Jump to content

TheSilentBoot

Members
  • Posts

    18
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 4/23/2015Scan Time: 8:53:20 PMLogfile: malware scan.txtAdministrator: Yes Version: 2.01.6.1022Malware Database: v2015.04.23.06Rootkit Database: v2015.04.21.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: godpl_000 Scan Type: Threat ScanResult: CompletedObjects Scanned: 381037Time Elapsed: 4 min, 19 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) C:\Program Files (x86)\NCH Software\Voxal\voxal.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantinedC:\Program Files (x86)\NCH Software\Voxal\voxalsetup_v1.11.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantinedC:\Windows\SECOH-QAD.dll Win64/HackKMS.D potentially unsafe application deleted - quarantinedC:\Windows\SECOH-QAD.exe Win64/HackKMS.C potentially unsafe application deleted - quarantinedD:\ccsetup503.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedD:\vxlsetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantinedD:\Downloads\CR_Downloader_for_project64.exe a variant of Win32/InstallCore.TE potentially unwanted application deleted - quarantinedD:\Downloads\CR_Downloader_for_zsnes.exe a variant of Win32/InstallCore.TE potentially unwanted application deleted - quarantinedD:\Program Files (x86)\Cheat Engine 6.4\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application deleted - quarantinedD:\Seeding\spsetup128.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
  2. how do i do a smart scan i only see | Threat Scan | Custom Scan | Hyper Scan
  3. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-04-2015 Ran by godpl_000 at 2015-04-22 00:02:17 Run:1 Running from C:\Users\godpl_000\Desktop Loaded Profiles: godpl_000 (Available profiles: TheSilentBoot & godpl_000) Boot Mode: Normal ============================================== Content of fixlist: ***************** start HKU\S-1-5-21-470181635-2375960542-4024403630-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.strtpo...rchTerms}&r=123 FF Homepage: https://mysearch.avg...fr&d=2015-04-21 S2 Adobe Licensing Console; C:\Windows\SysWOW64\lnsecsl.exe [1202396 2015-04-15] ( ) [File not signed] <==== ATTENTION 2014-12-17 14:02 - 2014-12-17 14:02 - 0024940 ___SH () C:\Users\godpl_000\AppData\Roaming\C98243963.bat 2014-12-18 04:45 - 2014-12-18 04:45 - 0025552 ___SH () C:\ProgramData\A7383623.bat 2014-12-17 10:25 - 2014-12-17 10:25 - 0027748 ___SH () C:\ProgramData\C73937393.bat C:\Users\godpl_000\AppData\Local\Temp\OK_V17_10_SENTRA_4.exe C:\Users\godpl_000\AppData\Local\Temp\patch__6437_il7635.exe testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION! EmptyTemp: end ***************** HKU\S-1-5-21-470181635-2375960542-4024403630-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-21-470181635-2375960542-4024403630-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EBF255CB-70BD-4892-8247-9DCE22008818} => Key not found. HKCR\CLSID\{EBF255CB-70BD-4892-8247-9DCE22008818} => Key not found. Firefox homepage deleted successfully. Adobe Licensing Console => Service deleted successfully. C:\Users\godpl_000\AppData\Roaming\C98243963.bat => Moved successfully. C:\ProgramData\A7383623.bat => Moved successfully. C:\ProgramData\C73937393.bat => Moved successfully. C:\Users\godpl_000\AppData\Local\Temp\OK_V17_10_SENTRA_4.exe => Moved successfully. C:\Users\godpl_000\AppData\Local\Temp\patch__6437_il7635.exe => Moved successfully. The operation completed successfully. EmptyTemp: => Removed 1.6 GB temporary data. The system needed a reboot. ==== End of Fixlog 00:02:55 ====
  4. like i click update & recovery then recovery then restart now but there is no where i can use my usb stick
  5. I am sorry but i am very confused i am just not understanding what i am supposed to be doing
  6. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015 Ran by godpl_000 (administrator) on BRENDON_PC on 21-04-2015 15:35:04 Running from C:\Users\godpl_000\Desktop Loaded Profiles: TheSilentBoot & godpl_000 (Available profiles: TheSilentBoot & godpl_000) Platform: Windows 8.1 Pro (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\AvastSvc.exe ( ) C:\Windows\Temp\mrt1AEA.tmp\stdrt.exe (Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Scarlet.Crush Productions) D:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (SoftEther VPN Project at University of Tsukuba, Japan.) D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () D:\Program Files (x86)\MicMute\mic_mute.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Spotify Ltd) C:\Users\godpl_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\AvastUI.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.) D:\Program Files (x86)\Razer\Razer Cortex\main.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\mspaint.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iSCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [softEther VPN Client UI Helper] => D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4348472 2014-12-17] (SoftEther VPN Project at University of Tsukuba, Japan.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-29] (Avast Software s.r.o.) HKLM-x32\...\Run: [RoccatKonePure] => D:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-23] (ROCCAT GmbH) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.) HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RazerCortex] => D:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [60640 2014-12-06] (Razer Inc.) HKLM-x32\...\RunOnce: [20150107] => D:\Program Files\AVAST Software\Avast\setup\emupdate\73b9b6a1-2fb1-4868-9a44-d45729949d44.exe [183232 2015-04-21] (AVAST Software) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [spotify Web Helper] => C:\Users\godpl_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-06] (Spotify Ltd) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [MicMute] => D:\Program Files (x86)\MicMute\mic_mute.exe [106496 2014-01-10] () HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [GoogleChromeAutoLaunch_C51A051682F096AE4FAE7F4A131F7A94] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-30] (Google Inc.) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [spotify] => C:\Users\godpl_000\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-04-06] (Spotify Ltd) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_310_pepper.exe -update pepperplugin HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.) HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [MicMute] => D:\Program Files (x86)\MicMute\mic_mute.exe [106496 2014-01-10] () HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.) HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.) HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [spotify Web Helper] => C:\Users\godpl_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-06] (Spotify Ltd) HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [spotify] => C:\Users\godpl_000\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-04-06] (Spotify Ltd) HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Run: [GoogleChromeAutoLaunch_C51A051682F096AE4FAE7F4A131F7A94] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-30] (Google Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2014-12-17] ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> D:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-03-29] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-470181635-2375960542-4024403630-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={688037BD-1C60-4C1A-B92B-F3CC2167FA32}&mid=2b5dfca9de1547cda11a95c31d7ad3f6-8c50bba0cddac3c4e524ec43c565d1f36fb8300f〈=en&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-04-2103:20:01&v=4.1.0.411&pid=wtu&sg=&sap=hp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-470181635-2375960542-4024403630-1001 -> {EBF255CB-70BD-4892-8247-9DCE22008818} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=591080004&q={searchTerms}&r=123 BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-29] (Avast Software s.r.o.