bmg Posted December 14, 2014 ID:919481 Share Posted December 14, 2014 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01Ran by L33tMaN (administrator) on L33TMAN-PC on 14-12-2014 18:18:26Running from C:\Users\L33tMaN\DownloadsLoaded Profile: L33tMaN (Available profiles: UpdatusUser & L33tMaN & cynical)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe() C:\Windows\SysWOW64\PnkBstrA.exe() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_fb372.dll (TODO: <Company name>)ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_fb372.dll (TODO: <Company name>) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-383299565-3798718073-3649502856-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comStartMenuInternet: IEXPLORE.EXE - iexplore.exeBHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - PasswordBox Toolbar - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKU\S-1-5-21-383299565-3798718073-3649502856-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cabHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\L33tMaN\AppData\Roaming\Mozilla\Firefox\Profiles\vdq54lkb.defaultFF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Extension: RoboSAver - C:\Users\L33tMaN\AppData\Roaming\Mozilla\Firefox\Profiles\vdq54lkb.default\Extensions\qibgbuunh@noowzhyaea.co.uk [2014-08-12]FF Extension: SNT - C:\Users\L33tMaN\AppData\Roaming\Mozilla\Firefox\Profiles\vdq54lkb.default\Extensions\qvi-u@kmnvlkclhc.net [2014-05-09]FF Extension: 20291fcc147146c882135911f5ce6d67 - C:\Users\L33tMaN\AppData\Roaming\Mozilla\Firefox\Profiles\vdq54lkb.default\Extensions\{20291fcc-1471-46c8-8213-5911f5ce6d67} [2014-08-28]FF Extension: 66B2CEAE80B446b08E4D586721E5C1FA - C:\Users\L33tMaN\AppData\Roaming\Mozilla\Firefox\Profiles\vdq54lkb.default\Extensions\{66B2CEAE-80B4-46b0-8E4D-586721E5C1FA} [2014-08-29]FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\ExtFF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-01]FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: =======CHR Profile: C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-15]CHR Extension: (Google Docs) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-15]CHR Extension: (Google Drive) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-15]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-15]CHR Extension: (YouTube) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-15]CHR Extension: (Adblock Plus) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-15]CHR Extension: (Google Search) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-15]CHR Extension: (Google Sheets) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-15]CHR Extension: (RealDownloader) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-11-15]CHR Extension: (Google Wallet) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-15]CHR Extension: (Gmail) - C:\Users\L33tMaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-15]CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-12-16] (CyberLink)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)R2 MSI_ODD_Service; c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe [76800 2011-10-04] (Micro-Star Int'l Co., Ltd.) [File not signed]R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-03] (Electronic Arts)R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2014-07-03] ()R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [49952 2014-03-21] (AVG Technologies)R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-14] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)R3 NTIOLib_X64; C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [14136 2010-01-18] (MSI)R3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [100352 2011-09-15] (Renesas Electronics Corporation)R3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [216064 2011-09-15] (Renesas Electronics Corporation)S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)S3 xhunter1; \??\C:\windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-14 18:18 - 2014-12-14 18:18 - 02119168 _____ (Farbar) C:\Users\L33tMaN\Downloads\FRST64.exe2014-12-14 18:18 - 2014-12-14 18:18 - 00017790 _____ () C:\Users\L33tMaN\Downloads\FRST.txt2014-12-13 13:50 - 2014-12-13 13:54 - 401333186 _____ () C:\Users\L33tMaN\Downloads\nazi_zombie_dome_snow 1.1.exe2014-12-12 15:58 - 2014-12-12 15:58 - 00000000 ____D () C:\windows\system32\appraiser2014-12-11 19:43 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll2014-12-11 19:43 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll2014-12-11 14:39 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll2014-12-11 14:39 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll2014-12-11 14:39 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll2014-12-11 14:39 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll2014-12-11 14:39 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll2014-12-11 14:39 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll2014-12-11 14:39 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll2014-12-11 14:39 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe2014-12-11 14:39 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll2014-12-11 14:39 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll2014-12-11 14:39 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-12-11 14:39 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-12-11 14:39 