This topic is locked
Hello,
I'm sorry to bother you all, I'm having so much difficulty that I'm at the point where I think my desktop is going to get thrown out of the window!
I have been having an issue with this game for a long time now and thought that I would reformat my PC to see if that combats the issue, and that hasn't worked at all... Basically I can be playing the game for any time from 1 minute to 10 hours and it will crash... I have tried everything from changing the graphics to low to searching for Malware using Malwarebyte.
Please, any help would be greatly appreciated!
I've posted my Reliability Details and OTL log below:
Source
FINAL FANTASY XIV: A Realm Reborn
Summary
Stopped responding and was closed
Date
19/07/2014 05:00
Status
Not reported
Description
A problem caused this program to stop interacting with Windows.
Faulting Application Path: C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exe
Problem signature
Problem Event Name: AppHangB1
Application Name: ffxiv.exe
Application Version: 1.0.0.0
Application Timestamp: 53c4128d
Hang Signature: cd4d
Hang Type: 0
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 2057
Additional Hang Signature 1: cd4d937f0a518747f9171d50fa5ed4d0
Additional Hang Signature 2: 0dd3
Additional Hang Signature 3: 0dd3987180df8b43d762d9bd271cf5be
Additional Hang Signature 4: cd4d
Additional Hang Signature 5: cd4d937f0a518747f9171d50fa5ed4d0
Additional Hang Signature 6: 0dd3
Additional Hang Signature 7: 0dd3987180df8b43d762d9bd271cf5be
------------------
OTL logfile created on: 19/07/2014 05:30:40 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = E:\DOWNLOADS
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
7.89 Gb Total Physical Memory | 5.85 Gb Available Physical Memory | 74.10% Memory free
15.79 Gb Paging File | 13.59 Gb Available in Paging File | 86.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107.13 Gb Total Space | 63.20 Gb Free Space | 58.99% Space Free | Partition Type: NTFS
Drive D: | 390.62 Gb Total Space | 389.47 Gb Free Space | 99.71% Space Free | Partition Type: NTFS
Drive E: | 540.89 Gb Total Space | 539.70 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Drive F: | 3.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 3.75 Gb Total Space | 3.49 Gb Free Space | 92.97% Space Free | Partition Type: FAT32
Computer Name: RAGNA-PC | User Name: Ragna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - E:\DOWNLOADS\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - D:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - D:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - D:\Program Files\AVAST Software\Avast\aswProperty.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 14 A0 C4 F4 A2 CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: D:\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: D:\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/19 03:02:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/07/19 05:20:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ragna\AppData\Roaming\Mozilla\Extensions
[2014/07/19 05:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/19 05:24:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE192021-BCA2-4F26-9E4B-1D258885B25C}: DhcpNameServer = 192.168.1.254 192.168.1.254
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 08:26:00 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/07/19 11:38:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/07/19 11:38:07 | 000,000,000 | -HSD | C] -- C:\Boot
[2014/07/19 05:22:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/07/19 05:20:24 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Mozilla
[2014/07/19 05:20:24 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Mozilla
[2014/07/19 05:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/07/19 05:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/07/19 05:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/19 05:16:13 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/19 05:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/19 05:16:02 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/19 05:16:02 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/19 05:16:02 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/19 05:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/19 05:15:40 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Programs
[2014/07/19 03:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Skype
[2014/07/19 03:27:28 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Skype
[2014/07/19 03:27:25 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/07/19 03:27:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/07/19 03:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/07/19 03:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/07/19 03:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/07/19 03:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/07/19 03:19:48 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Macromedia
[2014/07/19 03:19:47 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\SplitMediaLabs
[2014/07/19 03:19:46 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Adobe
[2014/07/19 03:19:39 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014/07/19 03:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2014/07/19 03:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2014/07/19 03:19:05 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\SplitmediaLabs
[2014/07/19 03:18:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/07/19 03:18:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/07/19 03:12:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/07/19 03:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SquareEnix
[2014/07/19 03:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
[2014/07/19 03:12:04 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\NVIDIA Corporation
[2014/07/19 03:11:40 | 000,000,000 | ---D | C] -- C:\Users\Ragna\Documents\My Games
[2014/07/19 03:08:11 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\NVIDIA
[2014/07/19 03:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/07/19 03:07:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/07/19 03:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/07/19 03:06:37 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/07/19 03:06:37 | 000,052,056 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/07/19 03:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/07/19 03:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/07/19 03:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/07/19 03:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/07/19 03:04:01 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/07/19 03:03:18 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\DropboxMaster
[2014/07/19 03:03:16 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/07/19 03:03:04 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Dropbox
[2014/07/19 03:02:52 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\AVAST Software
[2014/07/19 03:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/07/19 03:02:37 | 001,041,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/07/19 03:02:37 | 000,427,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/07/19 03:02:37 | 000,307,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/07/19 03:02:37 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/07/19 03:02:37 | 000,092,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/07/19 03:02:37 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/07/19 03:02:36 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/19 03:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/07/19 02:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/07/19 02:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/07/19 02:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/07/19 02:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/07/19 02:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/07/19 02:58:16 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Google
