Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan reported while installing Spotify [Closed]

comodo spotify trojan

  • This topic is locked This topic is locked

#1
andy3337

andy3337

    New Member

  • Member
  • Pip
  • 1 posts

HI,

 

While installing Spotify using offcial installer from https://www.spotify....wnload/windows/,

Comodo antivirus reports the following:

 

C:\Users\ja\AppData\Roaming\Spotify\Spotify.exe  [email protected] 

 

I am wondering if my computer is infected or is it just Comodo reporting false positive?

 

 

Regards,

Andy

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-10-2015
Ran by ja (administrator) on APSIK (11-10-2015 11:24:23)
Running from M:\_del\Downloads
Loaded Profiles: ja (Available Profiles: tmp_l & ja)
Platform: Windows 8.1 Enterprise (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(EVGA Corp.) I:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe
(COMODO) M:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
() C:\Program Files\Everything\Everything.exe
() C:\Program Files\Everything\Everything.exe
(Creative Technology Ltd) C:\Program Files (x86)\Auzentech\Auzen X-Fi Prelude 7.1\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
() C:\Program Files\Everything\Everything.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFIHLP.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(EVGA Corp.) I:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionXServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(EVGA Corp.) I:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionXServer_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) M:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) M:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) M:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) M:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => M:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Auzentech\Auzen X-Fi Prelude 7.1\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-02] (Dropbox, Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE [23552 2011-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\Run: [Spotify Web Helper] => C:\Users\ja\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-11] (Spotify Ltd)
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\Run: [Spotify] => "C:\Users\ja\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2015-05-17] (Hermann Schinagl)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip\..\Interfaces\{03E2639C-5A23-4C35-98B9-E7C174D78094}: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip\..\Interfaces\{72D8313E-7F73-486F-AA6E-5D3D461DCE03}: [DhcpNameServer] 62.179.1.61 62.179.1.63
 
Internet Explorer:
==================
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://uk.yahoo.com?fr=fp-comodo
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4218086590-3747986834-725750251-1003 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> M:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-02] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> M:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-05-14] (FreeDownloadManager.ORG)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-02] (Oracle Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-19] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> M:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> M:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-4218086590-3747986834-725750251-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
 