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-29] (Avast Software s.r.o.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.1 FireFox: ======== FF ProfilePath: C:\Users\godpl_000\AppData\Roaming\Mozilla\Firefox\Profiles\bqoan5fa.default FF Homepage: https://mysearch.avg.com/?cid={688037BD-1C60-4C1A-B92B-F3CC2167FA32}&mid=2b5dfca9de1547cda11a95c31d7ad3f6-8c50bba0cddac3c4e524ec43c565d1f36fb8300f〈=en&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-04-2103:20:01&v=4.1.0.411&pid=wtu&sg=&sap=hp FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB) FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.) FF Plugin HKU\S-1-5-21-470181635-2375960542-4024403630-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\godpl_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: No Name - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-03] Chrome: ======= CHR HomePage: Default -> https://www.google.ca/ CHR StartupUrls: Default -> "https://www.google.ca/" CHR Profile: C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (BetterTTV) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-04-21] CHR Extension: (Steam inventory helper) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-04-21] CHR Extension: (FrankerFaceZ) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-04-21] CHR Extension: (LoungeDestroyer) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-04-21] CHR Extension: (AdBlock) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-21] CHR Extension: (Hola Better Internet) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-04-21] CHR Extension: (Avast Online Security) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-03] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-21] CHR Extension: (Google Wallet) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-02] CHR Extension: (Video Cutter) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2015-04-21] CHR Extension: (Twitch Giveaways) - C:\Users\godpl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2015-04-21] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 Adobe Licensing Console; C:\Windows\SysWOW64\lnsecsl.exe [1202396 2015-04-15] ( ) [File not signed] <==== ATTENTION R2 AdobeActiveFileMonitor9.0; D:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-06] (Adobe Systems Incorporated) R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-29] (Avast Software s.r.o.) R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-29] (Avast Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-11-25] () S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation) S3 celavimushost; D:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-03-18] (altPUG LLC) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L) R2 Ds3Service; D:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-05] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation) S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] () R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-17] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-06] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-04] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.) R2 RzKLService; D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.) R2 SEVPNCLIENT; D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4348472 2014-12-17] (SoftEther VPN Project at University of Tsukuba, Japan.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-04-21] () S2 TeamViewer; "C:\Users\GODPL_~1\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-29] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-29] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-29] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-29] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-29] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-29] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-29] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-29] () S3 CEDRIVER60; D:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-06-20] () R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] () S3 kinonivd; C:\Windows\system32\DRIVERS\kinonivd.sys [2782848 2013-02-26] (Windows ® Win 7 DDK provider) S3 KINONI_Wave; C:\Windows\system32\drivers\kinonivad.sys [23040 2013-02-26] (Windows ® Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [28768 2014-12-17] (SoftEther VPN Project at University of Tsukuba, Japan.) S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40136 2015-03-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions) R2 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-29] (Avast Software) R3 voxaldriver; C:\Windows\system32\DRIVERS\voxaldriverx64.sys [34512 2014-12-24] () S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-15] (Microsoft Corporation) S3 cpuz137; \??\C:\Users\GODPL_~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-21 14:29 - 2015-04-21 15:35 - 00025150 _____ () C:\Users\godpl_000\Desktop\FRST.txt 2015-04-21 14:29 - 2015-04-21 14:30 - 00045250 _____ () C:\Users\godpl_000\Desktop\Addition.txt 2015-04-21 14:28 - 2015-04-21 15:35 - 00000000 ____D () C:\FRST 2015-04-21 14:28 - 2015-04-21 14:28 - 02099712 _____ (Farbar) C:\Users\godpl_000\Desktop\FRST64.exe 2015-04-21 05:56 - 2015-04-21 05:57 - 00002920 _____ () C:\Users\godpl_000\Desktop\FSS.txt 2015-04-21 05:55 - 2015-04-21 05:55 - 00415232 _____ (Farbar) C:\Users\godpl_000\Desktop\FSS.exe 2015-04-21 05:44 - 2015-04-21 05:51 - 00000000 ____D () C:\AdwCleaner 2015-04-21 05:43 - 2015-04-21 05:44 - 02217984 _____ () C:\Users\godpl_000\Desktop\adwcleaner_4.201.exe 2015-04-21 05:40 - 2015-04-21 05:40 - 00001890 _____ () C:\Windows\diagwrn.xml 2015-04-21 05:40 - 2015-04-21 05:40 - 00001890 _____ () C:\Windows\diagerr.xml 2015-04-21 05:40 - 2015-04-21 05:40 - 00000000 ___HD () C:\$WINDOWS.