[2014/07/19 02:58:13 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Deployment
[2014/07/19 02:58:13 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Apps
[2014/07/19 02:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2014/07/19 02:56:28 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/07/19 02:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014/07/19 02:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014/07/19 02:42:35 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/07/19 02:42:35 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Searches
[2014/07/19 02:42:35 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/07/19 02:42:35 | 000,000,000 | -H-D | C] -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/07/19 02:42:30 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Identities
[2014/07/19 02:42:29 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Contacts
[2014/07/19 02:42:28 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\VirtualStore
[2014/07/19 02:42:27 | 000,000,000 | --SD | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Videos
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Saved Games
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Pictures
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Music
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Links
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Favorites
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Downloads
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Documents
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Desktop
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\AppData\Local\Temporary Internet Files
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Templates
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Start Menu
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\SendTo
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Recent
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\PrintHood
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\NetHood
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Documents\My Videos
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Documents\My Pictures
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Documents\My Music
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\My Documents
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Local Settings
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\AppData\Local\History
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Cookies
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Application Data
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\AppData\Local\Application Data
[2014/07/19 02:42:27 | 000,000,000 | -H-D | C] -- C:\Users\Ragna\AppData
[2014/07/19 02:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Temp
[2014/07/19 02:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Microsoft
[2014/07/19 02:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Media Center Programs
[2014/07/19 02:42:22 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/07/19 02:42:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/07/19 02:39:18 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/07/19 02:39:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2014/07/19 11:38:09 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/07/19 05:29:06 | 000,013,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/19 05:29:06 | 000,013,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/19 05:27:58 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/19 05:27:58 | 000,663,664 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/19 05:27:58 | 000,124,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/19 05:24:10 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/19 05:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/19 05:22:14 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/19 05:22:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/19 05:21:58 | 686,763,233 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/07/19 05:21:58 | 2062,565,375 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/19 05:16:04 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/19 05:12:10 | 000,013,113 | ---- | M] () -- C:\Users\Ragna\Desktop\View reliability history - Shortcut.lnk
[2014/07/19 03:27:25 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/07/19 03:20:06 | 000,000,685 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | M] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\XSplit Broadcaster.lnk
[2014/07/19 03:06:04 | 000,763,706 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/19 03:02:48 | 000,427,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/07/19 03:02:36 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/07/19 03:02:36 | 000,307,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/07/19 03:02:36 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/07/19 03:02:36 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/07/19 03:02:36 | 000,092,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/07/19 03:02:36 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/07/19 03:02:36 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/07/19 03:02:36 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/19 03:02:36 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/07/19 02:44:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/07/19 02:42:51 | 000,001,441 | ---- | M] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/07/19 02:41:51 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/19 02:41:29 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/07/19 02:41:29 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2014/07/19 11:38:09 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014/07/19 11:38:07 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2014/07/19 11:37:56 | 000,203,836 | RHS- | C] () -- C:\grldr
[2014/07/19 05:21:58 | 686,763,233 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/07/19 05:20:18 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/07/19 05:20:18 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/19 05:16:04 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/19 05:12:10 | 000,013,113 | ---- | C] () -- C:\Users\Ragna\Desktop\View reliability history - Shortcut.lnk
[2014/07/19 03:27:25 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/07/19 03:20:06 | 000,000,685 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\XSplit Broadcaster.lnk
[2014/07/19 03:19:00 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/19 03:06:45 | 003,774,821 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/07/19 03:06:03 | 000,763,706 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/19 03:04:52 | 000,026,069 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/07/19 03:02:37 | 000,224,896 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/07/19 03:02:37 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/07/19 03:02:37 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/07/19 02:44:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/07/19 02:42:51 | 000,001,441 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/07/19 02:42:37 | 000,001,413 | ---- | C] () -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/07/19 02:42:36 | 000,001,447 | ---- | C] () -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/07/19 02:42:27 | 000,000,290 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/07/19 02:42:27 | 000,000,272 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/07/19 02:41:25 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/07/19 02:41:24 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/07/19 02:39:09 | 2062,565,375 | -HS- | C] () -- C:\hiberfil.sys