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2014-12-11 14:39 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2014-12-11 14:39 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-12-11 14:39 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-12-11 14:39 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2014-12-11 14:39 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll2014-12-11 14:39 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-12-11 14:39 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-12-11 14:39 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2014-12-11 14:39 - 2014-11-21 21:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2014-12-11 14:39 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2014-12-11 14:39 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-12-11 14:39 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2014-12-11 14:39 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2014-12-11 14:39 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-12-11 14:39 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-12-11 14:39 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-12-11 14:39 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2014-12-11 14:39 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-12-11 14:39 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll2014-12-11 14:39 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2014-12-11 14:39 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-12-11 14:39 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2014-12-11 14:39 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-12-11 14:39 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll2014-12-11 14:39 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-12-11 14:39 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-12-11 14:39 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-12-11 14:39 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2014-12-11 14:39 - 2014-11-21 20:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2014-12-11 14:39 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2014-12-11 14:39 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-12-11 14:39 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-12-11 14:39 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll2014-12-11 14:39 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-12-11 14:39 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-12-11 14:39 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-12-11 14:39 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2014-12-11 14:39 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-12-11 14:39 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll2014-12-11 14:39 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-12-11 14:39 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-12-11 14:39 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-12-11 14:39 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-12-11 14:39 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-12-11 14:39 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll2014-12-11 14:39 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-12-11 14:39 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-12-11 14:39 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2014-12-11 14:39 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-12-11 14:39 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-12-11 14:39 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2014-12-11 14:39 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll2014-12-11 14:39 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll2014-12-11 14:39 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys2014-12-11 14:39 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll2014-12-11 14:39 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll2014-12-11 14:39 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe2014-12-11 14:39 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe2014-12-11 14:39 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll2014-12-11 14:39 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll2014-12-11 14:39 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll2014-12-11 14:39 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll2014-12-11 14:39 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe2014-12-11 14:39 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll2014-12-11 14:39 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll2014-12-11 14:39 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll2014-12-11 14:39 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll2014-12-11 14:39 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe2014-12-08 19:51 - 2014-12-08 19:52 - 01682416 _____ (Malwarebytes Corporation) C:\Users\L33tMaN\Downloads\mbam-check-2.1.1.1001.exe2014-12-06 22:18 - 2014-12-06 22:18 - 05390217 _____ () C:\Users\L33tMaN\Downloads\download (1)2014-12-06 22:18 - 2014-12-06 22:18 - 05390217 _____ () C:\Users\L33tMaN\Downloads\download2014-12-05 14:56 - 2014-12-05 14:56 - 00000000 ____D () C:\Users\L33tMaN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZombieModding2014-12-05 14:56 - 2014-12-05 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZombieModding2014-12-05 14:55 - 2014-12-05 14:56 - 274336155 _____ () C:\Users\L33tMaN\Downloads\zombie_library.exe2014-12-03 18:44 - 2014-12-03 18:44 - 00054532 _____ () C:\Users\L33tMaN\Downloads\BlackOpsLowSpecsPatchv1.19byRagnos1997.rar2014-12-03 18:44 - 2014-12-03 18:44 - 00054532 _____ () C:\Users\L33tMaN\Downloads\BlackOpsLowSpecsPatchv1.19byRagnos1997 (1).rar2014-12-03 18:44 - 2014-12-03 18:44 - 00000000 ____D () C:\Program Files\Activision2014-12-03 18:40 - 2014-12-03 18:40 - 00000000 _____ () C:\Users\L33tMaN\Desktop\Black ops weapon binds.txt2014-12-03 14:42 - 2014-12-03 14:45 - 00000439 _____ () C:\windows\system32\Drivers\etc\hosts.ics2014-11-22 21:40 - 2014-11-22 21:53 - 00000000 ____D () C:\Users\L33tMaN\Desktop\Mod tool waw2014-11-22 21:40 - 2014-11-22 21:40 - 00000000 ____D () C:\Users\L33tMaN\Desktop\New folder2014-11-22 20:34 - 2014-11-22 21:22 - 1182972996 _____ () C:\Users\L33tMaN\Downloads\CoD_WW_MODTOOLS (1).rar2014-11-22 20:21 - 2014-11-22 20:20 - 01138246 _____ () C:\Users\L33tMaN\Desktop\PeZBOTWAW_005p.zip2014-11-22 20:21 - 2010-09-19 20:49 - 00000000 ____D () C:\Users\L33tMaN\Desktop\mp_PeZBOTWAW2014-11-22 20:20 - 2014-11-22 20:20 - 01138246 _____ () C:\Users\L33tMaN\Downloads\PeZBOTWAW_005p.zip2014-11-22 20:11 - 2014-11-22 20:12 - 00000000 ____D () C:\Users\L33tMaN\Desktop\UGX standalone2014-11-22 20:10 - 2014-11-22 20:10 - 00000000 ____D () C:\Users\L33tMaN\Downloads\_resources2014-11-22 20:09 - 2014-11-22 20:09 - 00037276 _____ () C:\Users\L33tMaN\Downloads\UGX Project Mover v1.2.zip2014-11-22 20:08 - 2014-11-22 20:09 - 182469886 _____ () C:\Users\L33tMaN\Downloads\ugx_mod standalone_v1.0.4.zip2014-11-22 20:08 - 2014-11-22 20:09 - 08700416 _____ (UGX-MODS) C:\Users\L33tMaN\Downloads\UGX Script Placer 2.0.1.exe2014-11-22 02:22 - 2014-11-22 03:10 - 1182972996 _____ () C:\Users\L33tMaN\Downloads\CoD_WW_MODTOOLS.rar2014-11-22 02:15 - 2014-11-22 02:16 - 114917253 _____ () C:\Users\L33tMaN\Downloads\Der Riese Mod Tools.zip2014-11-22 02:15 - 2014-11-22 02:15 - 98060459 _____ () C:\Users\L33tMaN\Downloads\Missing Sounds for Mod Tools.zip2014-11-22 02:10 - 2014-12-13 13:54 - 00000000 ____D () C:\Users\UpdatusUser\Desktop\UGX Community Maps2014-11-22 02:10 - 2014-12-13 13:54 - 00000000 ____D () C:\Users\L33tMaN\Desktop\UGX Community Maps2014-11-22 02:10 - 2014-12-13 13:54 - 00000000 ____D () C:\Users\cynical\Desktop\UGX Community Maps2014-11-22 02:08 - 2014-11-22 02:09 - 334133449 _____ () C:\Users\L33tMaN\Downloads\Wahnsinn(final).exe2014-11-22 02:00 - 2014-11-22 01:59 - 180907028 _____ () C:\Users\L33tMaN\Desktop\ugx_mod_standalone_v1.0.3.rar2014-11-22 02:00 - 2013-01-24 22:02 - 00000000 ____D () C:\Users\L33tMaN\Desktop\mods2014-11-22 02:00 - 2013-01-22 13:35 - 00000000 ____D () C:\Users\L33tMaN\Desktop\raw2014-11-22 02:00 - 2013-01-22 13:12 - 00000000 ____D () C:\Users\L33tMaN\Desktop\map_source2014-11-22 02:00 - 2013-01-22 12:59 - 00000000 ____D () C:\Users\L33tMaN\Desktop\texture_assets2014-11-22 02:00 - 2013-01-21 23:23 - 00000000 ____D () C:\Users\L33tMaN\Desktop\zone_source2014-11-22 02:00 - 2012-12-21 20:18 - 00032911 _____ () C:\Users\L33tMaN\Desktop\template_font.zip2014-11-22 01:58 - 2014-11-22 01:59 - 180907028 _____ () C:\Users\L33tMaN\Downloads\ugx_mod_standalone_v1.0.3.rar2014-11-22 01:57 - 2014-11-22 01:57 - 00933295 _____ () C:\Users\L33tMaN\Downloads\UGX Installation Creater v1.1.rar2014-11-21 20:10 - 2014-11-21 20:10 - 00369152 _____ (Microsoft) C:\Users\L33tMaN\Downloads\UGX Map Manager 1.4.3.exe2014-11-21 19:49 - 2014-11-21 19:50 - 107126080 _____ () C:\Users\L33tMaN\Downloads\nazi_zombie_WarZone.zip2014-11-21 19:30 - 2014-11-21 19:30 - 17143494 _____ () C:\Users\L33tMaN\Downloads\Super Weapons.zip2014-11-21 14:42 - 2014-11-21 14:42 - 00000000 ____D () C:\Users\L33tMaN\Documents\Activision2014-11-20 18:22 - 2014-11-20 18:22 - 00001341 _____ () C:\Users\Public\Desktop\Forgotten Hope Secret Weapon 0.552.lnk2014-11-20 17:51 - 2014-11-20 18:16 - 1786421942 _____ (FHSWdevs ) C:\Users\L33tMaN\Downloads\FHSW_v0.552_Setup_Part_2.exe2014-11-20 15:23 - 2014-11-20 15:51 - 1865537416 _____ (FHSWdevs ) C:\Users\L33tMaN\Downloads\FHSW_v0.552_Setup_Part_1.exe2014-11-20 15:19 - 2014-11-20 15:19 - 00001329 _____ () C:\Users\Public\Desktop\Forgotten Hope 0.7.lnk2014-11-20 15:13 - 2014-11-20 15:17 - 501124151 _____ (Forgotten Hope devs ) C:\Users\L33tMaN\Downloads\FH_Fan_Mappack_6.exe2014-11-20 15:02 - 2014-11-20 15:14 - 2096551138 _____ (Forgotten Hope devs ) C:\Users\L33tMaN\Downloads\FH_0.7_Setup.exe2014-11-19 14:45 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll2014-11-19 14:45 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll2014-11-19 14:45 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll2014-11-19 14:45 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll2014-11-15 11:25 - 2014-11-15 11:25 - 00003740 _____ () C:\Users\L33tMaN\Downloads\f (1).txt2014-11-15 11:17 - 2014-11-15 11:17 - 00003747 _____ () C:\Users\L33tMaN\Downloads\f.txt2014-11-15 11:08 - 2014-11-15 11:11 - 00002725 _____ () C:\Users\L33tMaN\Desktop\C&C ShockWave.lnk2014-11-15 11:08 - 2014-11-15 11:08 - 00000000 ____D () C:\Users\L33tMaN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C&C Generals ShockWave2014-11-15 11:06 - 2014-11-15 11:04 - 263893197 _____ () C:\Users\L33tMaN\Desktop\Shw1.0 (3).zip2014-11-15 11:06 - 2014-11-15 11:04 - 263893197 _____ () C:\Users\L33tMaN\Desktop\Shw1.0 (2).zip2014-11-15 10:53 - 2014-11-15 11:04 - 263893197 _____ () C:\Users\L33tMaN\Downloads\Shw1.0 (2).zip2014-11-15 10:52 - 2014-12-12 16:48 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-11-15 10:52 - 2014-11-15 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-11-15 10:38 - 2014-11-15 10:49 - 263893197 _____ () C:\Users\L33tMaN\Downloads\Shw1.0 (1).zip2014-11-14 21:42 - 2014-11-14 22:03 - 263893197 _____ () C:\Users\L33tMaN\Downloads\Shw1.0.zip2014-11-14 15:36 - 2014-11-14 15:36 - 00000000 __SHD () C:\Users\L33tMaN\AppData\Local\EmieBrowserModeList ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-14 18:18 - 2014-03-27 18:17 - 00000000 ____D () C:\FRST2014-12-14 18:16 - 2012-08-24 12:41 - 01363987 _____ () C:\windows\WindowsUpdate.log2014-12-14 18:07 - 2012-06-07 22:58 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2014-12-14 17:47 - 2013-01-01 16:32 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2014-12-14 16:39 - 2014-10-04 11:18 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-12-14 16:11 - 2012-12-31 21:36 - 00000000 ____D () C:\Program Files (x86)\Steam2014-12-14 14:47 - 2013-01-01 16:32 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2014-12-14 11:38 - 2012-08-24 11:36 - 00055647 _____ () C:\windows\setupact.log2014-12-13 13:05 - 2009-07-13 23:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-12-13 13:05 - 2009-07-13 23:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-12-13 00:35 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache2014-12-12 17:07 - 2012-06-07 22:58 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2014-12-12 17:07 - 2012-06-07 22:58 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2014-12-12 17:07 - 2012-06-07 22:58 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2014-12-12 16:05 - 2009-07-14 00:13 - 00799374 _____ () C:\windows\system32\PerfStringBackup.INI2014-12-12 16:00 - 2013-06-14 14:49 - 00000350 _____ () C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job2014-12-12 15:59 - 2012-06-08 00:49 - 00000000 ____D () C:\ProgramData\NVIDIA2014-12-12 15:59 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2014-12-12 15:58 - 2014-05-06 21:10 - 00000000 ___SD () C:\windows\system32\CompatTel2014-12-12 15:58 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions2014-12-12 15:58 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\AppCompat2014-12-11 19:47 - 2013-08-15 18:45 - 00000000 ____D () C:\windows\system32\MRT2014-12-11 19:43 - 2012-07-10 16:42 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2014-12-04 18:25 - 2014-10-04 11:18 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-12-04 18:25 - 2014-10-04 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-12-04 18:25 - 2014-10-04 11:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-12-03 14:37 - 2014-07-03 22:23 - 00000000 ____D () C:\Users\L33tMaN\AppData\Local\Activision2014-12-03 14:37 - 2013-01-01 01:44 - 00689153 _____ () C:\windows\DirectX.log2014-12-01 14:33 - 2013-10-19 21:50 - 00000000 ____D () C:\Program Files (x86)\PasswordBox2014-11-28 22:00 - 2013-10-11 23:20 - 00111928 _____ () C:\windows\SysWOW64\PnkBstrB.exe2014-11-25 14:34 - 2013-01-01 17:01 - 02676444 _____ () C:\windows\PFRO.log2014-11-22 23:16 - 2014-01-11 16:24 - 00000000 ____D () C:\Users\L33tMaN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2014-11-21 06:14 - 2014-10-04 11:18 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2014-11-21 06:14 - 2014-10-04 11:18 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2014-11-21 06:14 - 2014-10-04 11:18 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys2014-11-15 11:11 - 2014-04-05 08:31 - 00000000 ____D () C:\Users\L33tMaN\Documents\Command and Conquer Generals Zero Hour Data2014-11-15 11:08 - 2014-04-05 08:23 - 00000000 ____D () C:\Program Files (x86)\Origin2014-11-15 11:08 - 2013-10-10 17:00 - 00000000 ____D () C:\ProgramData\Origin2014-11-15 10:52 - 2013-01-01 16:32 - 00000000 ____D () C:\Users\L33tMaN\AppData\Local\Google2014-11-15 10:51 - 2013-01-01 16:32 - 00000000 ____D () C:\Program Files (x86)\Google2014-11-15 10:35 - 2013-11-30 18:10 - 00000000 ____D () C:\Users\cynical\Desktop\Backup generals2014-11-14 14:42 - 2013-01-01 16:32 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-11-14 14:42 - 2013-01-01 16:32 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-11-14 14:33 - 2009-07-13 23:45 - 00272088 _____ () C:\windows\system32\FNTCACHE.DAT Some content of TEMP:====================C:\Users\L33tMaN\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-06 01:56 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01Ran by L33tMaN at 2014-12-14 18:19:24Running from C:\Users\L33tMaN\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{1CAFFEC6-23B4-484B-B17B-3200BE5C5636}) (Version: 99.9 - Eyeo GmbH)Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)AlienAutopsy (HKLM\...\AlienAutopsy) (Version: 3.1.5907.16 - Dell Inc.)AlienAutopsy (Version: 3.1.5907.16 - PC-Doctor, Inc.) HiddenAlienware Command Center (HKLM-x32\...\InstallShield_{6A7D1CAC-6267-4C71-A759-CB5D9E9FAFAA}) (Version: 2.7.25.0 - Alienware Corp.)Alienware Command Center (Version: 2.7.25.0 - Alienware Corp.) Hiddenallday savings (HKLM\...\A7F8482B-1D99-4EC9-B887-8B130AB7E131) (Version: 2.0.1 - allday savings)Allied Intent .2 client (HKLM-x32\...\Allied Intent .2 client) (Version: - )Allied Intent Xtended 2.0 (HKLM-x32\...