~BT 2015-04-21 04:42 - 2015-04-21 04:42 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\godpl_000\Desktop\tdsskiller.exe 2015-04-21 03:49 - 2015-04-13 16:24 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-21 03:49 - 2015-04-13 16:24 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-21 03:28 - 2015-03-23 14:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-21 03:28 - 2015-03-23 14:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-21 03:28 - 2015-03-23 14:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-04-21 03:28 - 2015-03-23 14:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-04-21 03:28 - 2015-03-23 14:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-04-21 03:28 - 2015-03-19 21:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2015-04-21 03:28 - 2015-03-19 21:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-04-21 03:28 - 2015-03-19 21:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-04-21 03:28 - 2015-03-19 20:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-04-21 03:28 - 2015-03-19 19:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-04-21 03:28 - 2015-03-19 19:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-04-21 03:28 - 2015-03-19 19:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-04-21 03:28 - 2015-03-14 01:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-04-21 03:28 - 2015-03-14 01:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-04-21 03:28 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-21 03:28 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-21 03:28 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-21 03:28 - 2015-03-12 20:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-04-21 03:28 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-21 03:28 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-04-21 03:28 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-04-21 03:28 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-21 03:28 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-04-21 03:28 - 2015-03-12 20:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-04-21 03:28 - 2015-03-12 20:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-04-21 03:28 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-21 03:28 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-21 03:28 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-21 03:28 - 2015-03-12 19:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-04-21 03:28 - 2015-03-12 19:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-04-21 03:28 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-04-21 03:28 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-21 03:28 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-04-21 03:28 - 2015-03-12 19:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-04-21 03:28 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-04-21 03:28 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-21 03:28 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-21 03:28 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-04-21 03:28 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-04-21 03:28 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-04-21 03:28 - 2015-02-20 16:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2015-04-21 03:27 - 2015-04-21 03:27 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\AVG 2015-04-21 03:26 - 2015-04-21 03:28 - 00000000 ____D () C:\ProgramData\AVG 2015-04-21 03:26 - 2015-04-21 03:26 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\Avg 2015-04-21 03:24 - 2015-03-14 01:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-21 03:24 - 2015-03-13 18:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-21 03:24 - 2015-03-13 18:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-21 03:24 - 2015-03-13 18:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-21 03:24 - 2015-03-13 18:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-21 03:24 - 2015-03-13 18:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-04-21 03:24 - 2015-03-13 17:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-21 03:24 - 2015-03-13 17:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-21 03:24 - 2015-03-13 17:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-21 03:24 - 2015-03-13 17:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2015-04-21 03:24 - 2015-03-13 17:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-04-21 03:24 - 2015-03-13 17:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-21 03:24 - 2015-03-13 17:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-21 03:24 - 2015-03-13 17:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-21 03:24 - 2015-03-13 17:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-04-21 03:24 - 2015-03-13 17:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-04-21 03:24 - 2015-03-13 16:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-04-21 03:24 - 2015-03-13 16:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-04-21 03:24 - 2015-02-24 01:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-21 03:20 - 2015-04-21 03:20 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\AVG Web TuneUp 2015-04-21 03:19 - 2015-04-21 03:20 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp 2015-04-21 03:19 - 2015-04-21 03:19 - 00000000 ____D () C:\Program Files\AVG Web TuneUp 2015-04-21 03:19 - 2015-04-21 03:19 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp 2015-04-21 03:18 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2015-04-21 03:16 - 2015-03-22 15:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-21 03:16 - 2015-03-22 15:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-21 03:16 - 2015-03-22 15:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-21 03:16 - 2015-03-22 15:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-21 03:16 - 2015-03-22 15:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-21 03:16 - 2015-03-22 15:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-21 03:16 - 2015-03-22 15:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-21 03:16 - 2015-03-04 03:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2015-04-21 03:16 - 2015-03-03 20:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-21 03:16 - 2015-03-03 19:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-04-21 03:15 - 2015-04-21 04:44 - 00000000 ____D () C:\ProgramData\AVG2015 2015-04-21 03:15 - 2015-04-21 03:57 - 00000000 ___HD () C:\$AVG 2015-04-21 03:15 - 2015-04-21 03:15 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\TuneUp Software 2015-04-21 03:15 - 2015-04-21 03:15 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\AVG2015 2015-04-21 03:14 - 2015-04-21 04:44 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-04-21 03:13 - 2015-04-21 04:44 - 00000000 ____D () C:\ProgramData\MFAData 2015-04-21 03:13 - 2015-04-21 03:19 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\Avg2015 2015-04-21 03:13 - 2015-04-21 03:13 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\MFAData 2015-04-21 02:54 - 2015-04-21 05:48 - 00000105 _____ () C:\Windows\SysWOW64\get.dat 2015-04-21 02:52 - 2015-04-21 02:52 - 00000000 _____ () C:\Windows\SysWOW64\x64.txt 2015-04-21 01:49 - 2015-04-21 02:51 - 00000000 ____D () C:\Users\godpl_000\Desktop\mbar 2015-04-21 01:49 - 2015-04-21 01:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-04-21 01:24 - 2015-04-21 