Chrome: 
=======
CHR Profile: C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-18]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2015-05-18]
CHR Extension: (Google Docs) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-18]
CHR Extension: (Google Drive) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-18]
CHR Extension: (YouTube) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-18]
CHR Extension: (Adblock Plus) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-18]
CHR Extension: (Google Search) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-18]
CHR Extension: (Google Sheets) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
CHR Extension: (Google Docs Offline) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Enable right click) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2015-05-30]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2015-05-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-18]
CHR Extension: (Ghostery) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-05-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-18]
CHR Extension: (Context Menus) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlfmkfpmphogkomddckmggcfpmfchpn [2015-05-26]
CHR Extension: (Gmail) - C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-18]
CHR HKLM-x32\...\Chrome\Extension: [ahmpjcflkgiildlgicmcieglgoilbfdp] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 CmdAgent; M:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
S3 cmdvirth; M:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-05-16] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-26] (Dropbox, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed]
S3 GalaxyClientService; M:\games\GoG\GalaxyClientService.exe [1720888 2015-08-13] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6920248 2015-08-31] (GOG.com)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; M:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
S3 ptsysexec; C:\Windows\ptsysexec.exe [435296 2015-05-05] (Pismo Technic Inc.)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
R3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [202840 2011-08-20] (Creative Technology Ltd.)
R3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1417816 2011-08-20] (Creative Technology Ltd.)
R3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [94808 2011-08-20] (Creative Technology Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-21] (REALiX™)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-12] (NVIDIA Corporation)
S3 pfmfs_177; C:\Windows\System32\Drivers\pfmfs_177.sys [319880 2015-05-07] (Pismo Technic Inc.)
R1 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [86744 2015-05-16] (Dataram, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
S3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Engineer\kerneld.x64 [X]
S3 GPUZ; \??\E:\TEMP\GPUZ.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-11 11:16 - 2015-10-11 11:24 - 00000000 ____D C:\FRST
2015-10-06 22:04 - 2015-10-06 22:04 - 00000602 _____ C:\Users\ja\Desktop\sm98.exe - Shortcut.lnk
2015-10-06 21:23 - 2015-10-06 22:07 - 00000000 ____D C:\Users\ja\Desktop\sm
2015-10-05 19:26 - 2014-02-02 11:24 - 00065012 ____N C:\Users\ja\Desktop\The Paradise S02E06.srt
2015-10-05 16:39 - 2015-10-05 16:39 - 00001112 _____ C:\Users\ja\Desktop\scummvm.exe - Shortcut.lnk
2015-10-04 21:18 - 2015-10-04 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM
2015-10-04 21:17 - 2015-10-04 21:18 - 00000000 ____D C:\Users\ja\AppData\Roaming\ScummVM
2015-10-04 13:43 - 2015-10-04 13:43 - 00000558 _____ C:\Windows\PFRO.log
2015-10-04 00:55 - 2015-10-04 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 21:56 - 2015-09-21 18:54 - 00044870 _____ C:\Users\ja\Desktop\Rick and Morty S02E08.srt
2015-10-01 21:55 - 2015-09-02 09:05 - 00040834 _____ C:\Users\ja\Desktop\Rick.and.Morty.S02E06.The Ricks Must Be Crazy.HDTV.x264-BATV.srt
2015-10-01 01:02 - 2015-10-01 01:02 - 00000000 ____D C:\Users\ja\AppData\LocalLow\PencilTestStudios
2015-09-29 16:04 - 2015-10-11 10:53 - 00002864 _____ C:\Windows\setupact.log
2015-09-29 16:04 - 2015-09-29 16:04 - 00000000 _____ C:\Windows\setuperr.log
2015-09-29 00:27 - 2015-10-11 11:08 - 00950957 _____ C:\Windows\WindowsUpdate.log
2015-09-26 00:34 - 2015-09-26 00:34 - 00000069 _____ C:\Users\ja\Desktop\Jak się uwolnić od religii. Wykład Andrzeja Dominiczaka - YouTube.url
2015-09-25 21:59 - 2015-09-25 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gra Urban
2015-09-25 20:32 - 2015-09-25 20:32 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-09-25 20:32 - 2015-09-25 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA
2015-09-25 19:57 - 2015-09-25 19:57 - 00000000 ____D C:\WebMapCache
2015-09-17 17:05 - 2015-09-17 17:05 - 00000000 ____D C:\Users\ja\Desktop\Screen Captures
2015-09-15 12:10 - 2015-09-15 12:10 - 01247112 _____ (Mojang) C:\Users\ja\Desktop\Minecraft.exe
2015-09-15 12:10 - 2015-09-15 12:10 - 00000000 ____D C:\Users\ja\Desktop\tools
2015-09-15 00:52 - 2015-09-22 20:09 - 00000000 ____D C:\Users\ja\.dbus-keyrings
2015-09-13 14:18 - 2015-10-05 19:17 - 00001508 _____ C:\Users\ja\Desktop\Słówka - Maria.txt
2015-09-12 01:22 - 2015-09-12 01:22 - 00002486 _____ C:\Users\ja\Desktop\Fear And Loathing In Las Vegas 1998 720p x264 BRRip GokU61[Z Warriors Release].mp4 - Shortcut.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-11 11:24 - 2015-08-29 13:05 - 00003704 _____ C:\Users\ja\AppData\Roaming\Notepad2.ini
2015-10-11 11:21 - 2015-05-18 18:43 - 00000000 ____D C:\Users\ja\AppData\Roaming\Everything
2015-10-11 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-11 11:01 - 2015-05-16 11:33 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-11 11:00 - 2015-05-19 19:00 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-11 10:59 - 2014-11-21 10:40 - 01161136 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-11 10:56 - 2015-06-07 23:20 - 00000000 ____D C:\Users\ja\AppData\Roaming\Spotify
2015-10-11 10:53 - 2015-05-16 11:33 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-11 10:53 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-10 23:15 - 2015-05-16 12:21 - 2147549232 ____C C:\RAMDisk.img
2015-10-08 23:07 - 2015-05-16 12:21 - 2147549232 ____C C:\RAMDisk.img.bak
2015-10-08 23:07 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-08 08:30 - 2015-07-16 02:12 - 00000000 ____D C:\Users\ja\AppData\Roaming\qBittorrent
2015-10-07 00:20 - 2015-05-30 14:04 - 00000000 ____D C:\Users\ja\AppData\Roaming\foobar2000
2015-10-06 22:12 - 2015-05-18 18:41 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218086590-3747986834-725750251-1003
2015-10-06 20:58 - 2015-05-16 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-10-04 13:44 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-04 00:55 - 2015-07-26 13:02 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-01 01:31 - 2015-08-01 02:46 - 00000000 ____D C:\Users\ja\Desktop\abs
2015-09-29 00:16 - 2015-05-18 19:12 - 00000000 ____D C:\Users\ja\AppData\Roaming\Free Download Manager
2015-09-25 20:37 - 2015-05-18 23:19 - 00003320 _____ C:\Windows\System32\Tasks\EVGAPrecisionX
2015-09-25 20:32 - 2015-05-19 02:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-20 20:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-16 18:56 - 2015-05-16 11:33 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 18:56 - 2015-05-16 11:33 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 08:17 - 2015-05-18 18:36 - 00000000 ____D C:\Users\ja
2015-09-15 12:10 - 2015-08-29 07:58 - 00000000 ____D C:\Users\ja\Desktop\game
2015-09-15 03:18 - 2014-11-21 15:19 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2014-11-21 15:19 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-15 00:52 - 2015-09-02 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-15 00:50 - 2015-07-26 12:59 - 00000000 ____D C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2015-09-15 00:49 - 2015-05-16 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-15 00:47 - 2015-05-19 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pismo File Mount Audit Package
2015-09-15 00:46 - 2015-09-01 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-09-15 00:46 - 2015-08-13 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SequoiaView
2015-09-15 00:46 - 2015-08-03 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-09-15 00:46 - 2015-05-19 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-15 00:46 - 2015-05-16 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-15 00:45 - 2015-07-26 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-09-15 00:45 - 2015-07-26 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-09-15 00:45 - 2015-05-16 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
2015-09-15 00:44 - 2015-08-21 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2015-09-13 02:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-11 19:40 - 2013-08-22 16:44 - 00401360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-11 19:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-09-11 19:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-11 19:38 - 2015-06-02 18:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-11 19:38 - 2014-11-21 10:22 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
 