\Allied Intent Xtended) (Version: 2.0 - AIX Community)ATI Catalyst Install Manager (HKLM\...\{47B188E2-2447-5C40-15B6-9D49DC90BF5B}) (Version: 3.0.816.0 - ATI Technologies, Inc.)Battlecraft 1942 (HKLM-x32\...\Battlecraft 19422.1) (Version: - )Battlefield 1942 (HKLM-x32\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version: - )Battlefield 1942 Windows Vista/7 Compatibility Fix (HKLM\...\{99720953-c1d6-4b90-8012-b7c3337f4efe}.sdb) (Version: - )Battlefield 1942: Secret Weapons of WWII (HKLM-x32\...\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}) (Version: - )Battlefield 1942: The Road To Rome (HKLM-x32\...\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}) (Version: - )Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)Battlefield 2 (HKLM-x32\...\{A8DBF55D-73C0-4E37-A10E-365BFBB14119}) (Version: 1.5.0.0 - Electronic Arts)Battlefield 2 Demo (HKLM-x32\...\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}) (Version: - )Battlefield Mod Development Toolkit 2.0 Beta (HKLM-x32\...\MDT) (Version: - )Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)Browser+ Apps+ (HKLM-x32\...\Browser+ Apps+) (Version: 1.35.3.9 - app)Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) HiddenCommand & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{25456D58-2414-4CC4-AA1B-CF3A2BE00A79}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command & Conquer™ Renegade (HKLM-x32\...\{97B5E8B9-D5E6-49C4-8CDA-7E096BE2601A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) HiddenCyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.4827 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDesura (HKLM-x32\...\Desura) (Version: 100.53 - Desura) <==== ATTENTION!ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )FFOLKES Unlocks123 mod v1.4.1 (HKLM-x32\...\FFOLKES Unlocks123 mod v1.4.1) (Version: - )FHSW 0.552 (HKLM-x32\...\{B7803AA8-004A-48BA-A869-06E273A4554F}_is1) (Version: 0.552 - FHSWdevs)Free Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - Somoto Ltd) <==== ATTENTIONGameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddeniFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)Jets'n'Guns GOLD 1.222 (HKLM-x32\...\Jets'n'Guns GOLD) (Version: 1.222 - Rake In Grass)Jets'n'Guns GOLD Demo 1.212 (HKLM-x32\...\Jets'n'Guns GOLD Demo) (Version: 1.212 - Rake In Grass)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenLock On: Modern Air Combat (HKLM-x32\...\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}) (Version: 1.00.000 - )Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Max Websearch (HKLM-x32\...\Maxwebsearch) (Version: - Maxwebsearch)Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)MSI ODD Monitor (HKLM-x32\...\InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.5 - Micro-Star Int'l Co., Ltd.)MSI ODD Monitor (x32 Version: 1.0.0.5 - Micro-Star Int'l Co., Ltd.) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)Node.js (HKLM\...\{F40E7A6E-DE41-418B-93DA-81549610E5DF}) (Version: 0.10.33 - Joyent, Inc. and other Node contributors)NVIDIA 3D Vision Driver 296.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.36 - NVIDIA Corporation)NVIDIA Graphics Driver 296.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.36 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.14.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.14.1 - NVIDIA Corporation)NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)OpenSSL 1.0.1j Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version: - OpenSSL Win32 Installer Team)Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)PasswordBox (HKLM-x32\...\PasswordBox) (Version: 1.38.9.4120 - PasswordBox, Inc.)PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.0 - Project Reality)PunkBuster for Battlefield 1942 (HKLM-x32\...\{127B684B-A002-44C8-99A7-6CF8F1E26873}) (Version: - )PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) HiddenRealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) HiddenRealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) HiddenRealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6494 - Realtek Semiconductor Corp.)RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) HiddenSandbox (HKLM-x32\...\Sandbox) (Version: - )Savings Explorer (HKLM-x32\...\Savings Explorer) (Version: 1.24.151.151 - 215 Apps)Scholastic's I SPY Fantasy (HKLM-x32\...\Scholastic's I SPY Fantasy) (Version: - )Scholastic's I SPY Spooky Mansion Deluxe (HKLM-x32\...\Scholastic's I SPY Spooky Mansion Deluxe) (Version: - )Scholastic's I SPY Treasure Hunt (HKLM-x32\...\Scholastic's I SPY Treasure Hunt) (Version: 1.0 - Scholastic Inc.)ScorpionSaver (HKLM-x32\...\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTIONSearch App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C0F05}) (Version: 12.15.5.30 - APN, LLC) <==== ATTENTIONShockWave (HKU\S-1-5-21-383299565-3798718073-3649502856-1001\...\ShockWave) (Version: - )Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)Snap.Do Engine (HKU\S-1-5-21-383299565-3798718073-3649502856-1001\...\{3a4fe0ce-b067-4b97-91d5-63f28f42cc34}) (Version: 11.89.1.18549 - ReSoft Ltd.) <==== ATTENTIONSteam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)SteamVR (HKLM-x32\...\Steam App 250820) (Version: - )Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)Virtual Families Packages (HKU\S-1-5-21-383299565-3798718073-3649502856-1001\...\Virtual Families Packages) (Version: - ) <==== ATTENTIONVTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)Web Protect for Windows (HKLM-x32\...\wp-dcollect-tgu) (Version: 10.0.0 - PC Publishing) <==== ATTENTIONWestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)WOoKie Sniper Mod 1.3 (HKLM-x32\...\WOoKie Sniper Mod) (Version: 1.3 - Scouty)WordPad+ version 1.01 (HKLM-x32\...\WordPad+_is1) (Version: 1.01 - )World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version: - Wargaming.net)World of Warplanes Hack Toll 2.8 (HKLM-x32\...\World of Warplanes Hack Toll 2.8) (Version: - )Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 27-11-2014 23:41:50 Windows Update01-12-2014 19:43:17 Windows Update03-12-2014 19:35:04 Installed DirectX04-12-2014 19:46:25 Windows Update08-12-2014 19:42:52 Windows Update12-12-2014 00:42:07 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2014-11-10 14:48 - 00000878 ____A C:\windows\system32\Drivers\etc\hosts127.0.0.1 name.com109.71.69.254 master.gamespy.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {011370A5-018E-4AA2-A481-1523E7A23A58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)Task: {13054A1C-87B3-40D9-811C-13B64AEBA521} - System32\Tasks\{A4C966BB-E0F7-4EA0-BAFF-378BD1F89D43} => C:\Program Files (x86)\EA GAMES\Command & Conquer Generals Zero Hour\generals.exeTask: {1720B02C-915C-49D2-9F77-41C9414781FD} - System32\Tasks\{E80F6B32-5D3A-42B6-AD92-BB4419995F64} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {19472C8B-735D-4912-9716-B385C44BA07A} - \TidyNetwork Update No Task File <==== ATTENTIONTask: {2D7C059A-1C14-4D22-9089-50AE99B508E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)Task: {310B9523-078B-410A-BFA5-2A8D9F04142C} - System32\Tasks\{407E4C35-61C1-4ED6-9FF4-526E5B00DE1F} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {33B0FF98-90B9-4742-BE46-43BE2D294852} - System32\Tasks\{341E9A2A-7320-4E28-A66E-D615E3701034} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {458EC67D-CDD7-45D8-A283-943A5D498EDF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-383299565-3798718073-3649502856-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)Task: {48F6CB59-69F4-49D7-BE27-BDB0078BC9C4} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTIONTask: {4B0D1B46-6C73-499D-9567-9E407789909A} - System32\Tasks\{773B3E96-62DA-4A63-9D8D-066DDCBF4F0E} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {6582986A-D1AF-425D-8CBC-3D36979D05F8} - System32\Tasks\{5015AB2E-0F21-4061-93FC-F344EC429A96} => pcalua.exe -a "C:\Program Files (x86)\Maxwebsearch\uninstall.exe" -c /u /UserID=acbe75a5-0395-4d54-b43f-c2868abe120f /SourceID= /ImplementationID=maxwebsearchTask: {6696CDCB-90D5-4CD1-B93D-6C8C4C6F116A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {70E0381B-660F-4BC8-8078-68E8787CB7C9} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTIONTask: {7197B96D-7354-4C55-B497-D3886B62D2F4} - \SPBIW_UpdateTask_Time_3438343639393033382d344a414155342a2a236c6c5a No Task File <==== ATTENTIONTask: {7AF87EB6-A50C-42AB-BAC5-ED331B75213F} - System32\Tasks\{B143C027-5E0A-4953-A279-00F911072A82} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {825F3FA3-0D8D-4A97-BED1-ED92E699BE05} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-383299565-3798718073-3649502856-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)Task: {873F3606-145C-40C7-8B7A-F4178B5A0E86} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTIONTask: {8B81D2E4-E4CC-4B83-8E86-E0D6AFED81F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)Task: {982B2063-2ACA-4114-8641-F7F03E4466C7} - System32\Tasks\{1B4171AB-B20F-42D6-90A5-F8B0442B8E9E} => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe [2012-11-14] ()Task: {9EB4D5B3-6838-4BAD-B047-CB7EEACE3979} - System32\Tasks\{FB4A8B1C-210C-4673-86A4-1D3E978BE9DA} => pcalua.exe -a "C:\Remote Programs\Heroes of Hellas\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=532150;name=Heroes of Hellas;dir=C:\Remote Programs\Heroes of Hellas\;prvid=143;cmdid=1;prvdir=DefaultTask: {B3C3C651-4FAA-4BCF-9C5D-35E8745A7124} - System32\Tasks\{2DB518E2-242C-48AE-B842-9B476DC059A7} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {D146400E-D601-4848-B232-E55DAD7CEF7D} - System32\Tasks\{DDAE764B-5E62-4542-81A7-9F530B2AFAEA} => C:\Program Files (x86)\EA GAMES\Command & Conquer Generals Zero Hour\generals.exeTask: {D21A428F-B137-4082-B614-CC2DBDC5027F} - System32\Tasks\{6CD8CB2F-67CF-4051-8371-8C7532DA141C} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {D5E597B0-AEF9-4B45-B1FE-6022BAD894EF} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\windows\TEMP\{7DB42AD0-0673-4FC8-952C-EFABC31619C3}.exeTask: {E57F0D33-3F19-4198-8CC3-C7EE1BB01B67} - System32\Tasks\{3CA31466-DEDD-4D77-9668-9C817280AAC9} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {E7594EA4-3392-41B3-8CDC-D73F6FB3664E} - System32\Tasks\{7C31E5D9-F65C-493F-AFB8-E1DEAB2E500B} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: {F2E7344B-9FA6-44BF-BDC7-FB1E0C2026E5} - System32\Tasks\{D89C3165-63A0-4E42-A9CA-6F65D48D364C} => C:\Program Files (x86)\EA GAMES\Command & Conquer Generals Zero Hour\generals.exeTask: {FF87AC17-1E07-4ED4-91C7-7982BDF43741} - System32\Tasks\{5CCB7AEE-C302-44F7-A930-4C42D2825F16} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe [2004-01-22] ()Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{7DB42AD0-0673-4FC8-952C-EFABC31619C3}.