01:24 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\LavasoftStatistics 2015-04-21 01:22 - 2015-04-21 01:42 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\Lavasoft 2015-04-21 01:21 - 2015-04-21 01:42 - 00000000 ____D () C:\ProgramData\Lavasoft 2015-04-21 01:03 - 2015-04-21 01:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2015-04-21 01:02 - 2015-04-21 01:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-04-21 00:30 - 2015-04-21 00:30 - 00000000 _____ () C:\autoexec.bat 2015-04-20 22:41 - 2015-04-20 22:41 - 00000000 ____D () C:\ProgramData\Screaming Bee 2015-04-20 18:29 - 2015-04-21 02:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-04-18 19:44 - 2015-04-21 15:19 - 01283699 _____ () C:\Windows\WindowsUpdate.log 2015-04-18 19:42 - 2015-04-21 08:32 - 00000998 _____ () C:\Windows\setupact.log 2015-04-18 19:42 - 2015-04-21 05:40 - 00000000 _____ () C:\Windows\setuperr.log 2015-04-18 19:42 - 2015-04-21 04:44 - 00010390 _____ () C:\Windows\PFRO.log 2015-04-18 05:48 - 2015-04-18 17:06 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\FolderName 2015-04-17 19:06 - 2015-04-17 19:06 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\HaloOnline 2015-04-15 17:02 - 2015-04-15 17:02 - 01202396 _____ ( ) C:\Windows\SysWOW64\lnsecsl.exe 2015-04-15 17:00 - 2015-04-20 22:41 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-04-13 21:31 - 2015-04-21 02:48 - 00000000 ____D () C:\Program Files\Rockstar Games 2015-04-13 21:31 - 2015-04-21 02:48 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2015-04-13 21:31 - 2015-04-15 22:40 - 00000080 _____ () C:\Users\godpl_000\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 2015-04-13 21:31 - 2015-04-13 21:31 - 00000000 ____D () C:\Users\godpl_000\Documents\Rockstar Games 2015-04-13 21:31 - 2015-04-13 21:31 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\Rockstar Games 2015-04-12 22:22 - 2015-04-12 22:22 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\openvr 2015-04-11 20:02 - 2015-04-11 23:43 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\ESS 2015-04-11 20:00 - 2015-04-11 20:00 - 00000921 _____ () C:\Users\Public\Desktop\European Ship Simulator.lnk 2015-04-11 20:00 - 2015-04-11 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\European Ship Simulator 2015-04-06 17:09 - 2015-04-06 17:18 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\Spotify 2015-04-06 17:09 - 2015-04-06 17:09 - 00001833 _____ () C:\Users\godpl_000\Desktop\Spotify.lnk 2015-04-06 17:09 - 2015-04-06 17:09 - 00001819 _____ () C:\Users\godpl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2015-04-06 17:09 - 2015-04-06 17:09 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\Spotify 2015-04-06 16:33 - 2015-04-21 02:51 - 00000000 ___SD () C:\Windows\system32\GWX 2015-04-06 16:33 - 2015-04-06 16:33 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-04-04 21:00 - 2015-04-04 21:00 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\My Games 2015-04-03 19:59 - 2015-04-03 19:59 - 00000677 _____ () C:\Users\godpl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAuth.lnk 2015-03-29 09:40 - 2015-03-29 09:40 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-03-29 09:40 - 2015-03-29 09:40 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-03-28 10:28 - 2015-03-28 10:28 - 00000860 _____ () C:\Users\godpl_000\Desktop\ImRaising Sync.lnk 2015-03-28 10:28 - 2015-03-28 10:28 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\Microsoft\Windows\Start Menu\ImRaising 2015-03-28 10:27 - 2015-04-18 18:22 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\TeamViewer 2015-03-28 10:06 - 2015-04-10 19:03 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\ImRaising Sync 2015-03-28 09:48 - 2015-03-28 09:48 - 00002377 _____ () C:\Users\godpl_000\Documents\MumbleAutomaticCertificateBackup.p12 2015-03-28 09:47 - 2015-04-15 13:36 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\Mumble 2015-03-28 09:47 - 2015-03-28 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble 2015-03-28 09:47 - 2015-03-28 09:47 - 00000000 ____D () C:\Program Files (x86)\Mumble 2015-03-28 08:41 - 2015-03-28 08:42 - 00000197 _____ () C:\Windows\system32\2015-03-28-15-41-36.041-AvastVBoxSVC.exe-3592.log 2015-03-26 11:01 - 2015-03-26 11:01 - 00000197 _____ () C:\Windows\system32\2015-03-26-18-01-47.029-AvastVBoxSVC.exe-3720.log 2015-03-26 08:34 - 2015-03-26 08:34 - 00003288 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-470181635-2375960542-4024403630-1002 2015-03-26 06:30 - 2015-03-26 06:30 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\WinAuth 2015-03-24 15:22 - 2010-07-27 08:14 - 01714688 _____ () C:\Users\godpl_000\Desktop\Xpadder.exe 2015-03-24 14:42 - 2015-03-24 14:42 - 00001367 _____ () C:\Users\godpl_000\Desktop\ScpMonitor - Shortcut.lnk 2015-03-24 14:42 - 2015-03-24 14:42 - 00001358 _____ () C:\Users\godpl_000\Desktop\ScpDriver - Shortcut.lnk 2015-03-24 14:41 - 2013-05-05 17:32 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys 2015-03-24 14:41 - 2013-01-07 11:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll 2015-03-24 14:39 - 2015-03-24 14:45 - 00000000 ____D () C:\Windows\SysWOW64\directx 2015-03-24 14:39 - 2015-03-24 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2015-03-24 14:39 - 2015-03-24 14:39 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories 2015-03-22 21:34 - 2015-03-22 21:34 - 00000197 _____ () C:\Windows\system32\2015-03-23-04-34-43.012-AvastVBoxSVC.exe-3264.log 2015-03-22 05:04 - 2015-03-22 05:04 - 00098464 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2015-03-22 05:04 - 2015-03-22 05:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-21 15:34 - 2014-11-08 00:46 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\uTorrent 2015-04-21 15:28 - 2014-11-07 22:13 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\Skype 2015-04-21 15:23 - 2015-02-22 15:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-21 15:22 - 2014-11-03 05:07 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-21 15:22 - 2014-11-03 05:07 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-21 15:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru 2015-04-21 14:26 - 2015-03-19 17:11 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-04-21 14:26 - 2014-12-27 19:19 - 00061829 _____ () C:\Windows\system32\lvcoinst.log 2015-04-21 11:43 - 2014-11-03 04:54 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{51D7330B-9872-48C2-B955-F5BC1DEE53A6} 2015-04-21 09:29 - 2014-11-02 10:07 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-470181635-2375960542-4024403630-1002 2015-04-21 08:32 - 2014-11-02 10:03 - 00000000 ___DO () C:\Users\godpl_000\OneDrive 2015-04-21 05:53 - 2014-03-18 03:02 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-21 05:47 - 2014-12-26 16:09 - 00000000 ____D () C:\Windows\SysWOW64\DCS 2015-04-21 05:46 - 2014-11-06 16:39 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-21 05:46 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-21 04:21 - 2014-11-28 08:47 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\foobar2000 