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/07/19 03:02:52 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\AVAST Software
[2014/07/19 03:03:21 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\Dropbox
[2014/07/19 03:03:21 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\DropboxMaster
[2014/07/19 03:19:05 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\SplitmediaLabs
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = E:\DOWNLOADS
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
7.89 Gb Total Physical Memory | 5.85 Gb Available Physical Memory | 74.10% Memory free
15.79 Gb Paging File | 13.59 Gb Available in Paging File | 86.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107.13 Gb Total Space | 63.20 Gb Free Space | 58.99% Space Free | Partition Type: NTFS
Drive D: | 390.62 Gb Total Space | 389.47 Gb Free Space | 99.71% Space Free | Partition Type: NTFS
Drive E: | 540.89 Gb Total Space | 539.70 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Drive F: | 3.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 3.75 Gb Total Space | 3.49 Gb Free Space | 92.97% Space Free | Partition Type: FAT32
Computer Name: RAGNA-PC | User Name: Ragna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - E:\DOWNLOADS\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - D:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - D:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - D:\Program Files\AVAST Software\Avast\aswProperty.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 14 A0 C4 F4 A2 CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: D:\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: D:\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/19 03:02:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/07/19 05:20:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ragna\AppData\Roaming\Mozilla\Extensions
[2014/07/19 05:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/19 05:24:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE192021-BCA2-4F26-9E4B-1D258885B25C}: DhcpNameServer = 192.168.1.254 192.168.1.254
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 08:26:00 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/07/19 11:38:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/07/19 11:38:07 | 000,000,000 | -HSD | C] -- C:\Boot
[2014/07/19 05:22:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/07/19 05:20:24 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Mozilla
[2014/07/19 05:20:24 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Mozilla
[2014/07/19 05:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/07/19 05:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/07/19 05:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/19 05:16:13 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/19 05:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/19 05:16:02 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/19 05:16:02 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/19 05:16:02 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/19 05:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/19 05:15:40 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Programs
[2014/07/19 03:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Skype
[2014/07/19 03:27:28 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Skype
[2014/07/19 03:27:25 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/07/19 03:27:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/07/19 03:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/07/19 03:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/07/19 03:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/07/19 03:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/07/19 03:19:48 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Macromedia
[2014/07/19 03:19:47 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\SplitMediaLabs
[2014/07/19 03:19:46 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Adobe
[2014/07/19 03:19:39 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014/07/19 03:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2014/07/19 03:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2014/07/19 03:19:05 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\SplitmediaLabs
[2014/07/19 03:18:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/07/19 03:18:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/07/19 03:12:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/07/19 03:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SquareEnix
[2014/07/19 03:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
[2014/07/19 03:12:04 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\NVIDIA Corporation
[2014/07/19 03:11:40 | 000,000,000 | ---D | C] -- C:\Users\Ragna\Documents\My Games
[2014/07/19 03:08:11 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\NVIDIA
[2014/07/19 03:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/07/19 03:07:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/07/19 03:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/07/19 03:06:37 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/07/19 03:06:37 | 000,052,056 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/07/19 03:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/07/19 03:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/07/19 03:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/07/19 03:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/07/19 03:04:01 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/07/19 03:03:18 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\DropboxMaster
[2014/07/19 03:03:16 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/07/19 03:03:04 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Dropbox
[2014/07/19 03:02:52 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\AVAST Software
[2014/07/19 03:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/07/19 03:02:37 | 001,041,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/07/19 03:02:37 | 000,427,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/07/19 03:02:37 | 000,307,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/07/19 03:02:37 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/07/19 03:02:37 | 000,092,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/07/19 03:02:37 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/07/19 03:02:36 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/19 03:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/07/19 02:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/07/19 02:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/07/19 02:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/07/19 02:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/07/19 02:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/07/19 02:58:16 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Google
[2014/07/19 02:58:13 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Deployment
[2014/07/19 02:58:13 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Apps
[2014/07/19 02:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2014/07/19 02:56:28 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/07/19 02:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014/07/19 02:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014/07/19 02:42:35 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/07/19 02:42:35 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Searches
[2014/07/19 02:42:35 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/07/19 02:42:35 | 000,000,000 | -H-D | C] -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/07/19 02:42:30 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Identities
[2014/07/19 02:42:29 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Contacts
[2014/07/19 02:42:28 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\VirtualStore
[2014/07/19 02:42:27 | 000,000,000 | --SD | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Videos
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Saved Games
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Pictures
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Music
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Links
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Favorites
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Downloads
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Documents
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\Desktop
[2014/07/19 02:42:27 | 000,000,000 | R--D | C] -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\AppData\Local\Temporary Internet Files
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Templates
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Start Menu
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\SendTo
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Recent
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\PrintHood
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\NetHood
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Documents\My Videos
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Documents\My Pictures
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Documents\My Music
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\My Documents
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Local Settings
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\AppData\Local\History
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Cookies
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\Application Data
[2014/07/19 02:42:27 | 000,000,000 | -HSD | C] -- C:\Users\Ragna\AppData\Local\Application Data
[2014/07/19 02:42:27 | 000,000,000 | -H-D | C] -- C:\Users\Ragna\AppData
[2014/07/19 02:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Temp
[2014/07/19 02:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Local\Microsoft
[2014/07/19 02:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ragna\AppData\Roaming\Media Center Programs
[2014/07/19 02:42:22 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/07/19 02:42:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/07/19 02:39:18 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/07/19 02:39:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2014/07/19 11:38:09 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/07/19 05:29:06 | 000,013,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/19 05:29:06 | 000,013,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/19 05:27:58 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/19 05:27:58 | 000,663,664 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/19 05:27:58 | 000,124,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/19 05:24:10 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/19 05:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/19 05:22:14 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/19 05:22:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/19 05:21:58 | 686,763,233 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/07/19 05:21:58 | 2062,565,375 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/19 05:16:04 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/19 05:12:10 | 000,013,113 | ---- | M] () -- C:\Users\Ragna\Desktop\View reliability history - Shortcut.lnk
[2014/07/19 03:27:25 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/07/19 03:20:06 | 000,000,685 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | M] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\XSplit Broadcaster.lnk
[2014/07/19 03:06:04 | 000,763,706 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/19 03:02:48 | 000,427,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/07/19 03:02:36 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/07/19 03:02:36 | 000,307,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/07/19 03:02:36 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/07/19 03:02:36 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/07/19 03:02:36 | 000,092,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/07/19 03:02:36 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/07/19 03:02:36 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/07/19 03:02:36 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/19 03:02:36 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/07/19 02:44:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/07/19 02:42:51 | 000,001,441 | ---- | M] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/07/19 02:41:51 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/19 02:41:29 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/07/19 02:41:29 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2014/07/19 11:38:09 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014/07/19 11:38:07 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2014/07/19 11:37:56 | 000,203,836 | RHS- | C] () -- C:\grldr
[2014/07/19 05:21:58 | 686,763,233 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/07/19 05:20:18 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/07/19 05:20:18 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/19 05:16:04 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/19 05:12:10 | 000,013,113 | ---- | C] () -- C:\Users\Ragna\Desktop\View reliability history - Shortcut.lnk
[2014/07/19 03:27:25 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/07/19 03:20:06 | 000,000,685 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\XSplit Broadcaster.lnk
[2014/07/19 03:19:36 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\XSplit Broadcaster.lnk
[2014/07/19 03:19:00 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/19 03:06:45 | 003,774,821 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/07/19 03:06:03 | 000,763,706 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/19 03:04:52 | 000,026,069 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/07/19 03:02:37 | 000,224,896 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/07/19 03:02:37 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/07/19 03:02:37 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/07/19 02:44:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/07/19 02:42:51 | 000,001,441 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/07/19 02:42:37 | 000,001,413 | ---- | C] () -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/07/19 02:42:36 | 000,001,447 | ---- | C] () -- C:\Users\Ragna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/07/19 02:42:27 | 000,000,290 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/07/19 02:42:27 | 000,000,272 | ---- | C] () -- C:\Users\Ragna\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/07/19 02:41:25 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/07/19 02:41:24 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/07/19 02:39:09 | 2062,565,375 | -HS- | C] () -- C:\hiberfil.sys
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/07/19 03:02:52 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\AVAST Software
[2014/07/19 03:03:21 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\Dropbox
[2014/07/19 03:03:21 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\DropboxMaster
[2014/07/19 03:19:05 | 000,000,000 | ---D | M] -- C:\Users\Ragna\AppData\Roaming\SplitmediaLabs
========== Purity Check ==========
< End of report >
Edited by Korinu, 18 July 2014 - 10:35 PM.
Sign In
Create Account