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-11 23:19 - 2014-07-03 22:21 - 00066872 _____ () C:\windows\SysWOW64\PnkBstrA.exe2012-11-29 23:31 - 2012-11-29 23:31 - 00038608 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll2014-08-28 16:50 - 2014-11-11 13:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll2014-08-28 16:50 - 2014-11-11 13:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll2014-08-28 16:50 - 2014-11-11 13:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll2013-03-25 16:23 - 2014-11-11 13:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll2014-05-21 15:15 - 2014-11-18 15:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll2014-08-28 16:50 - 2014-11-11 13:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll2014-08-28 16:50 - 2014-11-11 13:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll2012-12-31 21:37 - 2014-11-18 15:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL2012-12-31 21:37 - 2014-11-11 13:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll2014-08-14 13:25 - 2014-11-11 13:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll2012-06-07 23:09 - 2012-03-06 14:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: BDRegion => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exeMSCONFIG\startupreg: Command Center Controllers => "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStartMSCONFIG\startupreg: Gexfudt => regsvr32.exe /s "C:\Users\L33tMaN\AppData\Local\Downloaded Installations\Gexfudt.dll"MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exeMSCONFIG\startupreg: MediaFire Tray => C:\Users\L33tMaN\AppData\Local\MediaFire Desktop\mf_watch.exeMSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyMSCONFIG\startupreg: MxDock => C:\Program Files (x86)\Maxthon\Modules\MxDock\MxDock.exeMSCONFIG\startupreg: PDVD9LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exeMSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startupMSCONFIG\startupreg: RemoteControl9 => "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sMSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silentMSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot ========================= Accounts: ========================== Administrator (S-1-5-21-383299565-3798718073-3649502856-500 - Administrator - Disabled)cynical (S-1-5-21-383299565-3798718073-3649502856-1002 - Administrator - Enabled) => C:\Users\cynicalGuest (S-1-5-21-383299565-3798718073-3649502856-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-383299565-3798718073-3649502856-1004 - Limited - Enabled)L33tMaN (S-1-5-21-383299565-3798718073-3649502856-1001 - Administrator - Enabled) => C:\Users\L33tMaNUpdatusUser (S-1-5-21-383299565-3798718073-3649502856-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors:==================Error: (12/14/2014 11:49:13 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.1.711, time stamp: 0x542b53ecFaulting module name: mbamcore.dll, version: 1.1.20.0, time stamp: 0x5425b0ddException code: 0xc0000005Fault offset: 0x0003ec90Faulting process id: 0x1694Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3 Error: (12/13/2014 03:36:18 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46Faulting module name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46Exception code: 0xc0000005Fault offset: 0x0034df2dFaulting process id: 0x9e8Faulting application start time: 0xCoDWaW.exe0Faulting application path: CoDWaW.exe1Faulting module path: CoDWaW.exe2Report Id: CoDWaW.exe3 Error: (12/13/2014 02:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46Faulting module name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46Exception code: 0xc0000005Fault offset: 0x0026508eFaulting process id: 0x1630Faulting application start time: 0xCoDWaW.exe0Faulting application path: CoDWaW.exe1Faulting module path: CoDWaW.exe2Report Id: CoDWaW.exe3 Error: (12/13/2014 10:50:44 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.1.711, time stamp: 0x542b53ecFaulting module name: mbamcore.dll, version: 1.1.20.0, time stamp: 0x5425b0ddException code: 0xc0000005Fault offset: 0x0003ec90Faulting process id: 0xeb8Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3 Error: (12/13/2014 00:37:15 AM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (12/08/2014 07:50:47 PM) (Source: SideBySide) (EventID: 80) (User: )Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/07/2014 06:30:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.1.711, time stamp: 0x542b53ecFaulting module name: mbamcore.dll, version: 1.1.20.0, time stamp: 0x5425b0ddException code: 0xc0000005Fault offset: 0x0003ec90Faulting process id: 0x1fd0Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3 Error: (12/07/2014 06:12:51 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 1.0.1.711, time stamp: 0x542b53ecFaulting module name: mbamcore.dll, version: 1.1.20.0, time stamp: 0x5425b0ddException code: 0xc0000005Fault offset: 0x0003ec90Faulting process id: 0xd54Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3 Error: (12/07/2014 05:16:17 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46Faulting module name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46Exception code: 0xc0000005Fault offset: 0x0034eacaFaulting process id: 0x18b0Faulting application start time: 0xCoDWaW.exe0Faulting application path: CoDWaW.exe1Faulting module path: CoDWaW.exe2Report Id: CoDWaW.exe3 Error: (12/07/2014 05:10:46 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program CoDWaW.exe version 1.7.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 12b8 Start Time: 01d01245eb6710b4 Termination Time: 59 Application Path: C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe Report Id: System errors:=============Error: (12/14/2014 11:49:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)Description: The following fatal alert was generated: 70. The internal error state is 105. Error: (12/14/2014 01:59:37 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error: (12/13/2014 03:37:40 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error: (12/13/2014 01:58:24 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error: (12/12/2014 04:02:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (12/12/2014 04:02:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: )Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (12/12/2014 04:00:37 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )Description: 0x800700b7 Error: (12/12/2014 04:00:37 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/ Error: (12/12/2014 04:00:37 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )Description: 0x800700b7 Error: (12/12/2014 04:00:37 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/ Microsoft Office Sessions:=========================Error: (12/14/2014 11:49:13 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.1.711542b53ecmbamcore.dll1.1.20.05425b0ddc00000050003ec90169401d016f4f3196988C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll21c3f496-83b1-11e4-b8b2-848f69f575ee Error: (12/13/2014 03:36:18 PM) (Source: Application Error) (EventID: 1000) (User: )Description: CoDWaW.exe1.7.0.04aea1f46CoDWaW.exe1.7.0.04aea1f46c00000050034df2d9e801d0170b1f26ae99C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exeC:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exeb045803e-8307-11e4-b8b2-848f69f575ee Error: (12/13/2014 02:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )Description: CoDWaW.exe1.7.0.04aea1f46CoDWaW.exe1.7.0.04aea1f46c00000050026508e163001d0170691d1d288C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exeC:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe4bfd8391-82fe-11e4-b8b2-848f69f575ee Error: (12/13/2014 10:50:44 AM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.1.711542b53ecmbamcore.dll1.1.20.05425b0ddc00000050003ec90eb801d0164ea4e21078C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dllcbc0b1bb-82df-11e4-b8b2-848f69f575ee Error: (12/13/2014 00:37:15 AM) (Source: SideBySide) (EventID: 33) (User: )Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe Error: (12/08/2014 07:50:47 PM) (Source: SideBySide) (EventID: 80) (User: )Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\L33tMaN\Downloads\esetsmartinstaller_enu.exe Error: (12/07/2014 06:30:05 PM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.1.711542b53ecmbamcore.dll1.1.20.05425b0ddc00000050003ec901fd001d01274c2ef21beC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dllf8b73a4d-7e68-11e4-84e5-848f69f575ee Error: (12/07/2014 06:12:51 PM) (Source: Application Error) (EventID: 1000) (User: )Description: mbam.exe1.0.1.711542b53ecmbamcore.dll1.1.20.05425b0ddc00000050003ec90d5401d011f84acf4271C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll907c9dfe-7e66-11e4-84e5-848f69f575ee Error: (12/07/2014 05:16:17 PM) (Source: Application Error) (EventID: 1000) (User: )Description: CoDWaW.exe1.7.0.04aea1f46CoDWaW.exe1.7.0.04aea1f46c00000050034eaca18b001d0126ab5eb3390C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exeC:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exea9b354f3-7e5e-11e4-84e5-848f69f575ee Error: (12/07/2014 05:10:46 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: CoDWaW.exe1.7.0.012b801d01245eb6710b459C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe CodeIntegrity Errors:=================================== Date: 2014-09-24 20:36:26.184 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-24 20:36:26.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-24 20:36:25.946 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-21 18:52:39.002 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-21 18:52:38.887 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-21 18:52:38.773 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-20 04:20:36.831 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-20 04:20:36.714 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-20 04:20:36.598 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-18 14:50:36.248 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core i7-3770 CPU @ 3.40GHzPercentage of memory in use: 24%Total physical RAM: 8090.38 MBAvailable physical RAM: 6070.42 MBTotal Pagefile: 16178.93 MBAvailable Pagefile: 13519.34 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:921.32 GB) (Free:506.99 GB) NTFSDrive d: (DISC_2_BF1942_2) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 931.5 GB) (Disk ID: 20F39EF4) Partition: GPT Partition Type. ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 11, 2015 Root Admin ID:928529 Share Posted January 11, 2015 We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you. Thank you and sorry we missed your topic. Link to post Share on other sites More sharing options...
Recommended Posts