==================== Files in the root of some directories =======
 
2015-08-29 13:05 - 2015-10-11 11:24 - 0003704 _____ () C:\Users\ja\AppData\Roaming\Notepad2.ini
2015-09-22 20:10 - 2015-09-22 20:10 - 0003108 _____ () C:\Users\ja\AppData\Local\recently-used.xbel
2015-05-19 18:01 - 2015-06-27 00:08 - 0007671 _____ () C:\Users\ja\AppData\Local\Resmon.ResmonCfg
2015-07-26 13:07 - 2015-07-26 13:07 - 0000000 _____ () C:\Users\ja\AppData\Local\{BBF4C332-C886-49E0-BBB5-D218280F8E45}
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-08 05:27
 
==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-10-2015
Ran by ja (2015-10-11 11:24:39)
Running from M:\_del\Downloads
Windows 8.1 Enterprise (X64) (2015-05-16 10:15:59)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4218086590-3747986834-725750251-500 - Administrator - Disabled)
Guest (S-1-5-21-4218086590-3747986834-725750251-501 - Limited - Disabled)
ja (S-1-5-21-4218086590-3747986834-725750251-1003 - Administrator - Enabled) => C:\Users\ja
tmp_l (S-1-5-21-4218086590-3747986834-725750251-1002 - Administrator - Enabled) => C:\Users\tmp_l
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Armikrog (HKLM-x32\...\Steam App 334120) (Version:  - Pencil Test Studios)
Auzen X-Fi Prelude 7.1 (HKLM-x32\...\{DA7D5E4A-7AEA-45BE-AA03-3748282DFB09}) (Version: 1.0 - )
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
COMODO Internet Security Premium (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 8.2.0.4508 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
DARK SOULS™ II: Scholar of the First Sin (HKLM-x32\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
Everything 1.3.4.686 (x86) (HKLM-x32\...\Everything) (Version:  - )
EVGA PrecisionX 16 (HKLM-x32\...\{5DE6FF54-FBEE-48D7-BD6C-86DA8B72BAF4}) (Version: 5.3.8 - EVGA Corporation)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Free Download Manager 3.9.5 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.16) (Version: 9.16 - Artifex Software Inc.)
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTracker (HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\600024cb7d055291) (Version: 1.0.3.19 - Thomson Reuters)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.8.6.2 - Hermann Schinagl)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Meld (HKLM-x32\...\{2C4CE0C7-E628-4349-9E5B-0B1AD3ACAA3B}) (Version: 3.12.3 - The Meld project)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Metro 2033 Redux (HKLM-x32\...\Steam App 286690) (Version:  - 4A GAMES)
Metro: Last Light Redux (HKLM-x32\...\Steam App 287390) (Version:  - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.56.1 - Black Tree Gaming)
Notepad2 (Notepad Replacement) (HKLM\...\Notepad2) (Version: 4.2.25  - Florian Balmer)
NVIDIA Graphics Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Pismo File Mount Audit Package (HKLM\...\PismoFileMountAuditPackage) (Version:  - )
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Daum Kakao Corp.)
qBittorrent 3.2.3 (HKLM-x32\...\qBittorrent) (Version: 3.2.3 - The qBittorrent project)
Radeon RAMDisk (HKLM-x32\...\{9BE6CAA1-FC04-496C-A393-9999CFF8BBF2}) (Version: 4.4.0.33 - Dataram, Inc.)
ScummVM 1.7.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SequoiaView (HKLM-x32\...\SequoiaView) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version:  - Croteam)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.8.3 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Finisher Animations (HKLM-x32\...\New Finisher Animations_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Ultra Street Fighter IV (HKLM-x32\...\Steam App 45760) (Version:  - Capcom)
Unity Web Player (HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
URBAN 2 (HKLM-x32\...\URBAN 2_is1) (Version:  - Bartosz ¯ó³tak)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
World of Tanks (HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
18-09-2015 05:36:06 Scheduled Checkpoint
25-09-2015 20:32:37 Installed EVGA PrecisionX 16.
03-10-2015 03:43:46 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03F2BD7E-1C26-468D-87D7-157FACA5F580} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => M:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {149D08E2-F892-4BC2-9E07-A5A08776A63F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.)
Task: {17255748-A3E9-4B1A-B5CD-F8E4DDCE8165} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.)
Task: {2CD72EDF-9CBA-41F2-BA3F-A5F91238A0B8} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {4E5F3934-43F3-4AC6-8DEB-BBD6B79B279B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {519F8252-4F67-46F6-9348-7DD955850ACA} - System32\Tasks\EVGAPrecisionX => I:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe [2015-09-17] (EVGA Corp.)
Task: {663262A9-FCA3-4046-8F9B-FABE33DF3983} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => M:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {836CCD4D-FB0D-4204-A5AD-5B6B225354C2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-26] (Dropbox, Inc.)
Task: {91201B52-B472-4C61-8F0B-ED0646637B2F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-26] (Dropbox, Inc.)
Task: {B0A89E12-61D8-464A-A65A-C262461ACD56} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => M:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05] (COMODO)
Task: {D5BBEECD-5CC9-423D-AF30-E64AE6D7AB05} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => M:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {EAA327FD-2221-44FC-8C4F-065373D397AD} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => M:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05] (COMODO)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-16 12:18 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-16 12:34 - 2013-10-23 15:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2009-10-26 03:44 - 2009-10-26 03:44 - 00022016 _____ () C:\Windows\System32\sx450sl6.dll
2004-09-30 20:15 - 2004-09-30 20:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2015-07-26 12:59 - 2014-08-06 03:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2015-05-27 14:51 - 2015-05-27 14:51 - 00156160 _____ () I:\Program Files (x86)\EVGA\PrecisionX 16\FW1FontWrapper_x64.dll
2015-01-08 23:02 - 2015-01-08 23:02 - 00067808 _____ () M:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-05-16 14:30 - 2011-08-20 04:15 - 00003072 _____ () C:\Windows\system32\CTXFIRES.DLL
2004-09-30 19:09 - 2004-09-30 19:09 - 00155648 _____ () C:\Program Files\LinkShellExtension\32\RockallDLL.dll
2015-09-27 04:02 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-27 04:02 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-05-27 14:51 - 2015-05-27 14:51 - 00129536 _____ () I:\Program Files (x86)\EVGA\PrecisionX 16\FW1FontWrapper.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\ja\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 62.179.1.61 - 62.179.1.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: NvStreamSvc => 2
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4218086590-3747986834-725750251-1003\...\StartupApproved\Run: => "GalaxyClient"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F73CD816-3507-496C-BE56-6E43A3088BAF}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{8F9A7799-2D0A-4059-A948-EB3B4DD487D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{08FF259A-0684-415C-8836-0833AF1F0C34}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C77E9FDC-B92C-419B-A179-11354CE12266}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4D69293E-DDF5-41F7-B255-26E56919B984}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{31D21550-B1B1-4800-8B6E-2800BAB41248}] => (Allow) M:\games\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7E98654C-8768-474D-B9DD-D6576B0672EB}] => (Allow) M:\games\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{52381190-5F88-4AE3-9530-1005599D82F7}] => (Allow) M:\games\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{02439E37-CDA9-423F-904A-CF11843FC483}] => (Allow) M:\games\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [TCP Query User{210CA318-797A-436C-9222-B8C16FE2A9A8}M:\ssd_8\steam\steam.exe] => (Allow) M:\ssd_8\steam\steam.exe
FirewallRules: [UDP Query User{A0376E8E-88A7-496A-8D7C-DE7294BB60CF}M:\ssd_8\steam\steam.exe] => (Allow) M:\ssd_8\steam\steam.exe
FirewallRules: [{49F2E89D-03E3-49FC-9DD9-A296135FCF14}] => (Allow) M:\games\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{E01F7231-7026-4850-827D-C0F05A94CFC2}] => (Allow) M:\games\Steam\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [TCP Query User{AAF764DA-E1CC-4D00-BE73-FB5402B868E9}M:\program files\comicrack\comicrack.exe] => (Allow) M:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{ADC3A04F-3007-4D98-A9B9-C2B0967C7A11}M:\program files\comicrack\comicrack.exe] => (Allow) M:\program files\comicrack\comicrack.exe
FirewallRules: [{08EC9626-0AB9-4DC3-860A-C40C3643BA68}] => (Allow) M:\games\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{B1C14D99-BAFF-4140-B4E8-568C3A6AF91C}] => (Allow) M:\games\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [TCP Query User{EC1DAB37-B1C9-4D05-84CE-8276CC44CCAB}M:\apps\firefoxportabletest\app\firefox\plugin-container.exe] => (Allow) M:\apps\firefoxportabletest\app\firefox\plugin-container.exe
FirewallRules: [UDP Query User{2EF00A3C-E5A9-4FB9-875B-EE46A8B5DA52}M:\apps\firefoxportabletest\app\firefox\plugin-container.exe] => (Allow) M:\apps\firefoxportabletest\app\firefox\plugin-container.exe
