Jump to content

Computer randomly shuts down, possible malware?


Quedas

Recommended Posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by Quedas (administrator) on SOB (18-12-2015 13:25:40)
Running from C:\Users\Quedas\Desktop
Loaded Profiles: Quedas (Available Profiles: Quedas)
Platform: Windows 8 Enterprise Evaluation (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\wlms\wlms.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(© 2015 Microsoft Corporation) C:\Users\Quedas\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8459480 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-01] (Logitech Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\Run: [bingSvc] => C:\Users\Quedas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-01] (Overwolf LTD)
HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\Run: [GoogleChromeAutoLaunch_C852F25046FA96DF0BAA0919AC8A42BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-10] (Google Inc.)
HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\MountPoints2: {6dc8da3c-2cf9-11e5-be7b-fcaa14c32a12} - "F:\Startme.exe" 
HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\MountPoints2: {709de92f-1738-11e5-be66-806e6f6e6963} - "Explorer.exe" monitor.htm
AppInit_DLLs-x32: s => No File
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3CE33B6F-8385-45F7-8F97-898F0A1BE32A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97C5D0BC-D321-4184-BFA5-EB6927A64ECB}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=U162
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-11-10] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
 
Chrome: 
=======
CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-30]
CHR Extension: (Steam inventory helper) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-11-30]
CHR Extension: (Google Search) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (SiteAdvisor) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-12-18]
CHR Extension: (Infinite) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafklakdgcbpeekbhckaoolplnlflaec [2015-10-05]
CHR Extension: (Bing) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2015-06-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Enhanced Steam) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-11-30]
CHR Extension: (Gmail) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-19]
CHR Extension: (Twitch Giveaways) - C:\Users\Quedas\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2015-09-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-18]
CHR HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-18]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-11-13] (altPUG LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-08-04] (EasyAntiCheat Ltd)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe [1694152 2015-10-27] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-01] (Overwolf LTD)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R2 WLMS; C:\Windows\system32\wlms\wlms.exe [21504 2012-07-25] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2015-07-18] (Sony Mobile Communications)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-06-22] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
R3 pimou; C:\Windows\System32\drivers\pimou.sys [23608 2014-01-13] (Christian Gulden)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu_XP.sys [3767048 2015-06-19] (Realtek Semiconductor Corporation                           )
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [294912 2015-10-03] (VIA Technologies, Inc.)
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-18 13:25 - 2015-12-18 13:26 - 00019653 _____ C:\Users\Quedas\Desktop\FRST.txt
2015-12-18 13:25 - 2015-12-18 13:25 - 00000000 ____D C:\FRST
2015-12-18 13:24 - 2015-12-18 13:24 - 02370048 _____ (Farbar) C:\Users\Quedas\Desktop\FRST64.exe
2015-12-18 13:06 - 2015-12-18 13:16 - 00003846 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2015-12-18 13:06 - 2015-12-18 13:06 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2015-12-18 12:45 - 2015-12-18 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-12-18 03:37 - 2015-12-18 03:37 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-18 03:06 - 2015-12-18 03:06 - 00000017 _____ C:\Users\Quedas\AppData\Local\resmon.resmoncfg
2015-12-18 01:06 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-12-18 01:05 - 2015-12-18 01:05 - 00003080 _____ C:\Windows\System32\Tasks\McAfeeLogon
2015-12-18 01:05 - 2015-12-18 01:05 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2015-12-18 01:05 - 2015-09-23 09:43 - 00497888 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
2015-12-18 01:05 - 2015-09-23 09:43 - 00082072 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeelamk.sys
2015-12-18 01:05 - 2015-09-23 09:43 - 00080760 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
2015-12-18 01:04 - 2015-12-18 01:06 - 00000000 ____D C:\Program Files\McAfee
2015-12-18 01:04 - 2015-12-18 01:04 - 00000000 ____D C:\Program Files\McAfee.com
2015-12-18 01:04 - 2015-09-23 09:43 - 00244544 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfewfpk.sys
2015-12-18 01:03 - 2015-12-18 01:06 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-12-18 01:03 - 2015-12-18 01:03 - 00003344 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2015-12-18 01:00 - 2015-12-18 01:06 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-12-18 01:00 - 2015-12-18 01:00 - 08204776 _____ (McAfee, Inc.) C:\Users\Quedas\Downloads\Setup_serial_2xo-oMfVpv6ybMbd8YXdSQ2_key.exe
2015-12-18 01:00 - 2015-09-23 09:43 - 00841944 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
2015-12-18 01:00 - 2015-09-23 09:43 - 00415976 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeaack.sys
2015-12-18 01:00 - 2015-09-23 09:43 - 00351120 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2015-12-18 01:00 - 2015-09-21 13:33 - 00256840 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2015-12-18 00:39 - 2015-12-18 12:41 - 00003014 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-12-17 22:32 - 2015-12-17 22:32 - 00000000 ____D C:\Users\Quedas\AppData\Local\Apps\2.0
2015-12-17 22:18 - 2015-12-17 22:21 - 00000000 ____D C:\Users\Quedas\AppData\Local\Adobe
2015-12-17 22:18 - 2015-12-17 22:18 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-12-17 22:13 - 2015-12-17 22:13 - 00001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
2015-12-17 19:23 - 2015-12-17 19:23 - 00000000 ____D C:\Windows\Panther
2015-12-14 14:52 - 2015-12-15 03:48 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\DisplayTune
2015-12-14 14:52 - 2015-12-14 14:52 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Portrait Displays
2015-12-14 14:52 - 2015-12-14 14:52 - 00000000 ____D C:\Users\Quedas\AppData\Local\DisplayTune
2015-12-14 02:03 - 2015-12-14 02:03 - 00002763 _____ C:\Users\Quedas\Desktop\Rising Thunder.lnk
2015-12-14 00:51 - 2015-12-14 00:51 - 00179006 _____ C:\Users\Quedas\Documents\cc_20151214_005116.reg
2015-12-14 00:34 - 2015-12-14 00:34 - 00000000 ____D C:\Program Files\CCleaner
2015-12-13 22:50 - 2015-12-13 22:50 - 00001610 _____ C:\Users\Quedas\Desktop\The Elder Scrolls Online.lnk
2015-12-13 22:50 - 2015-12-13 22:50 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2015-12-13 13:41 - 2015-12-18 12:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-13 13:41 - 2015-07-22 20:31 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-12-13 13:41 - 2015-07-22 20:31 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-12-13 13:41 - 2015-07-22 20:31 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-12-13 13:41 - 2015-07-22 20:31 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-12-13 13:41 - 2015-07-22 20:31 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-12-13 13:41 - 2015-07-22 20:31 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-12-13 13:41 - 2015-07-22 19:46 - 00572232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-12-13 13:41 - 2015-07-20 09:16 - 05121613 _____ C:\Windows\system32\nvcoproc.bin
2015-12-13 13:40 - 2015-07-24 18:28 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-12-13 13:40 - 2015-07-24 18:28 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-13 13:40 - 2015-07-24 18:28 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-13 13:40 - 2015-07-22 23:06 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 01101856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 01061008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 01053000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00983368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00976528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00940104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00503592 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-12-13 13:40 - 2015-07-22 23:06 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-12-13 13:33 - 2015-12-13 13:34 - 292456168 _____ (NVIDIA Corporation) C:\Users\Quedas\Downloads\353.62-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-12-13 13:19 - 2015-12-13 13:19 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-12-13 13:09 - 2015-12-13 13:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-13 13:09 - 2015-12-13 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-13 03:10 - 2015-12-13 03:11 - 00281624 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-12 15:52 - 2015-08-10 09:34 - 05331968 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-12-12 15:52 - 2015-08-10 09:34 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-12-12 15:52 - 2015-08-10 09:34 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-12-12 12:05 - 2015-12-12 12:05 - 01894400 _____ (master131) C:\Users\Quedas\Downloads\Extreme Injector v3.exe
2015-12-12 11:06 - 2015-12-12 11:06 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\2K Sports
2015-12-11 21:36 - 2015-12-11 21:36 - 00000222 _____ C:\Users\Quedas\Desktop\NBA 2K15.url
2015-12-10 19:51 - 2015-12-10 19:51 - 00034720 _____ C:\Users\Quedas\Downloads\defaults.cfg
2015-12-09 07:58 - 2015-11-16 11:17 - 06970712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-09 07:58 - 2015-11-16 11:10 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-09 07:58 - 2015-11-16 09:55 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-09 07:58 - 2015-11-16 09:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-12-09 07:58 - 2015-11-16 09:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-12-09 07:58 - 2015-11-16 09:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-12-09 07:58 - 2015-11-16 09:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-12-09 07:58 - 2015-11-16 09:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-12-09 07:58 - 2015-11-16 09:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-12-09 07:58 - 2015-11-16 09:28 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 07:58 - 2015-11-16 09:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-12-09 07:58 - 2015-11-16 09:28 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 07:58 - 2015-11-16 09:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-12-09 07:58 - 2015-11-16 09:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-12-09 07:58 - 2015-11-16 09:26 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-12-09 07:58 - 2015-11-16 09:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-12-09 07:58 - 2015-11-07 07:46 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 07:58 - 2015-11-07 07:46 - 01408512 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 07:58 - 2015-11-07 07:46 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-12-09 07:58 - 2015-11-07 07:46 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 07:58 - 2015-11-07 07:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-12-09 07:58 - 2015-11-07 07:45 - 19349504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 07:58 - 2015-11-07 07:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 07:58 - 2015-11-07 07:45 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 07:58 - 2015-11-07 07:44 - 15423488 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 07:58 - 2015-11-07 07:44 - 03806208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 07:58 - 2015-11-07 07:44 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 07:58 - 2015-11-07 07:44 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 07:58 - 2015-11-07 07:44 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-09 07:58 - 2015-11-07 07:44 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 07:58 - 2015-11-07 07:44 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 07:58 - 2015-11-07 07:44 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 07:58 - 2015-11-07 04:34 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 07:58 - 2015-11-07 04:34 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 07:58 - 2015-11-07 04:34 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 07:58 - 2015-11-07 04:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 14269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 13723136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 02793984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 00715776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 07:58 - 2015-11-07 04:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 07:58 - 2015-11-07 00:29 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-12-09 07:58 - 2015-10-24 00:28 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-12-09 07:58 - 2015-10-24 00:24 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-12-09 07:58 - 2015-10-22 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 07:58 - 2015-10-22 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 07:58 - 2015-10-22 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 07:58 - 2015-10-22 14:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 07:58 - 2015-10-22 14:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 07:58 - 2015-10-22 14:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 07:58 - 2015-10-22 08:43 - 00478280 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 07:58 - 2015-10-22 08:42 - 00478280 _____ C:\Windows\system32\locale.nls
2015-12-09 07:57 - 2015-11-07 07:46 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 07:57 - 2015-11-07 07:44 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 07:57 - 2015-11-07 07:44 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 07:57 - 2015-11-07 04:32 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 07:57 - 2015-11-07 02:52 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 07:57 - 2015-11-07 00:53 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 07:57 - 2015-11-07 00:52 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-12-09 07:57 - 2015-11-07 00:46 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-12-09 07:57 - 2015-11-05 04:55 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 07:57 - 2015-10-31 03:14 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-12-09 07:57 - 2015-10-31 02:33 - 02308096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-04 21:16 - 2015-12-04 21:16 - 00000222 _____ C:\Users\Quedas\Desktop\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.url
2015-12-03 19:52 - 2014-01-13 22:50 - 00023608 _____ (Christian Gulden) C:\Windows\system32\Drivers\pimou.sys
2015-12-02 14:47 - 2015-12-02 14:47 - 00002462 _____ C:\Windows\System32\Tasks\0615pizUpdateInfo
2015-12-02 14:47 - 2015-12-02 14:47 - 00000362 _____ C:\Windows\Tasks\0615pizUpdateInfo.job
2015-12-02 14:47 - 2015-12-02 14:47 - 00000000 ____D C:\ProgramData\Avg_Update_0615piz
2015-12-02 14:43 - 2015-12-02 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-12-02 14:18 - 2015-10-03 13:46 - 00294912 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\xhcdrv.sys
2015-11-30 21:35 - 2015-10-16 03:52 - 00935168 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-11-30 21:35 - 2015-10-16 03:52 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-11-29 19:49 - 2012-12-03 23:49 - 00011944 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\amdide64.sys
2015-11-29 19:46 - 2014-01-22 01:11 - 00081608 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2015-11-29 19:46 - 2014-01-22 01:11 - 00025800 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2015-11-29 09:31 - 2015-12-13 17:48 - 00000000 ____D C:\Users\Quedas\Documents\ProfileCache
2015-11-29 09:31 - 2015-12-13 17:34 - 00000000 ____D C:\Users\Quedas\Documents\The Crew
2015-11-29 09:29 - 2015-11-29 15:08 - 00000000 ____D C:\Users\Quedas\AppData\Local\Ubisoft Game Launcher
2015-11-29 09:29 - 2015-11-29 09:29 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-11-29 09:29 - 2015-11-29 09:29 - 00000000 ____D C:\Users\Quedas\AppData\Local\Ubisoft
2015-11-29 09:29 - 2015-11-29 09:29 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-11-28 20:57 - 2015-11-28 20:57 - 00000000 ____D C:\Users\Quedas\Documents\DyingLight
2015-11-28 19:36 - 2015-06-19 02:54 - 03767048 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu_XP.sys
2015-11-28 19:36 - 2015-06-19 02:54 - 00030472 _____ (Windows ® Server 2003 DDK provider) C:\Windows\system32\rtlCoInst.dll
2015-11-28 19:36 - 2015-02-16 15:19 - 00008320 _____ C:\Windows\system32\rtlCoInst.dat
2015-11-28 19:32 - 2015-12-17 20:38 - 00003376 _____ C:\Windows\System32\Tasks\DriverMaxAgent
2015-11-28 19:32 - 2015-11-28 19:32 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Innovative Solutions
2015-11-28 19:32 - 2015-11-28 19:32 - 00000000 ____D C:\Users\Quedas\AppData\Local\Innovative Solutions
2015-11-28 19:26 - 2015-11-28 19:26 - 00000222 _____ C:\Users\Quedas\Desktop\Dying Light.url
2015-11-28 17:39 - 2015-11-28 17:39 - 00000000 ____D C:\Users\Quedas\AppData\Local\DriverToolkit
2015-11-28 16:25 - 2015-11-28 16:25 - 00000222 _____ C:\Users\Quedas\Desktop\The Crew.url
2015-11-20 01:07 - 2015-12-14 00:37 - 00000000 ____D C:\Users\Quedas\AppData\Local\CrashDumps
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-18 13:25 - 2012-07-26 00:37 - 00000000 ____D C:\Windows
2015-12-18 13:19 - 2015-06-20 06:51 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Skype
2015-12-18 13:17 - 2015-06-20 05:45 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-18 13:10 - 2015-06-21 00:39 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-18 13:10 - 2015-06-21 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-18 13:10 - 2015-06-21 00:39 - 00000000 ____D C:\Program Files\WinRAR
2015-12-18 13:06 - 2015-06-20 07:43 - 00000000 ____D C:\ProgramData\McAfee
2015-12-18 12:43 - 2015-07-30 02:03 - 00000000 ____D C:\ProgramData\MFAData
2015-12-18 12:40 - 2015-06-20 05:45 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-18 12:40 - 2012-07-26 02:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-18 04:37 - 2015-06-20 07:47 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-18 03:48 - 2015-06-20 05:47 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2553395005-3539233402-4215753755-1001
2015-12-18 03:18 - 2012-07-26 00:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-12-18 02:49 - 2012-07-26 00:37 - 00000000 ____D C:\Windows\Inf
2015-12-18 01:10 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-12-18 01:05 - 2015-07-27 07:28 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-12-18 01:05 - 2012-07-26 03:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-12-18 01:03 - 2015-10-25 02:07 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-17 23:53 - 2015-07-09 00:19 - 00000000 ____D C:\Users\Quedas\AppData\Local\Purplizer
2015-12-17 23:41 - 2015-07-09 00:16 - 00000000 ____D C:\Users\Quedas\AppData\Local\Overwolf
2015-12-17 23:02 - 2015-09-17 16:04 - 00000080 _____ C:\Users\Quedas\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-12-17 22:55 - 2015-06-19 20:22 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-12-17 22:18 - 2015-06-20 05:42 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Adobe
2015-12-17 20:44 - 2015-06-26 13:26 - 00000000 ____D C:\Users\Quedas\AppData\Local\Game Dev Tycoon - Steam
2015-12-17 18:05 - 2015-06-20 07:01 - 00000000 ____D C:\Users\Quedas\AppData\Local\Battle.net
2015-12-16 21:07 - 2015-07-18 01:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-16 21:02 - 2015-06-20 07:01 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-16 15:23 - 2015-06-28 00:10 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Awesomium
2015-12-15 21:30 - 2015-06-20 21:06 - 00000000 ____D C:\Program Files\Rockstar Games
2015-12-15 21:30 - 2015-06-20 21:06 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-12-15 04:00 - 2015-06-20 05:41 - 00000000 ____D C:\Users\Quedas
2015-12-14 00:37 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\ModemLogs
2015-12-13 13:51 - 2015-06-20 06:49 - 00000000 ____D C:\Users\Quedas\AppData\Local\NVIDIA Corporation
2015-12-13 13:51 - 2015-06-20 06:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-13 13:51 - 2015-06-20 06:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-13 13:51 - 2015-06-20 06:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-13 13:50 - 2015-06-20 06:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-13 13:41 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\Help
2015-12-13 13:40 - 2015-06-19 20:45 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\NVIDIA
2015-12-13 13:09 - 2015-06-20 06:51 - 00000000 ____D C:\Users\Quedas\AppData\Local\Skype
2015-12-13 13:09 - 2015-06-20 06:50 - 00000000 ____D C:\ProgramData\Skype
2015-12-12 15:53 - 2012-07-26 02:59 - 00000000 ____D C:\Windows\CbsTemp
2015-12-12 14:32 - 2015-10-06 20:02 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\LG Electronics
2015-12-12 14:26 - 2015-06-19 23:28 - 00000000 ____D C:\Users\Quedas\Documents\My Games
2015-12-12 01:59 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\rescache
2015-12-11 21:49 - 2015-10-24 22:22 - 00000000 ____D C:\minecraft server
2015-12-11 15:44 - 2015-06-22 16:48 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-11 15:24 - 2015-06-19 16:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 15:24 - 2015-06-19 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 15:18 - 2012-07-26 03:12 - 00000000 ___RD C:\Windows\ToastData
2015-12-11 10:32 - 2015-06-20 07:01 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\Battle.net
2015-12-11 10:32 - 2015-06-20 07:00 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-09 22:41 - 2015-11-02 12:31 - 00000000 ____D C:\Users\Quedas\Documents\The Witcher 3
2015-12-09 11:31 - 2015-06-19 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 11:30 - 2015-06-21 02:35 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 11:26 - 2015-06-21 02:35 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 19:28 - 2015-06-20 05:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-07 17:13 - 2015-07-19 02:10 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\OBS
2015-12-07 17:05 - 2015-07-19 02:09 - 00000000 ____D C:\Program Files (x86)\OBS
2015-12-06 12:17 - 2015-07-09 00:17 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-12-04 20:27 - 2015-10-24 20:15 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\.minecraft
2015-12-02 14:49 - 2015-07-30 02:12 - 00000000 ____D C:\ProgramData\AVG2015
2015-12-02 14:46 - 2015-11-01 12:05 - 00000000 ____D C:\Users\Quedas\AppData\Roaming\AVG
2015-12-02 14:46 - 2015-07-31 07:51 - 00000000 ____D C:\Users\Quedas\AppData\Local\Avg
2015-12-02 14:46 - 2015-07-30 02:12 - 00000000 ___HD C:\$AVG
2015-12-02 14:46 - 2015-07-30 02:08 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-02 14:45 - 2015-07-30 02:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-02 14:44 - 2015-11-01 12:04 - 00000000 ____D C:\ProgramData\Avg
2015-12-02 14:43 - 2015-11-01 12:02 - 00000000 ____D C:\Users\Quedas\AppData\Local\AvgSetupLog
2015-12-01 21:12 - 2015-06-20 05:45 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-01 21:12 - 2015-06-20 05:45 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-30 20:11 - 2015-06-21 10:52 - 00826336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-30 20:11 - 2015-06-21 10:52 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-30 15:50 - 2012-07-26 02:28 - 00848230 _____ C:\Windows\system32\PerfStringBackup.INI
 
