: 14-04-2015
Ran by Ricardo (administrator) on 25-04-2015 at 14:14:43
Running from "C:\Users\Ricardo\Desktop"
Microsoft Windows 8.1 Pro (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
========================= IP Configuration: ================================

Intel(R) 82579V Gigabit Network Connection = Ethernet (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.9 metric=1 publish=Yes
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : game-pc
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-26-83-38-32-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel(R) 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 54-04-A6-DA-53-91
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ac72:cd4b:a5f8:1c76%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, April 25, 2015 14:04:25
Lease Expires . . . . . . . . . . : Saturday, April 25, 2015 15:04:26
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 55837862
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-F2-6D-6E-54-04-A6-DA-53-91
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:2473:2d5d:3f57:fef6(Preferred)
Link-local IPv6 Address . . . . . : fe80::2473:2d5d:3f57:fef6%5(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 167772160
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-F2-6D-6E-54-04-A6-DA-53-91
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: zonhub.home
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4004:800::200e
212.113.185.34
212.113.185.54
212.113.185.45
212.113.185.35
212.113.185.50
212.113.185.20
212.113.185.55
212.113.185.40
212.113.185.24
212.113.185.44
212.113.185.29
212.113.185.25
212.113.185.39
212.113.185.49
212.113.185.30
212.113.185.59


Pinging google.com [212.113.185.55] with 32 bytes of data:
Reply from 212.113.185.55: bytes=32 time=7ms TTL=59
Reply from 212.113.185.55: bytes=32 time=7ms TTL=59

Ping statistics for 212.113.185.55:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 7ms, Average = 7ms
Server: zonhub.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=147ms TTL=47
Reply from 98.138.253.109: bytes=32 time=150ms TTL=47

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 147ms, Maximum = 150ms, Average = 148ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
7...00 26 83 38 32 b7 ......Bluetooth Device (Personal Area Network)
3...54 04 a6 da 53 91 ......Intel(R) 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
4...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.9 11
169.254.255.255 255.255.255.255 On-link 192.168.1.9 266
192.168.1.0 255.255.255.0 On-link 192.168.1.9 266
192.168.1.9 255.255.255.255 On-link 192.168.1.9 266
192.168.1.255 255.255.255.255 On-link 192.168.1.9 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.9 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.9 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.9 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
5 306 ::/0 On-link
1 306 ::1/128 On-link
5 306 2001::/32 On-link
5 306 2001:0:9d38:6abd:2473:2d5d:3f57:fef6/128
On-link
3 266 fe80::/64 On-link
5 306 fe80::/64 On-link
5 306 fe80::2473:2d5d:3f57:fef6/128
On-link
3 266 fe80::ac72:cd4b:a5f8:1c76/128
On-link
1 306 ff00::/8 On-link
3 266 ff00::/8 On-link
5 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None