FirewallRules: [TCP Query User{EAE19A77-DC54-4C43-A723-0646CDE3FE2B}C:\users\ja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ja\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D8A09410-A020-42C5-9514-BB34E66E6B5A}C:\users\ja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ja\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C037797F-37B9-4807-A59A-CE8BE96D1691}] => (Allow) M:\games\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{5E24EAA4-7461-4C31-AA8E-78EF5859A86C}] => (Allow) M:\games\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{D8C5986B-F595-4FEA-91DE-C2237A969C27}] => (Allow) M:\games\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{9F69B569-D0F2-44CD-B460-4677C46A54F3}] => (Allow) M:\games\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{2895CEF3-EF46-4C0D-8ED5-6B8E9933652C}] => (Allow) M:\games\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{3CD7528E-0D77-47AC-8716-3B801EDFCF0F}] => (Allow) M:\games\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{25D1CCB6-C7EE-4C4A-ACB8-616A9C2D46C3}] => (Allow) M:\games\Steam\steamapps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{36B0E953-A061-485A-A37D-F07F1C28FCFA}] => (Allow) M:\games\Steam\steamapps\common\Metro 2033 Redux\metro.exe
FirewallRules: [{4E29877D-524B-4D8C-BA74-BE69CE1020FB}] => (Allow) M:\games\Steam\steamapps\common\Metro Last Light Redux\metro.exe
FirewallRules: [{E49657A1-200F-4ADC-8733-0D9C4B1C861A}] => (Allow) M:\games\Steam\steamapps\common\Metro Last Light Redux\metro.exe
FirewallRules: [{D9B62FFC-62C2-46D7-91DF-3BD6EDB1028D}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{8A6A14EC-64E6-4906-BA68-EF1FA95D275E}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{F7A71D03-B9B8-42C3-A2C9-631D0B26B582}] => (Allow) M:\games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{066A522D-FBCB-4DAE-BEA5-AE9A876D2AB0}] => (Allow) M:\games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{C0F0C7E5-806E-4A01-B483-CA5022553EC3}M:\games\world_of_tanks\wotlauncher.exe] => (Allow) M:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{E9A9356E-B4AF-4A08-AB93-A893B66FE043}M:\games\world_of_tanks\wotlauncher.exe] => (Allow) M:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{4FC3C428-7535-4BAB-80F1-EB59907D54F4}M:\games\world_of_tanks\worldoftanks.exe] => (Allow) M:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{87EF93DB-1D79-4843-95E8-BD1F76A07957}M:\games\world_of_tanks\worldoftanks.exe] => (Allow) M:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{85DF1901-764E-441B-88F5-047C3A9A98F2}C:\users\ja\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ja\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0D8177C1-CE87-4039-9517-C7E7CE81203F}C:\users\ja\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\ja\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7E819B86-6CAD-439A-87FF-933CA86048B0}] => (Allow) M:\games\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{4FB57E97-0E49-4A6D-8DDB-5C49F6E574F1}] => (Allow) M:\games\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{68093109-FE95-4658-A31D-CF0CC8A346BC}] => (Allow) M:\games\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{DD29CD91-FEAE-400E-A23C-11750376914B}] => (Allow) M:\games\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{F16FBFB7-FCA9-44C3-96CA-6E6E7C79E36A}] => (Allow) M:\games\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{1D3EF70C-0987-4AA5-99E7-72D745EC09FC}] => (Allow) M:\games\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{6129E336-45E3-48DF-B9C0-FA5897EC6A6A}] => (Allow) M:\games\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{E6D51363-7243-4371-82E3-42B179A6FBD7}] => (Allow) M:\games\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{D795141C-065B-4040-861C-1D385F8E3A1D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0123C4D0-2E27-4352-A719-36557411C40B}] => (Allow) M:\games\Steam\steamapps\common\Armikrog\Armikrog.exe
FirewallRules: [{564CBAE8-9626-4D66-B8F8-016BC01874FC}] => (Allow) M:\games\Steam\steamapps\common\Armikrog\Armikrog.exe
FirewallRules: [{65554FCF-42E0-4AC0-AE9C-49B6CD9117E5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: NVIDIA Miracast Audio
Description: NVIDIA Miracast Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVVADARM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/15/2015 12:55:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: steam.exe, version: 2.92.69.85, time stamp: 0x55d4caea
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00000fd
Fault offset: 0x77bc971d
Faulting process ID: 0x6e4
Faulting application start time: 0xsteam.exe0
Faulting application path: steam.exe1
Faulting module path: steam.exe2
Report ID: steam.exe3
Faulting package full name: steam.exe4
Faulting package-relative application ID: steam.exe5
 
Error: (09/12/2015 01:39:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AZMSu.exe, version: 2.61.1.0, time stamp: 0x495495b4
Faulting module name: AZMSu.exe, version: 2.61.1.0, time stamp: 0x495495b4
Exception code: 0xc0000005
Fault offset: 0x000048ab
Faulting process ID: 0x110c
Faulting application start time: 0xAZMSu.exe0
Faulting application path: AZMSu.exe1
Faulting module path: AZMSu.exe2
Report ID: AZMSu.exe3
Faulting package full name: AZMSu.exe4
Faulting package-relative application ID: AZMSu.exe5
 
Error: (09/12/2015 01:38:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AZMSu.exe, version: 2.61.1.0, time stamp: 0x495495b4
Faulting module name: AZMSu.exe, version: 2.61.1.0, time stamp: 0x495495b4
Exception code: 0xc0000005
Fault offset: 0x000048ab
Faulting process ID: 0x1394
Faulting application start time: 0xAZMSu.exe0
Faulting application path: AZMSu.exe1
Faulting module path: AZMSu.exe2
Report ID: AZMSu.exe3
Faulting package full name: AZMSu.exe4
Faulting package-relative application ID: AZMSu.exe5
 
Error: (09/12/2015 01:34:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AZMSu.exe, version: 2.61.1.0, time stamp: 0x495495b4
Faulting module name: AZMSu.exe, version: 2.61.1.0, time stamp: 0x495495b4
Exception code: 0xc0000005
Fault offset: 0x000048ab
Faulting process ID: 0x13bc
Faulting application start time: 0xAZMSu.exe0
Faulting application path: AZMSu.exe1
Faulting module path: AZMSu.exe2
Report ID: AZMSu.exe3
Faulting package full name: AZMSu.exe4
Faulting package-relative application ID: AZMSu.exe5
 
Error: (09/11/2015 07:16:59 PM) (Source: Perflib) (EventID: 1015) (User: )
Description: SpoolerC:\Windows\System32\winspool.drv0
 
Error: (09/11/2015 07:13:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WUDFHost.exe, version: 6.3.9600.17415, time stamp: 0x5450412e
Faulting module name: ntdll.dll, version: 6.3.9600.17936, time stamp: 0x55a68e0c
Exception code: 0xc0000409
Fault offset: 0x0000000000082118
Faulting process ID: 0xb60
Faulting application start time: 0xWUDFHost.exe0
Faulting application path: WUDFHost.exe1
Faulting module path: WUDFHost.exe2
Report ID: WUDFHost.exe3
Faulting package full name: WUDFHost.exe4
Faulting package-relative application ID: WUDFHost.exe5
 
Error: (09/06/2015 11:17:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 38.0.0.5567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: af4
 
Start Time: 01d0e8e90ba6476e
 
Termination Time: 4294967295
 
Application Path: M:\apps\FirefoxPortableTest\App\firefox\firefox.exe
 
Report Id: 9f7bda42-54dc-11e5-82b3-a7755f8c852f
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (09/04/2015 08:18:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x55ce3d41
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process ID: 0xeb0
Faulting application start time: 0xcsgo.exe0
Faulting application path: csgo.exe1
Faulting module path: csgo.exe2
Report ID: csgo.exe3
Faulting package full name: csgo.exe4
Faulting package-relative application ID: csgo.exe5
 
Error: (09/04/2015 10:09:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 45.0.2454.85, time stamp: 0x55df881b
Faulting module name: guard32.dll, version: 8.2.0.4674, time stamp: 0x55c148a3
Exception code: 0xc0000409
Fault offset: 0x000269c9
Faulting process ID: 0xfa8
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report ID: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
Error: (09/04/2015 10:07:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 45.0.2454.85, time stamp: 0x55df881b
Faulting module name: guard32.dll, version: 8.2.0.4674, time stamp: 0x55c148a3
Exception code: 0xc0000409
Fault offset: 0x000269c9
Faulting process ID: 0x1128
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report ID: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
 
 
System errors:
=============
Error: (10/10/2015 03:04:20 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/10/2015 03:03:50 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/09/2015 07:29:08 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/09/2015 07:28:38 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/08/2015 05:28:13 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/08/2015 05:27:43 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/07/2015 05:48:23 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/07/2015 05:47:53 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (10/06/2015 03:06:00 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (10/06/2015 03:05:30 AM) (Source: DCOM) (EventID: 10010) (User: aPsik)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
CodeIntegrity:
===================================
  Date: 2015-10-11 10:54:48.596
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-10 22:33:05.722
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-10 22:21:39.276
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-10 22:11:41.600
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-10 21:52:52.431
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-10 21:23:57.125
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-09 23:01:48.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-09 21:41:22.403
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-09 21:28:23.561
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-09 21:02:00.604
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 29%
Total physical RAM: 16348.14 MB
Available physical RAM: 11555.02 MB
Total Virtual: 16348.14 MB
Available Virtual: 10677.22 MB
 
==================== Drives ================================
 
Drive c: (SSD C) (Fixed) (Total:111.27 GB) (Free:45.4 GB) NTFS
Drive e: (RAMDisk E) (Fixed) (Total:2 GB) (Free:1.48 GB) NTFS
Drive i: (vol I 2794) (Fixed) (Total:2794.39 GB) (Free:317.26 GB) NTFS
Drive m: (vol M 2794) (Fixed) (Total:2794.39 GB) (Free:1655.89 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 5BBD5EE8)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 7325AB27)
 
Partition: GPT.
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 0EBA0EB9)
 
Partition: GPT.
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 2 GB) (Disk ID: FF092C6B)
Partition 1: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Apologies for the delay .. If you still require assistance please post fresh FRST logs
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP