Jump to content

need help. lagg spikes


Recommended Posts

hello every one. 

 

It all started last year during october - november, not sure though.

I stared having lag spikes out of nowere. during december my accounts and emils got hacked. fortunatelly I got them back.

installed an antivirus and got several viruses and trojans. removed them after.

 

But the problem persisted. I keept having the lags and random pop ups and redirects while browsing. pishing sites, advertisments and ect.

 

After thean I installed malwarebytes and detected some malwares. succesfuly removed adn no more similar problems.

but it seems its not yet fully recovered. 

 

I hope some of u guys help me out. to scan what the problem is.

 

sry for bad english. : )

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01

Ran by User (administrator) on USER-PC (24-02-2016 16:33:42)

Running from C:\Users\User\Downloads

Loaded Profiles: User (Available Profiles: User)

Platform: Windows 7 Professional (X64) Language: English (United States)

Internet Explorer Version 8 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.10\deploy\LoLLauncher.exe

() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcher.exe

() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcherUx.exe

() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcherUx.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [758928 2016-02-18] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-3641202345-1855142110-446265646-1000\...\Run: [bitTorrent] => C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe [1903648 2016-02-10] (BitTorrent Inc.)

HKU\S-1-5-21-3641202345-1855142110-446265646-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)

HKU\S-1-5-21-3641202345-1855142110-446265646-1000\...\MountPoints2: E - E:\Autorun.exe

HKU\S-1-5-21-3641202345-1855142110-446265646-1000\...\MountPoints2: {b6bfdae9-ccac-11e5-a7ad-0024811ec1ca} - E:\autorun.exe

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

Tcpip\..\Interfaces\{20C44A29-7208-4DD3-B67C-36E2A9D8A8E2}: [DhcpNameServer] 192.168.100.1

 

Internet Explorer:

==================

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-3641202345-1855142110-446265646-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-15] (Oracle Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-15] (Oracle Corporation)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)

Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)

Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

 

FireFox:

========

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\v7jceu80.default

FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?src=hp&ssid=1451744566&a=1024132&uuid=06d5aebe-d281-49d1-be66-01c212ffdc46

FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-15] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-15] (Oracle Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

 

Chrome: 

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]

CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]

CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1054008 2016-02-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [835616 2016-02-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [462696 2016-02-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [462696 2016-02-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1032384 2016-02-18] (Avira Operations GmbH & Co. KG)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-23] ()

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)

R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2015-09-17] (Avira GmbH)

R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2015-09-17] (Avira GmbH)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2016-01-29] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2016-02-18] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-09-17] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-09-17] (Avira Operations GmbH & Co. KG)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-05] (Intel Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)

R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-02-24 16:33 - 2016-02-24 16:36 - 00013484 _____ C:\Users\User\Downloads\FRST.txt

2016-02-24 16:33 - 2016-02-24 16:33 - 00000000 ____D C:\FRST

2016-02-24 16:31 - 2016-02-24 16:32 - 02371072 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2016-02-24 13:53 - 2016-02-24 13:53 - 00001613 _____ C:\Users\Public\Desktop\League of Legends.lnk

2016-02-24 13:53 - 2016-02-24 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

2016-02-24 13:52 - 2016-02-24 13:52 - 00000222 _____ C:\Users\User\Desktop\DayZ.url

2016-02-24 13:50 - 2016-02-24 13:51 - 30993712 _____ (Riot Games) C:\Users\User\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe

2016-02-24 13:38 - 2016-02-24 15:42 - 00000000 ____D C:\Program Files (x86)\Steam

2016-02-24 13:38 - 2016-02-24 13:38 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk

2016-02-24 13:38 - 2016-02-24 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2016-02-24 13:37 - 2016-02-24 13:38 - 01380712 _____ C:\Users\User\Downloads\SteamSetup.exe

2016-02-22 17:45 - 2016-02-22 17:47 - 00010253 _____ C:\Users\User\Downloads\Lista emerore.xlsx

2016-02-21 12:46 - 2016-02-24 14:45 - 00001134 _____ C:\Users\User\Desktop\nativelog.txt

2016-02-21 12:41 - 2016-02-21 12:41 - 02314240 _____ C:\Users\User\Downloads\MinecraftInstaller (1).msi

2016-02-21 12:38 - 2016-02-21 12:44 - 00000000 ____D C:\Program Files (x86)\Minecraft