==================== Files in the root of some directories =======
 
2015-06-21 00:40 - 2015-06-21 00:40 - 0159200 ____T () C:\Users\Quedas\AppData\Roaming\CrashRpt1402.dll
2015-12-18 03:06 - 2015-12-18 03:06 - 0000017 _____ () C:\Users\Quedas\AppData\Local\resmon.resmoncfg
2015-06-20 05:54 - 2015-06-20 05:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Quedas\AppData\Local\Temp\McCSPInstall.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-16 04:36
 
==================== End of FRST.txt ============================

 

 

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015

Ran by Quedas (2015-12-18 13:26:21)

Running from C:\Users\Quedas\Desktop

Windows 8 Enterprise Evaluation (X64) (2015-06-20 10:41:49)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2553395005-3539233402-4215753755-500 - Administrator - Disabled)

Guest (S-1-5-21-2553395005-3539233402-4215753755-501 - Limited - Disabled)

Quedas (S-1-5-21-2553395005-3539233402-4215753755-1001 - Administrator - Enabled) => C:\Users\Quedas

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}

FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.34 - GIGABYTE)

Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden

AMD Catalyst Install Manager (HKLM\...\{1D1DCF8A-6961-F848-0DA0-5401969C44CE}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies)

AVG (Version: 16.12.7294 - AVG Technologies) Hidden

AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden

AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)

AVG Zen (Version: 1.22.1 - AVG Technologies) Hidden

Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)

Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)

CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)

CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)

DC Universe Online (HKLM-x32\...\Steam App 24200) (Version:  - Daybreak Games)

DC Universe Online Live (HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)

DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)

Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)

Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)

Dying Light (HKLM-x32\...\Steam App 239140) (Version:  - Techland)

ET6 B15.0210.1 (HKLM-x32\...\InstallShield_{35D86AE6-EC16-4C56-8CE7-B85F0E5EFFA4}) (Version: 1.00.0000 - GIGABYTE)

ET6 B15.0210.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden

FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden

Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)

Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden

Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)

GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)

H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)

Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)

League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)

LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.3 - LG Electronics)

Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)

McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)

McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD)

MSI Kombustor 2.5.6 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)

NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)

NBA 2K15 (HKLM-x32\...\Steam App 282350) (Version:  - Visual Concepts)

NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)

NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)

ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)

Overwolf (HKLM-x32\...\Overwolf) (Version: 0.91.22.0 - Overwolf Ltd.)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)

Pinball Arcade (HKLM-x32\...\Steam App 238260) (Version:  - FarSight Studios)

Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7457 - Realtek Semiconductor Corp.)

Rising Thunder (HKLM-x32\...\{058B8624-E23B-4AD5-AF38-F9E70D6225EE}) (Version: 1.00.0000 - Radiant)

RivaTuner Statistics Server 6.1.1 (HKLM-x32\...\RTSS) (Version: 6.1.1 - Unwinder)

Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)

Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)

Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)

The Crew (HKLM-x32\...\Steam App 241560) (Version:  - Ivory Tower in collaboration with Ubisoft Reflections)

The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)

The Elder Scrolls Online: Tamriel Unlimited (HKLM-x32\...\Steam App 306130) (Version:  - Zenimax Online Studios)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)

Uplay (HKLM-x32\...\Uplay) (Version: 12.0 - Ubisoft)

VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-2553395005-3539233402-4215753755-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Quedas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)

CustomCLSID: HKU\S-1-5-21-2553395005-3539233402-4215753755-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Quedas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)

 

==================== Restore Points =========================

 

14-12-2015 14:46:19 Installed Display Pilot

14-12-2015 14:46:45 Installed Display Pilot

15-12-2015 03:48:21 Removed Display Pilot

15-12-2015 03:48:38 Removed Display Pilot

17-12-2015 22:13:12 Installed Adobe Reader 9.

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0DFEB586-1D5C-4562-AAD8-278CBDCBC970} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {37694F3E-F9F0-4BC6-901B-9405266FBA98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {3B1D2B63-2E2C-43C8-BC07-E3C697CD2F32} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe

Task: {4F2E45BA-F0D9-4AE9-A061-CF44B3623A41} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)

Task: {5058BA31-570D-4515-965A-2DAEB26DF2BA} - System32\Tasks\McAfee\McAfee Idle Detection Task

Task: {543F67B9-27D8-405C-AEB6-B086CDF77164} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-12-01] (Overwolf LTD)

Task: {5F44CF43-C0C2-4C17-A92B-60BF7FE9F310} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)

Task: {75BE614F-EC2F-4CC5-901F-E1D79BA67661} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-09] (Microsoft Corporation)

Task: {8D3D9A6B-B905-4CD6-80EC-8BC366E278D7} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent

Task: {9D0149E4-8E55-460E-9B9F-6C8A5895EA85} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)

Task: {9E517871-AC93-4213-99DE-F0C7E98774F2} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)

Task: {A8FEEB71-6E5D-4E84-8B55-2BCD13628841} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)

Task: {AAA2529E-AF1C-45AE-9479-7E7684C1AC6B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)

Task: {B10B613D-510D-4AA6-8B9F-125595709C46} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-05-19] ()

Task: {FB367523-CAD2-43BB-9470-C750A78DB0B7} - System32\Tasks\0615pizUpdateInfo => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe [2015-11-03] ()

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\0615pizUpdateInfo.job => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

==================== Loaded Modules (Whitelisted) ==============

 

2015-12-13 13:41 - 2015-07-22 20:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-03-06 19:07 - 2015-03-06 19:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2015-07-01 19:28 - 2015-07-01 19:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2015-03-06 19:07 - 2015-03-06 19:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2015-07-01 19:28 - 2015-07-01 19:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2015-12-16 17:24 - 2015-12-10 22:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll

2015-12-16 17:24 - 2015-12-10 22:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll

2015-12-02 14:43 - 2015-12-02 14:42 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

2015-11-25 20:18 - 2015-11-25 20:18 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll

2015-12-16 17:24 - 2015-12-10 22:54 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WLMS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WLMS => ""="Service"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Quedas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\StartupApproved\Run: => "Overwolf"

HKU\S-1-5-21-2553395005-3539233402-4215753755-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C852F25046FA96DF0BAA0919AC8A42BE"

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{17240A64-9AEB-4B27-81BC-E8DCDB374362}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{5BDFA0F4-2862-404C-A0FB-B0D6DF5AEF6F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{3BFA2ADA-7525-47EE-B4E3-1133E3C4B130}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{51B48E32-3D8C-4BCF-84E8-2F427D9C474C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{C5F64D83-8717-4E62-9AD2-D3C875FA9B66}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{5E5D0CCD-E6B3-40DF-8C36-B2841AB15811}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{1C77EF83-B346-40B0-AC4C-82EAD1BD17D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{F29F61E7-8415-49BC-A2D1-C8F8FEBFE75E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{41E64D17-8593-4A71-8C74-74558DA690F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{0E05B9AB-63A3-4383-8BD8-45AF3C574B62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{762087BD-5CDE-431B-B760-2619CC9D028F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{263EB7D5-E41B-46F2-AE74-645C4687B777}] => (Allow) LPort=80

FirewallRules: [{65B0F2F2-F047-4BAB-AB73-BE616E20FD2F}] => (Allow) LPort=443

FirewallRules: [{8A86335D-A7FC-4CF8-896D-D74A7260456F}] => (Allow) LPort=20010

FirewallRules: [{09FCA12A-E5B9-4BDB-974C-07B39E6515B7}] => (Allow) LPort=3478

FirewallRules: [{04A4FEC8-051C-4B96-8347-2C35CA2DAF36}] => (Allow) LPort=7850

FirewallRules: [{CDECAFC6-EB35-4408-9D48-FDDF9BE57700}] => (Allow) LPort=7852

FirewallRules: [{BC2D8EBE-59F3-43E1-AF74-F8218291E5F0}] => (Allow) LPort=7853

FirewallRules: [{0C4E80B7-D959-4DEC-8099-FEB85E9CF335}] => (Allow) LPort=27022

FirewallRules: [{CABCDD26-92C6-4278-80E7-68E2889A9134}] => (Allow) LPort=6881

FirewallRules: [{F70D2EBB-B75B-4EC2-9095-C3B9E5B19390}] => (Allow) LPort=33333

FirewallRules: [{DB8D49F7-3E77-4B83-86B1-5A0AECF79CB9}] => (Allow) LPort=20443

FirewallRules: [{C6439C9F-9828-424F-9D17-9DE46D1C34AC}] => (Allow) LPort=8090

FirewallRules: [{79107A56-0B97-41DC-9983-D6FD664A4795}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe

FirewallRules: [{23D51C12-1EBB-427D-8C3A-41A06D3CC73B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe

FirewallRules: [{69D2BE61-09F3-49EB-B14A-D6B26A32637C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe

FirewallRules: [{479DD709-E564-4908-9F82-21DABFCC45BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe

FirewallRules: [{88D8A200-ABEF-4E20-916D-AEAE16E4624B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe

FirewallRules: [{2A03AFCD-8A1C-4987-9465-F36AC2E4CB66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe

FirewallRules: [{DBFBAC9C-543B-4B65-BA52-6B83812178E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [{4E6C081A-007B-420A-BA59-2BA51DF11409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [{292A4551-5190-4D91-804B-E27CD0F03650}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe

FirewallRules: [{E7EECF27-C9A1-4ACA-93EB-BBBD253E34F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe

FirewallRules: [{F2004413-B9E6-45D8-97FA-F6F4717380FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe

FirewallRules: [{9B083661-DE72-4A75-9A75-42EF00B2B647}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe

FirewallRules: [{75EC861D-E786-4BD7-87AF-2B3A8A1DD852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe

FirewallRules: [{C4108BDA-F8DE-42FB-8DAD-C9AF20BC787F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe

FirewallRules: [{700333B4-ACFE-4F7A-913B-AE614C5AC88D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{CE661529-6A29-4207-BA76-32B4A7D38B8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{297F8BA7-2042-4D92-AD64-F2FFDAC33D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe

FirewallRules: [{F6DCF04A-398B-4946-9259-A432D8961144}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe

FirewallRules: [{34DB72CC-6E0A-473E-9445-9F1847A3CC08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe

FirewallRules: [{5709A885-D88C-498A-8542-5B5EB7F0FAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zenimax Online\zosSteamStarter.exe

FirewallRules: [{6AF62344-2F0C-4DAC-80CE-CA393C53598F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe

FirewallRules: [{9463A1F0-4E21-41EA-B674-3CF9F84C82A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe

FirewallRules: [{6CC7F56C-17EC-409E-94D6-D8B7534C07E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{3A3BAE13-6531-4247-8455-1EA211A0454A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{B16C49EC-DC40-48D8-9404-CBEC72AD5D15}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{C79253DD-4B56-4216-9288-9D4B55C57DCC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe

FirewallRules: [{0DF27878-FD38-48A7-98E9-FE3A60F3C3A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe

FirewallRules: [{EE397FAC-4823-47E7-BCEC-B8F2C5E9A6B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe

FirewallRules: [{F38C69CE-AD25-426B-9247-73A529FD6C47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe

FirewallRules: [{EAD6F2D0-717E-4EDC-8898-E0E76C07DA73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe

FirewallRules: [{039BCCB1-9C94-4D55-9B1A-C06B245422F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe

FirewallRules: [{176BE9F3-244B-402D-B1E8-9670717A8653}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe

FirewallRules: [{B0E1444A-7ED9-47B8-9708-B0590BF8C2AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe

FirewallRules: [{89EB6BE8-689F-484F-A3AE-38F01D0028BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe

FirewallRules: [{5DB5D22E-653F-43E5-8C5A-394729836A6D}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe

FirewallRules: [{1C7E2E32-F2B0-4D6D-A52B-21A74ED2819F}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe

FirewallRules: [{9E3ACA20-1D9C-48DB-8D66-1C0AFFB73626}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe

FirewallRules: [{95C781E0-0864-4829-AE86-0B3896FC70EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe

FirewallRules: [{A2D788BC-1C6E-4751-BF96-6DBDBE986614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [{A8E5CBF4-9DA2-432D-BAF9-1D2B44B454E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [TCP Query User{6B73E730-58DB-406C-A7BC-0CF8E0CEEC7C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [uDP Query User{011948A7-661B-4055-BE82-573D01E54BD7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [{D70BADFF-9705-48F8-BF5C-667D530A7372}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{A6A71EDD-D6F5-4523-BDA2-C1302A07A180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{468BA431-C979-4C81-94F3-F90801B73FA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{F7CD0256-0EC3-4F49-B0D3-72CA18174EC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [TCP Query User{FD97331B-71E7-4FD1-8D2C-9849AD754FC0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [uDP Query User{927652FC-93A3-4D19-8460-F512A3585207}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [TCP Query User{644A2512-53E3-4E54-8B22-AD128D7A7D6C}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe

FirewallRules: [uDP Query User{198B1CD9-A75B-41BF-8427-18B6D20C680D}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe

FirewallRules: [TCP Query User{B6ECE960-D4DA-441B-9094-BD18AEBCA76A}C:\program files (x86)\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\java.exe

FirewallRules: [uDP Query User{8F92B338-477F-4A44-8DD7-7ACCBE8539B7}C:\program files (x86)\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\java.exe

FirewallRules: [TCP Query User{C7651E92-868E-4C29-9339-22696E32E583}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [uDP Query User{7A712B17-7A91-4D55-85FA-0CC8CB20E72D}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [{301087FE-3FD1-4EB3-BD22-BCDB04336C22}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe

FirewallRules: [{B603ADF8-04C2-4D78-B2EF-E09E46DF0215}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe

FirewallRules: [{AB5B0F27-6C38-44A4-86E4-3606C6AD6B7E}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe

FirewallRules: [{C0D568B5-9A65-4EA6-BEA0-E45A23FBCEEF}] => (Allow) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe

FirewallRules: [TCP Query User{3D60D261-9E46-4CD5-B1CF-53BE5B12C35A}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe

FirewallRules: [uDP Query User{F4914E0C-636A-4E25-95E8-659F247BA239}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe

FirewallRules: [{A66BC1D5-FF7D-472E-A606-8A8635DC67C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe

FirewallRules: [{0F3AEB01-2CCB-4E12-B98C-4C46FC3F559E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe

FirewallRules: [TCP Query User{96D8F445-8230-4166-A4FE-7B1B64753E75}C:\program files (x86)\radiant\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe] => (Allow) C:\program files (x86)\radiant\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe

FirewallRules: [uDP Query User{AC84B739-79C2-46AF-ACFB-E109B12E5DE4}C:\program files (x86)\radiant\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe] => (Allow) C:\program files (x86)\radiant\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe

FirewallRules: [{02ACBF67-594F-42FD-938F-250687E81B9A}] => (Allow) D:\SteamLibrary\steamapps\common\The Crew\TheCrew.exe

FirewallRules: [{1D6B9A01-5DD5-4EE2-A810-12B88BB1D934}] => (Allow) D:\SteamLibrary\steamapps\common\The Crew\TheCrew.exe

FirewallRules: [{283E8AB0-5530-4EB8-8E38-2CAE1F201EC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe

FirewallRules: [{BB3DF035-C704-4271-8EBD-3D6610497506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe

FirewallRules: [{48B01C0E-04C8-440C-A37B-1E12929AB71A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe

FirewallRules: [{2C71A95F-193B-4951-B166-4198CF08B02F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe

FirewallRules: [{37578E02-6760-4165-B7F9-4788D40CBAFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{A588BB5A-7274-4372-B451-686618749F0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{25E1F4CF-4361-47BB-ADF1-72123F16E3C3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{7D060463-8FB6-4EC2-9E9D-59CB8DC5DAFE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{E6B951D7-F9A4-4F10-BE74-443A811368B4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{2262E128-CC61-4E78-AC97-FCC76E609109}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{11F20A6A-A721-4483-BD25-8EA59742FA4E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

FirewallRules: [{53ADA6B6-5183-435B-B466-77D963BFF576}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

FirewallRules: [{0416E26B-689E-40D6-A4C0-920E43B45713}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{7B225570-B5FE-4444-8B05-6E83AAF28B64}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{C18F8C63-FF46-4F10-AC8B-814B479874F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NBA2K15\NBA2K15.exe

FirewallRules: [{5939E5A4-F12C-4CA1-A244-A01489FF4AFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NBA2K15\NBA2K15.exe

FirewallRules: [{6AAD80E3-17DA-42B0-A878-5B93ADB53CF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{469DD1F3-9AB6-4857-8417-03AB16C6AECF}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

 

==================== Faulty Device Manager Devices =============

 

Name: USB Cable Modem

Description: USB Cable Modem

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/18/2015 01:10:10 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Skype.exe version 7.16.0.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 1100

 

Start Time: 01d13958bcca1d64

 

Termination Time: 6062

 

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

 

Report Id: f89fd958-a54d-11e5-beaf-74da381137cc

 

Faulting package full name: 

 

Faulting package-relative application ID:

 

Error: (12/17/2015 11:46:02 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. An instance of the service is already running

 

Error: (12/17/2015 11:46:02 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. The handle is invalid

 

Error: (12/17/2015 11:41:07 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. An instance of the service is already running

 

Error: (12/17/2015 11:41:07 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. The handle is invalid

 

Error: (12/17/2015 10:09:44 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program explorer.exe version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 19a4

 

Start Time: 01d13940ed630848

 

Termination Time: 30851

 

Application Path: C:\Windows\explorer.exe

 

Report Id: b5e5ffcb-a534-11e5-bead-74da381137cc

 

Faulting package full name: 

 

Faulting package-relative application ID:

 

Error: (12/17/2015 10:09:14 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. An instance of the service is already running

 

Error: (12/17/2015 10:09:14 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. The handle is invalid

 

Error: (12/17/2015 08:44:05 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. An instance of the service is already running

 

Error: (12/17/2015 08:44:05 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )

Description: Service cannot be started. The handle is invalid

 

 

System errors:

=============

Error: (12/18/2015 04:37:31 AM) (Source: DCOM) (EventID: 10010) (User: SOB)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

 

Error: (12/18/2015 04:37:31 AM) (Source: DCOM) (EventID: 10010) (User: SOB)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

 

Error: (12/18/2015 04:37:31 AM) (Source: DCOM) (EventID: 10010) (User: SOB)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

 

Error: (12/18/2015 04:37:31 AM) (Source: DCOM) (EventID: 10010) (User: SOB)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

 

Error: (12/18/2015 02:16:07 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )

Description: 5

 

Error: (12/18/2015 02:15:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.

 

Error: (12/18/2015 01:07:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Interactive Services Detection service terminated with the following error: 

%%1

 

Error: (12/18/2015 12:46:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.

 

Error: (12/17/2015 11:04:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.

 

Error: (12/17/2015 06:13:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 

%%1053

 

 

==================== Memory info =========================== 

 

Processor: AMD FX-6300 Six-Core Processor 

Percentage of memory in use: 34%

Total physical RAM: 8158.66 MB

Available physical RAM: 5306.43 MB

Total Virtual: 9374.66 MB

Available Virtual: 6274.65 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:931.51 GB) (Free:398.23 GB) NTFS

Drive d: (SSD Kingston) (Fixed) (Total:111.45 GB) (Free:75.02 GB) NTFS

Drive e: (BenQ_LCD) (CDROM) (Total:0.46 GB) (Free:0 GB) UDF

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E7083282)

Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E708329A)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

Link to post
Share on other sites

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


How much RAM memory do you have? I see there is 8GB.


Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please upload them into your next reply.
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.