2015-04-21 03:57 - 2013-08-22 08:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2015-04-21 03:47 - 2014-11-04 16:56 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-21 03:47 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-04-21 03:44 - 2014-11-02 09:12 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-21 03:44 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-04-21 03:43 - 2014-12-13 21:05 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-21 03:43 - 2014-11-05 01:15 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-21 03:40 - 2015-03-02 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZombieModding 2015-04-21 03:39 - 2014-12-26 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain 2015-04-21 03:39 - 2014-11-20 18:23 - 00000000 ____D () C:\Windows\Minidump 2015-04-21 03:39 - 2014-11-08 11:58 - 00000000 ___RD () C:\Users\godpl_000\Desktop\Kappa 2015-04-21 03:39 - 2014-11-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link Shell Extension 2015-04-21 03:29 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-04-21 03:20 - 2015-01-20 03:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-21 03:18 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-04-21 02:56 - 2014-11-02 09:58 - 00000000 ____D () C:\Users\godpl_000 2015-04-21 02:52 - 2015-02-22 15:27 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-04-21 02:51 - 2014-12-24 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee 2015-04-21 02:51 - 2014-12-23 21:35 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\Glyph 2015-04-21 02:51 - 2014-12-23 21:35 - 00000000 ____D () C:\ProgramData\Glyph 2015-04-21 02:51 - 2014-11-03 18:49 - 00000000 ____D () C:\ProgramData\Package Cache 2015-04-21 02:51 - 2014-11-03 04:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-21 02:51 - 2014-11-02 10:17 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\Unity 2015-04-21 02:51 - 2013-08-22 06:36 - 00000000 ____D () C:\Windows\system32\Sysprep 2015-04-21 02:49 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\registration 2015-04-21 02:49 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppCompat 2015-04-21 02:00 - 2014-11-03 05:27 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\Adobe 2015-04-17 19:33 - 2014-12-08 18:47 - 00000132 _____ () C:\Users\godpl_000\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-04-16 04:42 - 2014-11-07 20:51 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\OBS 2015-04-15 10:23 - 2014-11-07 22:13 - 00000000 ____D () C:\ProgramData\Skype 2015-04-14 10:23 - 2015-02-22 15:27 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-04-14 10:23 - 2015-02-22 15:27 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-13 16:34 - 2014-11-03 06:13 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-04-10 18:40 - 2014-11-07 20:38 - 00000000 ____D () C:\Program Files (x86)\OBS 2015-04-09 21:37 - 2013-08-22 07:44 - 05113864 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-04 21:45 - 2015-02-23 02:42 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2015-04-04 21:45 - 2014-11-03 18:49 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-04-04 21:24 - 2014-11-03 18:49 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2015-04-04 21:19 - 2014-11-07 23:36 - 00000000 ____D () C:\Program Files (x86)\WinRAR 2015-04-04 20:57 - 2014-11-06 17:13 - 00000000 ____D () C:\Users\godpl_000\AppData\Local\PunkBuster 2015-04-04 20:57 - 2014-11-03 18:49 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-04-04 20:57 - 2014-11-02 10:13 - 00000000 ____D () C:\Users\godpl_000\Documents\my games 2015-04-03 11:29 - 2014-11-07 23:37 - 00000000 ____D () C:\Users\godpl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-04-03 11:29 - 2014-11-07 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-29 09:40 - 2014-11-03 05:15 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-03-29 09:40 - 2014-11-03 05:15 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-03-27 20:44 - 2014-11-06 16:40 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-03-27 20:44 - 2014-11-06 16:40 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-03-27 20:43 - 2014-11-06 16:40 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-03-27 20:43 - 2014-11-06 16:40 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll ==================== Files in the root of some directories ======= 2015-01-06 05:45 - 2015-01-06 05:45 - 0000132 _____ () C:\Users\godpl_000\AppData\Roaming\Adobe GIF Format CS6 Prefs 2014-12-08 18:47 - 2015-04-17 19:33 - 0000132 _____ () C:\Users\godpl_000\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-12-17 14:02 - 2014-12-17 14:02 - 0024940 ___SH () C:\Users\godpl_000\AppData\Roaming\C98243963.bat 2015-02-05 13:07 - 2015-02-05 13:07 - 0000099 _____ () C:\Users\godpl_000\AppData\Roaming\LauncherSettings_live.cfg 2014-12-21 22:00 - 2015-02-09 15:27 - 0001680 _____ () C:\Users\godpl_000\AppData\Roaming\SpeedRunnersLog.txt 2014-12-23 16:31 - 2014-12-23 16:31 - 0001272 _____ () C:\Users\godpl_000\AppData\Roaming\TargetInvocationLog.txt 2015-02-05 12:47 - 2015-02-05 12:47 - 0000040 _____ () C:\Users\godpl_000\AppData\Roaming\TheHunterSettings_steam_live.cfg 2014-12-24 20:00 - 2014-12-24 20:00 - 0001167 _____ () C:\Users\godpl_000\AppData\Roaming\trace_FilterInstaller.txt 2014-12-24 20:00 - 2014-12-24 20:00 - 0000000 _____ () C:\Users\godpl_000\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2014-12-17 11:01 - 2014-12-17 11:01 - 10124389 _____ () C:\Users\godpl_000\AppData\Roaming\xulrunner.zip 2015-01-03 04:25 - 2015-01-24 05:42 - 0001456 _____ () C:\Users\godpl_000\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-01-03 04:47 - 2015-01-03 04:47 - 0003584 _____ () C:\Users\godpl_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-12-18 04:45 - 2014-12-18 04:45 - 0025552 ___SH () C:\ProgramData\A7383623.bat 2014-12-17 10:25 - 2014-12-17 10:25 - 0027748 ___SH () C:\ProgramData\C73937393.bat Files to move or delete: ==================== C:\ProgramData\A7383623.bat C:\ProgramData\C73937393.bat Some content of TEMP: ==================== C:\Users\godpl_000\AppData\Local\Temp\DseShExt-x64.dll C:\Users\godpl_000\AppData\Local\Temp\DseShExt-x86.dll C:\Users\godpl_000\AppData\Local\Temp\OK_V17_10_SENTRA_4.exe C:\Users\godpl_000\AppData\Local\Temp\patch__6437_il7635.exe C:\Users\godpl_000\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\godpl_000\AppData\Local\Temp\SDShelEx-x64.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2015-04-20 18:29 ==================== End Of Log ============================
  7. Also any tips on how i could prevent this will be very helpful cause i have never disabled my anti virus also if they have stolen stuff can they take passwords from my browser (non saved) and do they have access to all my files cause i trade on a game called CS:GO alot of hackers and i assume this is where i have got this virus witch i believe is try to take a certain file and my email login - Thanks
  8. I'd like to try and fix this but if it doesn't work i will just wipe everything