=========================== Installed Programs ============================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version: - Beamdog)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft Montréal)
Crysis (HKLM-x32\...\Steam App 17300) (Version: - Crytek)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Devil May Cry 3: Special Edition (HKLM-x32\...\Steam App 6550) (Version: - CAPCOM Co., Ltd.)
Doc's Unofficial Far Cry Patch 1.41 (HKCU\...\Doc's Unofficial Far Cry Patch 1.41) (Version: - )
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version: - Gas Powered Games)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
ESET NOD32 Antivirus (HKLM\...\{50E9E32F-063A-412A-9627-553D5DA57C17}) (Version: 4.2.71.2 - ESET, spol. s r.o.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Expeditions: Conquistador (HKLM-x32\...\Steam App 237430) (Version: - Logic Artists)
Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
Fallout Fixt alpha 6.7.2 - Full Custom (HKLM-x32\...\{83D6B5DC-9C8C-4DE2-B66C-14FA5C8680B5}_is1) (Version: alpha 6.7.2 - Full Custom - Sduibek)
Far Cry (HKLM-x32\...\Steam App 13520) (Version: - Crytek Studios)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
Full Mojo Rampage (HKLM-x32\...\Steam App 225280) (Version: - Over the Top Games)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hard Reset (HKLM-x32\...\Steam App 98400) (Version: - Flying Wild Hog)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Jade Empire: Special Edition (HKLM-x32\...\Steam App 7110) (Version: - BioWare Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.45.14 - Oracle Corporation) Hidden
Karmaflow: The Rock Opera Videogame (HKLM-x32\...\Steam App 317940) (Version: - Basecamp Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version: - Almost Human Games)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version: - Traveller's Tales)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.5 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Control Panel 350.12 (Version: 350.12 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.0.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.0.9 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.175.1449 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Miracast Virtual Audio 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Network Service (Version: 2.3 - NVIDIA Corporation) Hidden
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
NVIDIA ShadowPlay 2.4.0.9 (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA Update 2.4.0.9 (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.1.3 - PowerUp Software)
Prince of Persia: The Sands of Time (HKLM-x32\...\Steam App 13600) (Version: - Kudosoft)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - The Indie Stone)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RAW - Realms of Ancient War (HKLM-x32\...\Steam App 209730) (Version: - Wizarbox)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version: - Volition)
Sang-Froid - Tales of Werewolves (HKLM-x32\...\Steam App 227220) (Version: - Artifice Studio)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
Sennheiser 3D G4ME1 (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB6}) (Version: 1.00.0002 - )
Septerra Core (HKLM-x32\...\Steam App 253940) (Version: - )
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 4.0.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version: - City Interactive)
Spellforce: Platinum Edition (HKLM-x32\...\Steam App 39540) (Version: - Phenomic)
Spotify (HKCU\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows Phone Recovery Tool 1.1.0 (HKLM-x32\...\{a8b207a1-a05f-462d-a981-403c43525256}) (Version: 1.1.0 - Microsoft)
Windows Phone Recovery Tool 1.1.0 (x32 Version: 1.1.0 - Microsoft) Hidden
WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
X3: Terran Conflict (HKLM-x32\...\Steam App 2820) (Version: - Egosoft)
X-Blades (HKLM-x32\...\Steam App 7510) (Version: - Topware Interactive)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 8159.14 MB
Available physical RAM: 6412.1 MB
Total Pagefile: 9439.14 MB
Available Pagefile: 7601.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.64 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:111.69 GB) (Free:61.82 GB) NTFS
2 Drive d: (Disk-1) (Fixed) (Total:465.76 GB) (Free:95.85 GB) NTFS
3 Drive e: (Disk-2) (Fixed) (Total:931.51 GB) (Free:824.7 GB) NTFS

========================= Users: ========================================

User accounts for \\GAME-PC

Administrator ASPNET Guest
Ricardo

========================= Restore Points ==================================

22-04-2015 19:46:06 Scheduled Checkpoint

**** End of log ****

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 64 bit
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 8159 Mb
Graphics Card: NVIDIA GeForce GTX 970, -1 Mb
Hard Drives: C: Total - 114370 MB, Free - 63305 MB; D: Total - 476936 MB, Free - 98155 MB; E: Total - 953866 MB, Free - 844492 MB;
Motherboard: ASUSTeK Computer INC., P8Z68-V GEN3
Antivirus: ESET NOD32 Antivirus 4.2, Updated and Enabled
Nebu
Active Member
 
Posts: 3
Joined: April 21st, 2015, 7:17 pm

Re: Process k.exe and random popup in windows

Unread postby wannabeageek » April 25th, 2015, 1:21 pm

Hi Nebu,

Please tell me about your computer and from where you obtained your operating system.

Make:
Model:
When you bought it:
Who you bought it from:
wannabeageek
MRU Master
MRU Master
 
Posts: 1871
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Process k.exe and random popup in windows

Unread postby Nebu » April 25th, 2015, 7:49 pm

Hello again.
Even though i find these questions quite "intrusive", here are the answers:

Make and Model do not exist. The computer was customized when bought back in summer 2012. It was bought in a retail store called AquaPC. However, some parts already changed, such as HDD and GFX card.
My OS comes from my partner, which is a Microsoft partner.
Nebu
Active Member
 
Posts: 3
Joined: April 21st, 2015, 7:17 pm

Re: Process k.exe and random popup in windows

Unread postby Gary R » April 28th, 2015, 1:44 am

It is not clear from the information that you have supplied, that you are using a "legal" copy of Windows.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 282 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware