Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014 01 Ran by BadAss at 2014-12-10 15:47:10 Running from C:\Users\BadAss\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2923363309-855100686-3916791794-1000\...\uTorrent) (Version: 3.4.2.32354 - BitTorrent Inc.) Acoustica Mixcraft 6 (HKLM-x32\...\Acoustica Mixcraft 6) (Version: b217 - Acoustica) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Corsair K70 Firmware Update Application (HKLM-x32\...\{8C9DA353-2101-4658-BAA7-53F88EA0D3AB}_is1) (Version: - ) Corsair M65 Firmware Update Application (HKLM-x32\...\{29484F2D-404A-4EF6-B774-DF5EC5BDF481}_is1) (Version: - ) Corsair M65 Gaming Mouse Driver V1.0 (HKLM-x32\...\{62CC0366-207F-4BC3-97B1-4D4615B5BF0B}_is1) (Version: 1.00.00.11 - ) CPUID HWMonitor Pro 1.19 (HKLM\...\CPUID HWMonitorPro_is1) (Version: - ) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden EVGA OC Scanner X 3.5.1.0 (64-bit) (HKLM\...\{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version: - EVGA) EVGA Precision X 4.2.0 (HKLM-x32\...\PrecisionX) (Version: 4.2.0 - EVGA Corporation) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 3.0 - Genie9) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Gyazo 2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Network Connections 18.0.1.0 (HKLM\...\PROSetDX) (Version: 18.0.1.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden LaCie Desktop Manager 1.6.0 (HKLM\...\{3845209F-142E-4F48-B61A-AA34D2DB54BB}_is1) (Version: 1.6.0 - LaCie) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1035 - Marvell) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2923363309-855100686-3916791794-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31010.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.36 - mIRC Co. Ltd.) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation) NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation) NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ON_OFF Charge B13.0403.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenVPN 2.3.4-I003 (HKLM\...\OpenVPN) (Version: 2.3.4-I003 - ) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.81.34.0 - Overwolf Ltd.) Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.10 - ) pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 5.1.1 (HKLM-x32\...\RTSS) (Version: 5.1.1 - Unwinder) SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2436.0 - Hi-Rez Studios) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-2923363309-855100686-3916791794-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc) VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Windows Grep 2.3 (HKLM-x32\...\Windows Grep_is1) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) WinSCP 5.5.4 (HKLM-x32\...\winscp3_is1) (Version: 5.5.4 - Martin Prikryl) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2923363309-855100686-3916791794-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\BadAss\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 06-12-2014 17:04:34 Removed Java 8 Update 25 09-12-2014 20:07:32 Windows Update 09-12-2014 20:19:54 Windows Update 10-12-2014 17:31:33 Windows Update 10-12-2014 17:55:46 Removed Java 7 Update 67 10-12-2014 19:24:27 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2014-11-24 02:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {06876608-9152-48B2-AF65-8F29640A0DCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: {53F2688F-093C-4A90-A4C8-71D884A76C0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: {84827F3D-FF73-4A55-BD6E-9D05ECBBA78C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2923363309-855100686-3916791794-1000UA => C:\Users\BadAss\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: {8D2155DB-DD43-4314-B83A-910874E0F003} - System32\Tasks\Overwolf Updater Task => D:\Programs\TeamSpeak\OverWolf\OverwolfUpdater.exe [2014-10-22] (Overwolf LTD) Task: {E13E88B4-7FBC-43F9-AAA7-D5BD25D36191} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] () Task: {E54E5DFE-D7D7-4966-8456-83254F782090} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2923363309-855100686-3916791794-1000Core => C:\Users\BadAss\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2923363309-855100686-3916791794-1000Core.job => C:\Users\BadAss\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2923363309-855100686-3916791794-1000UA.job => C:\Users\BadAss\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-11-24 01:57 - 2014-11-12 15:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00332800 _____ () C:\Program Files\Genie9\Genie Timeline\OnlineHandler.dll 2012-04-24 03:29 - 2012-04-24 03:29 - 00045568 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogging.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00488960 _____ () C:\Program Files\Genie9\Genie Timeline\GSIndexDB.dll 2012-02-02 03:16 - 2012-02-02 03:16 - 00740864 _____ () C:\Program Files\Genie9\Genie Timeline\sqlite3.dll 2012-04-24 03:29 - 2012-04-24 03:29 - 00011264 _____ () C:\Program Files\Genie9\Genie Timeline\RWLock.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00205824 _____ () C:\Program Files\Genie9\Genie Timeline\Settings.dll 2012-04-24 03:29 - 2012-04-24 03:29 - 00089600 _____ () C:\Program Files\Genie9\Genie Timeline\GSEncryption.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00087040 _____ () C:\Program Files\Genie9\Genie Timeline\QueueManager.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00708608 _____ () C:\Program Files\Genie9\Genie Timeline\GSBackupManager.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00343552 _____ () C:\Program Files\Genie9\Genie Timeline\GSWatcher4.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00054784 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogManager.dll 2012-02-02 03:16 - 2012-02-02 03:16 - 00010752 _____ () C:\Program Files\Genie9\Genie Timeline\VSSEngine_Proxy.dll 2012-04-24 03:29 - 2012-04-24 03:29 - 00058368 _____ () C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.dll 2014-10-30 21:32 - 2013-03-27 12:47 - 01379840 _____ () C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe 2014-07-20 15:25 - 2013-03-19 07:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-09-10 08:29 - 2012-09-10 08:29 - 00063488 _____ () C:\Program Files\Genie9\Genie Timeline\XBalloonMsgDll.dll 2012-04-24 03:29 - 2012-04-24 03:29 - 00093696 _____ () C:\Program Files\Genie9\Genie Timeline\GSCurl.dll 2014-11-26 02:53 - 2014-11-25 00:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll 2014-11-26 02:53 - 2014-11-25 00:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll 2014-11-26 02:53 - 2014-11-25 00:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll 2014-11-26 02:53 - 2014-11-25 00:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll 2014-07-20 15:25 - 2013-03-12 14:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-12-10 13:48 - 2014-12-10 13:48 - 00298496 _____ () C:\Users\BadAss\AppData\Roaming\.minecraft\versions\huzuni\huzuni-natives-1611900900022\lwjgl.dll 2014-12-10 13:48 - 2014-12-10 13:48 - 00246332 _____ () C:\Users\BadAss\AppData\Roaming\.minecraft\versions\huzuni\huzuni-natives-1611900900022\avutil-ttv-51.dll 2014-12-10 13:48 - 2014-12-10 13:48 - 00113171 _____ () C:\Users\BadAss\AppData\Roaming\.minecraft\versions\huzuni\huzuni-natives-1611900900022\swresample-ttv-0.dll 2014-12-10 13:48 - 2014-12-10 13:48 - 00394810 _____ () C:\Users\BadAss\AppData\Roaming\.minecraft\versions\huzuni\huzuni-natives-1611900900022\libmp3lame-ttv.dll 2014-12-10 13:48 - 2014-12-10 13:48 - 00967168 _____ () C:\Users\BadAss\AppData\Roaming\.minecraft\versions\huzuni\huzuni-natives-1611900900022\twitchsdk.dll 2014-12-10 13:48 - 2014-12-10 13:48 - 00390144 _____ () C:\Users\BadAss\AppData\Roaming\.minecraft\versions\huzuni\huzuni-natives-1611900900022\OpenAL32.dll 2014-08-15 00:29 - 2013-11-28 21:43 - 00017920 _____ () C:\Users\BadAss\Desktop\AdvOR\AdvOR-plugins\Blacklist.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^BadAss^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Corsair M65 Mouse => D:\Programs\Corsair\M65 Mouse\M65Hid.exe MSCONFIG\startupreg: DellSystemDetect => C:\Users\BadAss\AppData\Local\Apps\2.0\25DDRL57.YK2\29ANDYQ4.MRZ\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe MSCONFIG\startupreg: Google Update => "C:\Users\BadAss\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GoogleChromeAutoLaunch_4C7DEDB005892DDA5211C5DF53CBB1CF => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe MSCONFIG\startupreg: icq => C:\Users\BadAss\AppData\Roaming\ICQM\icq.exe -CU MSCONFIG\startupreg: ISUSPM Startup => c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start MSCONFIG\startupreg: LaCie Desktop Manager Launcher => "C:\Program Files\LaCie\Desktop Manager\lacie_launcherd.exe" MSCONFIG\startupreg: LWS => D:\Programs\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: vmware-tray.exe => "D:\Virtual Machine\vmware-tray.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-2923363309-855100686-3916791794-500 - Administrator - Disabled) BadAss (S-1-5-21-2923363309-855100686-3916791794-1000 - Administrator - Enabled) => C:\Users\BadAss Guest (S-1-5-21-2923363309-855100686-3916791794-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/10/2014 01:25:01 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF0A Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A. Error: (12/10/2014 01:24:52 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF91 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91. Error: (12/10/2014 11:34:27 AM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF91 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91. Error: (12/10/2014 11:34:04 AM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF91 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91. Error: (12/10/2014 09:54:35 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered . Operation: Instantiating VSS server Error: (12/10/2014 09:54:35 AM) (Source: VSS) (EventID: 22) (User: ) Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered. This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider. The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered ]. Operation: Instantiating VSS server Error: (11/27/2014 11:07:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Skype.exe, version: 6.21.0.104, time stamp: 0x542bca1d Faulting module name: Skype.exe, version: 6.21.0.104, time stamp: 0x542bca1d Exception code: 0xc0000005 Fault offset: 0x006b0a6d Faulting process id: 0xdb0 Faulting application start time: 0xSkype.exe0 Faulting application path: Skype.exe1 Faulting module path: Skype.exe2 Report Id: Skype.exe3 Error: (11/26/2014 07:03:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: with error: This operation returned because the timeout period expired. . Error: (11/26/2014 05:29:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Skype.exe, version: 6.21.0.104, time stamp: 0x542bca1d Faulting module name: Skype.exe, version: 6.21.0.104, time stamp: 0x542bca1d Exception code: 0xc0000005 Fault offset: 0x006b0a6b Faulting process id: 0x14dc Faulting application start time: 0xSkype.exe0 Faulting application path: Skype.exe1 Faulting module path: Skype.exe2 Report Id: Skype.exe3 Error: (11/24/2014 02:39:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: with error: This operation returned because the timeout period expired. . System errors: ============= Error: (12/10/2014 01:24:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel(R) HD Graphics 4600. Error: (12/10/2014 01:24:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Security Essentials - (KB2902907). Error: (12/10/2014 01:24:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Error: (12/10/2014 01:24:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Error: (12/10/2014 01:24:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Error: (12/10/2014 01:24:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Error: (12/10/2014 01:24:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Error: (12/10/2014 01:24:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Error: (12/10/2014 01:24:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Error: (12/10/2014 01:24:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Defender service terminated with the following error: %%-2147023113 Microsoft Office Sessions: ========================= Error: (12/10/2014 01:25:01 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF0A Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A. Error: (12/10/2014 01:24:52 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF91 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91. Error: (12/10/2014 11:34:27 AM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF91 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91. Error: (12/10/2014 11:34:04 AM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: MyBadAssComp) Description: HRESULT:0x8004FF91 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91. Error: (12/10/2014 09:54:35 AM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Class not registered Operation: Instantiating VSS server Error: (12/10/2014 09:54:35 AM) (Source: VSS) (EventID: 22) (User: ) Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80040154, Class not registered Operation: Instantiating VSS server Error: (11/27/2014 11:07:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Skype.exe6.21.0.104542bca1dSkype.exe6.21.0.104542bca1dc0000005006b0a6ddb001d00ac7e9e94c0bC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe6d1a5ff8-76bc-11e4-abf9-005056c00008 Error: (11/26/2014 07:03:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3679CA35668772304D30A5FB873B0FA77BB70D54.crtThis operation returned because the timeout period expired. Error: (11/26/2014 05:29:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Skype.exe6.21.0.104542bca1dSkype.exe6.21.0.104542bca1dc0000005006b0a6b14dc01d009af927cdfc6C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe136abe8f-75c4-11e4-b002-005056c00008 Error: (11/24/2014 02:39:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3679CA35668772304D30A5FB873B0FA77BB70D54.crtThis operation returned because the timeout period expired. CodeIntegrity Errors: =================================== Date: 2014-11-24 02:27:46.838 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-24 02:27:46.776 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-13 04:01:39.525 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-13 04:01:39.522 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-13 04:01:39.518 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-13 04:01:39.465 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-13 04:00:20.303 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-13 04:00:20.293 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-13 04:00:20.291 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-13 04:00:20.290 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz Percentage of memory in use: 53% Total physical RAM: 8079.83 MB Available physical RAM: 3721.9 MB Total Pagefile: 16157.84 MB Available Pagefile: 10428.88 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:45.71 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:823.48 GB) NTFS Drive f: (HP USB FD) (Removable) (Total:59.62 GB) (Free:51.6 GB) exFAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0ECF5690) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0FC9FE5E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 59.6 GB) (Disk ID: 7F56CBFA) Partition 1: (Not Active) - (Size=59.6 GB) - (Type=07 NTFS) ==================== End Of Log ============================