2016-02-21 12:38 - 2016-02-21 12:38 - 00000961 _____ C:\Users\Public\Desktop\Minecraft.lnk

2016-02-21 12:38 - 2016-02-21 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft

2016-02-21 12:37 - 2016-02-21 12:37 - 02314240 _____ C:\Users\User\Downloads\MinecraftInstaller.msi

2016-02-20 22:16 - 2016-02-20 22:16 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-02-14 19:28 - 2016-02-24 13:53 - 00000000 __SHD C:\AI_RecycleBin

2016-02-06 09:44 - 2016-02-06 09:44 - 00000000 ____D C:\Users\User\Desktop\New folder

2016-01-29 22:50 - 2016-01-29 22:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira

2016-01-29 22:49 - 2016-02-20 23:09 - 00001988 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2016-01-29 22:49 - 2016-01-29 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2016-01-29 22:48 - 2015-09-17 15:47 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2016-01-29 22:47 - 2016-02-18 20:07 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2016-01-29 22:47 - 2016-01-29 22:57 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2016-01-29 22:47 - 2015-09-17 15:47 - 00141376 _____ (Avira GmbH) C:\Windows\system32\Drivers\avfwot.sys

2016-01-29 22:47 - 2015-09-17 15:47 - 00114608 _____ (Avira GmbH) C:\Windows\system32\Drivers\avfwim.sys

2016-01-29 22:47 - 2015-09-17 15:47 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2016-01-29 22:30 - 2016-01-29 22:30 - 00000000 ____D C:\Download

2016-01-29 22:30 - 2007-07-11 17:15 - 00917504 _____ (Macromedia, Inc.) C:\Windows\SysWOW64\Flash.ocx

2016-01-29 22:12 - 2016-01-29 22:12 - 00000000 ____D C:\Program Files (x86)\NetDragon

2016-01-28 20:30 - 2016-01-28 20:30 - 00000000 ____D C:\Users\User\Documents\League of Legends

2016-01-27 20:25 - 2016-01-27 20:25 - 00312547 _____ C:\Users\User\Downloads\Attachments_2016127.zip

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-02-24 16:09 - 2015-01-07 16:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-02-24 15:41 - 2015-01-07 17:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-02-24 14:45 - 2015-01-11 19:27 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft

2016-02-24 14:38 - 2016-01-16 17:31 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps

2016-02-24 13:55 - 2015-01-10 15:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Riot Games

2016-02-24 13:52 - 2015-06-20 19:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2016-02-24 12:41 - 2015-01-07 17:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-02-24 12:21 - 2009-07-14 05:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-02-24 12:21 - 2009-07-14 05:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-02-24 12:17 - 2015-01-10 16:55 - 00000000 ____D C:\Users\User\AppData\Roaming\BitTorrent

2016-02-24 12:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-02-24 01:00 - 2015-01-07 16:41 - 00004286 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9CA0DA78-CA5A-4F9C-8067-26EB3971CEE1}

2016-02-23 23:45 - 2015-05-26 18:12 - 03438080 ___SH C:\Users\User\Downloads\Thumbs.db

2016-02-23 21:51 - 2015-01-07 17:13 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-02-23 21:51 - 2015-01-07 17:13 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-02-20 23:09 - 2016-01-02 23:01 - 00000909 _____ C:\Users\Public\Desktop\VLC media player.lnk

2016-02-20 23:09 - 2015-10-31 10:37 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-02-20 23:09 - 2015-06-20 20:53 - 00001031 _____ C:\Users\User\Desktop\PhotoScape.lnk

2016-02-20 23:09 - 2015-01-28 17:58 - 00001371 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2016-02-20 23:09 - 2015-01-10 16:57 - 00000869 _____ C:\Users\User\Desktop\BitTorrent.lnk

2016-02-20 23:09 - 2015-01-10 16:57 - 00000849 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk

2016-02-20 23:09 - 2015-01-08 00:33 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

2016-02-20 23:09 - 2015-01-08 00:33 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

2016-02-20 23:09 - 2015-01-07 17:36 - 00001944 _____ C:\Users\Public\Desktop\Nero Express.lnk

2016-02-20 23:09 - 2015-01-07 17:30 - 00002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2016-02-20 23:09 - 2015-01-07 15:38 - 00001389 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2016-02-20 23:09 - 2015-01-07 15:37 - 00001423 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2016-02-20 23:09 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk

2016-02-20 23:09 - 2009-07-14 05:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2016-02-20 23:09 - 2009-07-14 05:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk

2016-02-20 23:09 - 2009-07-14 05:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk

2016-02-20 23:09 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk

2016-02-20 23:09 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk

2016-02-20 23:09 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk

2016-02-20 23:00 - 2015-01-17 22:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2016-02-20 23:00 - 2015-01-10 16:56 - 00000000 ____D C:\ProgramData\APN

2016-02-20 21:12 - 2015-01-07 17:16 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc

2016-02-15 22:13 - 2015-12-01 20:59 - 00000602 _____ C:\Windows\SysWOW64\nativelog.txt

2016-02-09 22:09 - 2015-01-07 16:49 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-02-09 22:09 - 2015-01-07 16:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-02-09 22:09 - 2015-01-07 16:49 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-02-06 19:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

2016-02-06 09:44 - 2009-07-14 06:13 - 00784956 _____ C:\Windows\system32\PerfStringBackup.INI

2016-02-06 09:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf

2016-01-31 12:36 - 2015-01-07 17:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2016-01-31 12:36 - 2015-01-07 17:12 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2016-01-29 22:47 - 2016-01-02 22:30 - 00000000 ____D C:\Program Files\Common Files\AV

2016-01-29 22:47 - 2015-05-03 16:05 - 00000000 ____D C:\Program Files (x86)\Avira

 

==================== Files in the root of some directories =======

 

2015-01-16 22:27 - 2015-01-16 22:27 - 0007602 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg

 

Some files in TEMP:

====================

C:\Users\User\AppData\Local\Temp\avgnt.exe

C:\Users\User\AppData\Local\Temp\drm_dyndata_7370014.dll

C:\Users\User\AppData\Local\Temp\drm_dyndata_7380014.dll

C:\Users\User\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\User\AppData\Local\Temp\nvStInst.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2016-02-20 23:53

 

==================== End of FRST.txt ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01

Ran by User (2016-02-24 16:38:30)

Running from C:\Users\User\Downloads

Windows 7 Professional (X64) (2015-01-07 14:37:02)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-3641202345-1855142110-446265646-500 - Administrator - Disabled)

Guest (S-1-5-21-3641202345-1855142110-446265646-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3641202345-1855142110-446265646-1002 - Limited - Enabled)

User (S-1-5-21-3641202345-1855142110-446265646-1000 - Administrator - Enabled) => C:\Users\User

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}

AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}

AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)

Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)

Avira Internet Security (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.15.98 - Avira Operations GmbH & Co. KG)

BitTorrent (HKU\S-1-5-21-3641202345-1855142110-446265646-1000\...\BitTorrent) (Version: 7.9.5.41713 - BitTorrent Inc.)

DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2657.0 - Google Inc.)

Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden

Intel® Network Connections 20.4.207.0 (HKLM\...\PROSetDX) (Version: 20.4.207.0 - Intel)

Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)

League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)

NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)

WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {241A5769-317F-4B54-8DC8-93EA04DA0CED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)

Task: {35E1FEAE-33B1-4A0D-96B7-802EE2579A08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

Task: {B1DDDDA5-B655-41A9-A9E7-2470E159A573} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

Task: {C401EE3A-552A-40E8-9ACD-740B3B1BA20A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {DD3F8913-2BA6-48B3-8222-3CFA9697D2F5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

==================== Loaded Modules (Whitelisted) ==============

 

2015-01-11 00:13 - 2015-11-24 19:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2016-01-12 18:50 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll

2014-01-21 16:54 - 2016-02-24 13:55 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

2016-02-10 20:42 - 2016-02-10 20:43 - 02364928 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.10\deploy\LoLLauncher.exe

2016-02-10 20:43 - 2016-02-10 20:43 - 04287488 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcher.exe

2016-02-24 14:19 - 2016-02-24 14:19 - 02711040 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcherUx.exe

2015-03-30 18:02 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2016-02-23 21:51 - 2016-02-23 08:29 - 01732248 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2657.0\libglesv2.dll

2016-02-23 21:51 - 2016-02-23 08:29 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2657.0\libegl.dll

2016-02-10 20:43 - 2016-02-10 20:43 - 01458176 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\RiotLauncher.dll

2016-02-24 14:19 - 2016-02-24 14:19 - 34843648 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\libcef.dll

2016-02-24 14:19 - 2016-02-24 14:19 - 01375744 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\icui18n.dll

2016-02-24 14:19 - 2016-02-24 14:19 - 01134592 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\icuuc.dll

2016-02-24 14:19 - 2016-02-24 14:19 - 04374528 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\v8.dll

2016-02-24 14:13 - 2016-02-24 14:13 - 00945664 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\ffmpegsumo.dll

2016-02-23 21:51 - 2016-02-23 08:29 - 17546904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2657.0\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3641202345-1855142110-446265646-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.100.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is disabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [{C00001B1-ABE7-4E04-8345-880D765D6304}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{0453A5E5-0D2B-4F99-A049-D2739E5224C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{848E7A23-E21D-4DE7-A410-B874DF01A444}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{13A141D7-AA6B-4B75-B2E5-D8262BE646E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{676C245C-35E4-4CC5-AE75-DF7F1C5FB396}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{7750EFDE-7F1A-4DA2-91ED-1CAE8F3E995D}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{8660DC7D-815C-4333-B769-ABED1DBDBDDE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{B9796AB1-FF64-4BAF-A519-F6F6C47F78FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [TCP Query User{BA58CB18-5835-4A53-9A24-C5109BC6264F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [uDP Query User{F2AFC08E-5980-459D-BFD2-DA5EBC98413E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [{5B7119B6-356C-4903-A1C6-7B272DC4CD49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{E60BC022-2EBF-4BA6-8EDC-162B568A773E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{A20A5422-240F-4F66-873A-C3D0ECA49A8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe

FirewallRules: [{ECEF1D23-09B7-4116-A446-D68D0DE9DEB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe

FirewallRules: [{D795A9C8-F78B-4995-8486-09CDA91A0093}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe

FirewallRules: [{F0AAE1D6-57F0-4E55-A929-F682C3C96E32}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe

FirewallRules: [{576B902D-95DC-4BB1-A29B-BF79337D6308}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{CF39B0A1-0297-43DE-BCE8-2E74A95B30AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{64F55C9D-C78D-4DDF-BB0A-736FA0C2C9AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe

FirewallRules: [{079C369C-7D86-417E-A1F9-9B6B62A9CC64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe

FirewallRules: [{F6816C82-7EBC-4A90-AE7E-E222AEFD648E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe

FirewallRules: [{3F8291E8-5445-4644-9A26-5DD2A7DF77BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe

FirewallRules: [{34CE61E3-999C-43A3-84D3-59020C703D38}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{B50A2E63-F924-4C07-A598-E3DE56915721}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{2859B01C-7D24-43F9-BAE4-6EFD56750778}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{920AECCD-8453-4E9F-BFEE-B9F10AF7557D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [TCP Query User{11176951-5A1D-4C97-90C1-0108175300CE}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe

FirewallRules: [uDP Query User{A16A1AB0-3F1E-45AF-9C73-AEC015CD7209}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe

FirewallRules: [{59FE658D-F8D8-4466-883F-14931D0F00AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{328E6012-960B-4453-8289-D3FC9DB4B3DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{450E53DA-2E20-461F-9AAA-8E4BA3ACACBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{A016F334-D4D5-4585-9711-6DBFA17EA8BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{7A57A3C4-92FD-43DA-9BF1-CDEE8B44D1F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{FD642D26-31EE-4316-99C9-A5EB712FCCB3}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe

FirewallRules: [uDP Query User{0E465761-167F-42A9-86EA-C21B9C9A7F11}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe

FirewallRules: [{A9BE005F-1B7F-4F57-8ADA-7DE3F407CBD8}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

FirewallRules: [{0AFC7F29-47D6-402F-AFFE-E80498779C09}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

FirewallRules: [{B2E4AFE1-182B-40DF-B893-72269FF45F25}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

FirewallRules: [{20D8BEC5-302F-4546-816A-DC08068ECCDD}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

FirewallRules: [{A997BA93-A6E3-4751-ABED-310F37BB0D35}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

FirewallRules: [{837B85EA-4526-4944-90F2-E0D39B4185A7}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

FirewallRules: [{4C96E9A1-BD26-4969-9A1D-B5FF6863CCC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

21-02-2016 12:37:37 Installed Minecraft

22-02-2016 17:40:49 Windows Update

24-02-2016 13:52:49 Installed League of Legends

24-02-2016 13:54:24 Installed DirectX

 

==================== Faulty Device Manager Devices =============

 

Name: PS/2 Compatible Mouse

Description: PS/2 Compatible Mouse

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

Name: Standard PS/2 Keyboard

Description: Standard PS/2 Keyboard

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard keyboards)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/24/2016 02:38:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: LoLPatcher.exe, version: 0.37.0.182, time stamp: 0x56ba5c96

Faulting module name: LoLPatcher.exe, version: 0.37.0.182, time stamp: 0x56ba5c96

Exception code: 0xc0000005

Fault offset: 0x00075f1d

Faulting process id: 0x1448

Faulting application start time: 0xLoLPatcher.exe0

Faulting application path: LoLPatcher.exe1

Faulting module path: LoLPatcher.exe2

Report Id: LoLPatcher.exe3

 

Error: (02/22/2016 08:38:01 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

 

Error: (02/17/2016 09:19:53 PM) (Source: MsiInstaller) (EventID: 1024) (User: User-PC)

Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5B00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

 

Error: (02/17/2016 05:40:32 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: NvBackend.exe, version: 20.14.1.0, time stamp: 0x568e3f71

Faulting module name: NvBackend.exe, version: 20.14.1.0, time stamp: 0x568e3f71

Exception code: 0xc0000005

Fault offset: 0x0009a323

Faulting process id: 0xbd0

Faulting application start time: 0xNvBackend.exe0

Faulting application path: NvBackend.exe1

Faulting module path: NvBackend.exe2

Report Id: NvBackend.exe3

 

Error: (02/15/2016 09:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16385, time stamp: 0x4a5bc9bb

Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5be02b

Exception code: 0xc0000005

Fault offset: 0x000000000004d174

Faulting process id: 0x95c

Faulting application start time: 0xExplorer.EXE0

Faulting application path: Explorer.EXE1

Faulting module path: Explorer.EXE2

Report Id: Explorer.EXE3

 

Error: (02/14/2016 08:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: rads_user_kernel.exe, version: 0.0.0.0, time stamp: 0x4e65c1ac

Faulting module name: MSVCR80.dll, version: 8.0.50727.4927, time stamp: 0x4a2752ff

Exception code: 0xc0000005

Fault offset: 0x00012f4b

Faulting process id: 0xaf8

Faulting application start time: 0xrads_user_kernel.exe0

Faulting application path: rads_user_kernel.exe1

Faulting module path: rads_user_kernel.exe2

Report Id: rads_user_kernel.exe3

 

Error: (02/14/2016 07:38:53 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program msiexec.exe version 5.0.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 12d8

 

Start Time: 01d16755559a6dc6

 

Termination Time: 3

 

Application Path: C:\Windows\SysWOW64\msiexec.exe

 

Report Id:

 

Error: (02/14/2016 02:29:56 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

 

Error: (02/13/2016 02:24:58 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program BitTorrent.exe version 7.9.5.41713 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: ee4

 

Start Time: 01d166611e9991b9

 

Termination Time: 0

 

Application Path: C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe

 

Report Id: 2b9bb838-d255-11e5-a2f6-0024811ec1ca

 

Error: (02/12/2016 10:47:45 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

 

 

System errors:

=============

Error: (02/24/2016 01:47:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Steam Client Service service failed to start due to the following error: 

%%1053

 

Error: (02/24/2016 01:47:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

 

Error: (02/22/2016 05:47:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.213.6863.0).

 

Error: (02/22/2016 05:47:18 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.213.6851.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.6.0305.00

 

Source Path: 4.6.0305.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (02/21/2016 05:31:52 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

Error: (02/20/2016 08:58:53 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

 

Error: (02/17/2016 05:39:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

 

Error: (02/15/2016 07:36:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Steam Client Service service failed to start due to the following error: 

%%1053

 

Error: (02/15/2016 07:36:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

 

Error: (02/14/2016 07:21:57 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 7:17:38 PM on ‎2/‎14/‎2016 was unexpected.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core2 Duo CPU E8400 @ 3.00GHz

Percentage of memory in use: 75%

Total physical RAM: 3963.25 MB

Available physical RAM: 984.13 MB

Total Virtual: 7924.64 MB

Available Virtual: 4763.5 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:148.95 GB) (Free:80.5 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: D1C4ECC1)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

Link to post
Share on other sites

  • 3 months later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.