  9. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015 Ran by godpl_000 at 2015-04-21 14:29:58 Running from C:\Users\godpl_000\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.) Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) BeamNG.drive (HKLM-x32\...\Steam App 284160) (Version: - BeamNG) Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios) BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games) Bitcoin Core (64-bit) (HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project) Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.) Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version: - ) Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch) Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland) CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - ) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5361 - Corsair) Corsair Link USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Damned (HKLM-x32\...\Steam App 251170) (Version: - 9heads Game Studios) Dishonored (HKLM-x32\...\Steam App 205100) (Version: - Arkane Studios) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden European Ship Simulator (HKLM-x32\...\European Ship Simulator_is1) (Version: - Merge Games) Fantasy Sound Pack (HKLM-x32\...\{B53415F5-4060-48DA-ABB8-00F768158F47}) (Version: 1.1.1 - Screaming Bee) Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - ) Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai) foobar2000 v1.3.5 (HKLM-x32\...\foobar2000) (Version: 1.3.5 - Peter Pawlowski) Free Video Cutter (HKLM-x32\...\{94895EA7-873E-4FCB-9C7B-DD3F7019D618}_is1) (Version: - FreeVideoCutter.com) Furry Voices (x32 Version: 4.4.21 - Screaming Bee Inc.) Hidden Furry Voices for MorphVOX (HKLM-x32\...\{4ef9d1d2-3383-4d9b-811f-2cae5f46528e}) (Version: 4.4.21 - Screaming Bee Inc.) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) GRID 2 (HKLM-x32\...\Steam App 44350) (Version: - Codemasters Racing) Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games) Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment) Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.0.0.1 - GOG.com) HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation) Intel® Smart Connect Technology (HKLM\...\{08B90A20-95D3-4725-84B9-AF6553E06C4F}) (Version: 5.0.10.2850 - Intel Corporation) Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version: - ) Male Voices (x32 Version: 4.4.21 - Screaming Bee Inc.) Hidden Male Voices for MorphVOX (HKLM-x32\...\{7df2e62e-f563-4575-9d08-80c00ccc87a2}) (Version: 4.4.21 - Screaming Bee Inc.) Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation) MicMute version 0.1.7.2 (HKLM-x32\...\{A1FDC62A-32EC-4AA3-BBB6-80A7977CCAE2}_is1) (Version: 0.1.7.2 - Mist Poryvaev) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Modern War Sounds (HKLM-x32\...\{A514E94F-C436-44C3-A1E9-1F58CD352669}) (Version: 1.0.1 - Screaming Bee) MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee) MorphVOX Pro (HKLM-x32\...\{76828C87-C612-4329-843B-4DB58060030A}) (Version: 4.4.9 - Screaming Bee) Motion Gaming Console (HKLM-x32\...\Motion Gaming Console) (Version: - CamTrax Technologies) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla) Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig) NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation) Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games) SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.09.9451 - SoftEther VPN Project) Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) Special Effects Voices (x32 Version: 4.4.21 - Screaming Bee Inc.) Hidden Special Effects Voices for MorphVOX (HKLM-x32\...\{f76834ed-fae3-449c-ab88-5d689c542c44}) (Version: 4.4.21 - Screaming Bee Inc.) SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games) Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios) Spotify (HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB) Spotify (HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeeBoard: The Twitch Army Knife (HKLM-x32\...\be.gip.twitch.TeeBoard) (Version: 0.1.5 - UNKNOWN) TeeBoard: The Twitch Army Knife (x32 Version: 0.1.5 - UNKNOWN) Hidden The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) TwitchAlerts (HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts) TwitchAlerts (HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts) Unity Web Player (HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Voice Splicer Plug-In (HKLM-x32\...\{5A53F620-6A7A-4362-94AD-12D9FCB856E1}) (Version: 4.2.11 - Screaming Bee) Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.11 - NCH Software) VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg) Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek) Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Workplace Backgrounds (HKLM-x32\...\{13304708-E115-4044-82DA-88A6F5424359}) (Version: 1.0.0 - Screaming Bee) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-470181635-2375960542-4024403630-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\godpl_000\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 24-03-2015 14:38:56 Installed DirectX 28-03-2015 09:46:03 Installed Mumble 1.2.8 04-04-2015 20:56:41 Installed DirectX 08-04-2015 02:07:42 Installed DirectX 09-04-2015 20:41:36 Installed DirectX 11-04-2015 20:00:48 Installed DirectX 13-04-2015 21:31:15 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 13-04-2015 21:31:25 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 16-04-2015 15:44:37 Windows Modules Installer 20-04-2015 22:41:20 Removed Fantasy Sound Pack 21-04-2015 02:47:51 Restore Operation ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2014-12-19 14:23 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {034B564A-31B9-4FA2-A397-FE7972A3275E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-21] (Microsoft Corporation) Task: {10A7EDD8-F2BA-4363-8639-E9086020A583} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-godplays7@live.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {24F6560A-E403-42EC-A778-9127BCAAFE92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated) Task: {28E5051E-E0C1-4C9E-810C-6137E87F7E9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-03] (Google Inc.) Task: {29F92EA9-7136-42C3-80CB-4EB5833E3DA0} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation) Task: {44F69D42-D04B-4738-9E9B-9287A58F9B00} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe [2015-04-14] (Adobe Systems Incorporated) Task: {4905C042-C4DD-4D57-A885-A1999CC2239B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-03] (Google Inc.) Task: {4FD4E74D-A7FA-4EC1-A227-14AC6564BEA3} - System32\Tasks\Start Corsair Link => E:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe Task: {53AD9E75-20FD-4785-8E8E-2DF231137870} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {71612F04-ABC3-49BA-84B2-86E8D3A20413} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-29] (Avast Software s.r.o.) Task: {7D629707-2E4C-4B16-B6F0-81E31F40F547} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {7F6DB577-60C4-4AE0-B137-D3032267F841} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {8C87CD6A-6E50-4933-AEFC-97C15EDD2459} - System32\Tasks\avastBCLRestartS-1-5-21-470181635-2375960542-4024403630-1002 => Chrome.exe Task: {8FE304EE-D7AB-4059-87D6-A92D214C9FB1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-470181635-2375960542-4024403630-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {942636E8-C49D-4D43-A706-D0E8609ADC0E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {D7FBC790-1726-494C-8095-10FF7136D138} - System32\Tasks\{3C66B59E-AC85-4ECB-A18A-90BDF1403234} => pcalua.exe -a D:\bikini_bottom.exe -d D:\ Task: {F5BFAABF-1FD1-4C25-AE65-D1FC8A52B618} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-04] () Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-04-21 03:19 - 2015-04-21 03:19 - 00620056 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2014-06-18 18:18 - 2014-06-18 18:18 - 00209712 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe 2014-06-18 18:18 - 2014-06-18 18:18 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll 2014-06-18 18:18 - 2014-06-18 18:18 - 00057648 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTEncryptionCheck.dll 2014-06-18 18:18 - 2014-06-18 18:18 - 00037168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll 2014-11-03 18:49 - 2015-04-04 20:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-12-09 15:22 - 2014-12-09 15:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2014-11-06 16:39 - 2015-03-13 09:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-12-30 21:56 - 2014-01-10 13:52 - 00106496 _____ () D:\Program Files (x86)\MicMute\mic_mute.exe 2015-03-29 09:40 - 2015-03-29 09:40 - 00104400 _____ () D:\Program Files\AVAST Software\Avast\log.dll 2015-03-29 09:40 - 2015-03-29 09:40 - 00081728 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-04-21 01:36 - 2015-04-21 01:36 - 02926080 _____ () D:\Program Files\AVAST Software\Avast\defs\15042101\algo.dll 2015-04-21 05:46 - 2015-04-21 05:46 - 00307200 _____ () C:\Windows\TEMP\mrt1AEA.tmp\MMFS2.dll 2015-04-21 05:46 - 2015-04-21 05:46 - 00021504 _____ () C:\Windows\TEMP\mrt1AEA.tmp\Get.mfx 2015-04-21 05:46 - 2015-04-21 05:46 - 00059392 _____ () C:\Windows\TEMP\mrt1AEA.tmp\Yaso.mfx 2015-04-13 14:13 - 2015-03-27 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-12-25 21:39 - 2012-11-20 17:13 - 00264192 _____ () D:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll 2014-12-30 21:56 - 2014-01-10 13:52 - 00053248 _____ () D:\Program Files (x86)\MicMute\key_hook.dll 2015-04-02 17:23 - 2015-03-30 14:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll 2015-04-02 17:23 - 2015-03-30 14:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll 2015-04-02 17:23 - 2015-03-30 14:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll 2015-03-29 09:40 - 2015-03-29 09:40 - 40540672 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll 2015-04-02 17:23 - 2015-03-30 14:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll 2015-03-24 15:05 - 2015-03-09 23:37 - 00775680 _____ () D:\Program Files (x86)\Steam\SDL2.dll 2015-01-20 16:50 - 2014-12-01 17:29 - 05002752 _____ () D:\Program Files (x86)\Steam\v8.dll 2015-04-13 21:30 - 2015-04-13 16:44 - 02371776 _____ () D:\Program Files (x86)\Steam\video.dll 2015-01-20 16:50 - 2014-12-01 17:29 - 01612800 _____ () D:\Program Files (x86)\Steam\icui18n.dll 2015-01-20 16:50 - 2014-12-01 17:29 - 01210368 _____ () D:\Program Files (x86)\Steam\icuuc.dll 2015-01-20 16:50 - 2014-12-01 14:31 - 02396672 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll 2015-01-20 16:50 - 2014-12-01 14:31 - 00479744 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll 2015-01-20 16:50 - 2014-12-01 14:31 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll 2015-01-20 16:50 - 2014-12-01 14:31 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll 2015-01-20 16:50 - 2014-12-01 14:31 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll 2015-04-13 21:30 - 2015-04-13 16:44 - 00702656 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-04-13 21:30 - 2015-04-13 16:44 - 00138432 _____ () D:\Program Files (x86)\Steam\bin\audio.dll 2014-11-12 15:25 - 2014-11-11 11:48 - 00071680 _____ () D:\Program Files (x86)\Steam\bin\mssmp3.asi 2014-11-12 15:25 - 2014-11-11 11:48 - 00153088 _____ () D:\Program Files (x86)\Steam\bin\mssvoice.asi 2015-03-24 15:05 - 2015-02-24 18:58 - 34641288 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll 2015-03-24 15:05 - 2015-02-24 18:58 - 01709960 _____ () D:\Program Files (x86)\Steam\bin\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\godpl_000\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15211231.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15211231.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) IE trusted site: HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\sony.com -> sony.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-470181635-2375960542-4024403630-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img1.jpg HKU\S-1-5-21-470181635-2375960542-4024403630-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\godpl_000\Desktop\Alca\USP-S - Orion.png DNS Servers: 192.168.1.254 - 75.153.176.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper" HKLM\...\StartupApproved\Run32: => "RoccatKonePure" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-470181635-2375960542-4024403630-1001\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-470181635-2375960542-4024403630-1002\...\StartupApproved\Run: => "AdobeBridge" ==================== Accounts: ============================= Administrator (S-1-5-21-470181635-2375960542-4024403630-500 - Administrator - Disabled) godpl_000 (S-1-5-21-470181635-2375960542-4024403630-1002 - Administrator - Enabled) => C:\Users\godpl_000 Guest (S-1-5-21-470181635-2375960542-4024403630-501 - Limited - Disabled) TheSilentBoot (S-1-5-21-470181635-2375960542-4024403630-1001 - Administrator - Enabled) => C:\Users\TheSilentBoot ==================== Faulty Device Manager Devices ============= Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/21/2015 08:32:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RzStats.Manager.exe, version: 1.0.0.35, time stamp: 0x548957e0 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade Exception code: 0xe0434352 Fault offset: 0x00014598 Faulting process id: 0x279c Faulting application start time: 0xRzStats.Manager.exe0 Faulting application path: RzStats.Manager.exe1 Faulting module path: RzStats.Manager.exe2 Report Id: RzStats.Manager.exe3 Faulting package full name: RzStats.Manager.exe4 Faulting package-relative application ID: RzStats.Manager.exe5 Error: (04/21/2015 08:32:51 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: RzStats.Manager.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.Throw(System.Exception) at System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) at System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Char[], Int32, Int32) at System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace() at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.Linq.XDocument.Load(System.Xml.XmlReader, System.Xml.Linq.LoadOptions) at System.Xml.Linq.XDocument.Load(System.String, System.Xml.Linq.LoadOptions) at RzDataTrackingManager.DataHistoryManager.getLastUpdate(System.String) at RzDataTrackingManager.DataHistoryManager.CopyFromOffline() at RzDataTrackingManager.Form1..ctor() at RzDataTrackingManager.Program.Main() Error: (04/21/2015 08:32:26 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (04/21/2015 08:32:19 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/21/2015 08:32:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0x8007139F Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/21/2015 05:47:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RzStats.Manager.exe, version: 1.0.0.35, time stamp: 0x548957e0 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade Exception code: 0xe0434352 Fault offset: 0x00014598 Faulting process id: 0xd00 Faulting application start time: 0xRzStats.Manager.exe0 Faulting application path: RzStats.Manager.exe1 Faulting module path: RzStats.Manager.exe2 Report Id: RzStats.Manager.exe3 Faulting package full name: RzStats.Manager.exe4 Faulting package-relative application ID: RzStats.Manager.exe5 Error: (04/21/2015 05:47:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: RzStats.Manager.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.Throw(System.Exception) at System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) at System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Char[], Int32, Int32) at System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace() at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.Linq.XDocument.Load(System.Xml.XmlReader, System.Xml.Linq.LoadOptions) at System.Xml.Linq.XDocument.Load(System.String, System.Xml.Linq.LoadOptions) at RzDataTrackingManager.DataHistoryManager.getLastUpdate(System.String) at RzDataTrackingManager.DataHistoryManager.CopyFromOffline() at RzDataTrackingManager.Form1..ctor() at RzDataTrackingManager.Program.Main() Error: (04/21/2015 05:47:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/21/2015 05:47:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (04/21/2015 05:47:19 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: igfxCUIService.exe, version: 6.15.10.3960, time stamp: 0x54299ab0 Faulting module name: igfxCUIService.exe, version: 6.15.10.3960, time stamp: 0x54299ab0 Exception code: 0xc0000005 Fault offset: 0x0000000000017719 Faulting process id: 0x454 Faulting application start time: 0xigfxCUIService.exe0 Faulting application path: igfxCUIService.exe1 Faulting module path: igfxCUIService.exe2 Report Id: igfxCUIService.exe3 Faulting package full name: igfxCUIService.exe4 Faulting package-relative application ID: igfxCUIService.exe5 System errors: ============= Error: (04/21/2015 02:16:47 PM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 02:16:47 PM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 02:01:47 PM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 01:46:47 PM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 01:46:47 PM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 11:16:47 AM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 11:16:47 AM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 11:01:47 AM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 10:46:47 AM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Error: (04/21/2015 10:46:47 AM) (Source: DCOM) (EventID: 10016) (User: BRENDON_PC) Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Brendon_PCgodpl_000S-1-5-21-470181635-2375960542-4024403630-1002LocalHost (Using LRPC)UnavailableUnavailable Microsoft Office Sessions: ========================= Error: (04/21/2015 08:32:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: RzStats.Manager.exe1.0.0.35548957e0KERNELBASE.dll6.3.9600.1741554504adee043435200014598279c01d07c4867ab45a8C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeC:\Windows\SYSTEM32\KERNELBASE.dllabde46ba-e83b-11e4-82a3-448a5b9e3a05 Error: (04/21/2015 08:32:51 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: RzStats.Manager.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.Throw(System.Exception) at System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) at System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Char[], Int32, Int32) at System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace() at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.Linq.XDocument.Load(System.Xml.XmlReader, System.Xml.Linq.LoadOptions) at System.Xml.Linq.XDocument.Load(System.String, System.Xml.Linq.LoadOptions) at RzDataTrackingManager.DataHistoryManager.getLastUpdate(System.String) at RzDataTrackingManager.DataHistoryManager.CopyFromOffline() at RzDataTrackingManager.Form1..ctor() at RzDataTrackingManager.Program.Main() Error: (04/21/2015 08:32:26 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (04/21/2015 08:32:19 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/21/2015 08:32:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0x8007139FRuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/21/2015 05:47:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: RzStats.Manager.exe1.0.0.35548957e0KERNELBASE.dll6.3.9600.1741554504adee043435200014598d0001d07c315bb1b91cC:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeC:\Windows\SYSTEM32\KERNELBASE.dlla12700c1-e824-11e4-82a3-448a5b9e3a05 Error: (04/21/2015 05:47:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: RzStats.Manager.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.Throw(System.Exception) at System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) at System.Xml.XmlTextReaderImpl.ThrowInvalidChar(Char[], Int32, Int32) at System.Xml.XmlTextReaderImpl.ParseRootLevelWhitespace() at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.Linq.XDocument.Load(System.Xml.XmlReader, System.Xml.Linq.LoadOptions) at System.Xml.Linq.XDocument.Load(System.String, System.Xml.Linq.LoadOptions) at RzDataTrackingManager.DataHistoryManager.getLastUpdate(System.String) at RzDataTrackingManager.DataHistoryManager.CopyFromOffline() at RzDataTrackingManager.Form1..ctor() at RzDataTrackingManager.Program.Main() Error: (04/21/2015 05:47:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/21/2015 05:47:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (04/21/2015 05:47:19 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c0000005000000000001771945401d07c313335e5ceC:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe8b4800e3-e824-11e4-82a3-448a5b9e3a05 ==================== Memory info =========================== Processor: Intel® Core i7-4770K CPU @ 3.50GHz Percentage of memory in use: 44% Total physical RAM: 8141.22 MB Available physical RAM: 4524.16 MB Total Pagefile: 16333.22 MB Available Pagefile: 8842.51 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.45 GB) (Free:49.5 GB) NTFS Drive d: (Storage) (Fixed) (Total:931.51 GB) (Free:507.88 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: C8EA3A8A) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 79B4B2E6) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.