Inactive Sale Plus Virus.

Dragonsgg · Apr 15, 2015

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by Diolan (administrator) on DIOLAN-PC on 15-04-2015 21:25:28
Running from C:\Users\Diolan\Downloads
Loaded Profiles: Diolan (Available profiles: Diolan)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Diolan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft) C:\Users\Diolan\AppData\Local\Temp\win32ui\win32ui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Diolan\Desktop\Dolphin-x64\Dolphin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-09-19] (Razer Inc.)
HKLM-x32\...\Run: [Winlogon] => C:\Users\Diolan\AppData\Roaming\SubFolder\SubFolder\winlogon.exe [3395584 2014-07-30] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [Spotify Web Helper] => C:\Users\Diolan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [Winlogon] => C:\Users\Diolan\AppData\Roaming\SubFolder\SubFolder\winlogon.exe [3395584 2014-07-30] ()
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [dualmonitor] => [X]
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [system] => C:\Users\Diolan\AppData\Roaming\sys32\win32ui.exe [282656 2014-07-31] (Microsoft)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [f.lux] => C:\Users\Diolan\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [Spotify] => C:\Users\Diolan\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-23] (Spotify Ltd)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3325824 2015-04-11] (Echobit LLC)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\MountPoints2: {09853d44-0d35-11e4-9abe-14dae9096cff} - H:\setup.exe
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\MountPoints2: {a5f3410a-2e96-11e4-9d74-14dae9096cff} - H:\setup.exe
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\MountPoints2: {ae21202b-0e06-11e4-9282-14dae9096cff} - I:\CMADownloader.exe
HKU\S-1-5-18\...\Run: [Backblaze] => "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation(R).lnk
ShortcutTarget: Content Manager Assistant for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk
ShortcutTarget: Hauppauge Device Properties.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk
ShortcutTarget: Wireless Configuration Utility.lnk -> C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe ()
Startup: C:\Users\Diolan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Diolan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super_Smash_Bros_Melee_U_OneUp.lnk
ShortcutTarget: Super_Smash_Bros_Melee_U_OneUp.lnk -> C:\ProgramData\{fb696783-eda7-80fa-fb69-96783eda9e0f}\Super_Smash_Bros_Melee_U_OneUp.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0&ocid=iehp
SearchScopes: HKU\S-1-5-21-1416841813-2958593455-3838444299-1000 -> {5A1C5AE9-DE83-41D4-8F0C-059125A34198} URL = https://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO: SoalePlus -> {92e9e0f3-2dc6-4050-a91e-479c671616ec} -> C:\Program Files (x86)\SoalePlus\7PjshDgTLBEPeo.x64.dll [2015-04-14] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
BHO: No Name -> {edc9325b-181b-4563-bcf8-cceeb8158c5a} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19] (Oracle Corporation)
BHO-x32: SoalePlus -> {92e9e0f3-2dc6-4050-a91e-479c671616ec} -> C:\Program Files (x86)\SoalePlus\7PjshDgTLBEPeo.dll [2015-04-14] ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19] (Oracle Corporation)
BHO-x32: No Name -> {edc9325b-181b-4563-bcf8-cceeb8158c5a} -> No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{80A1ADCE-CC72-4A27-9684-87295C42B3F7}: [NameServer] 208.67.222.222,208.68.220.220

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-01-30] (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Diolan\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> https://www.google.ca/
CHR StartupUrls: Default -> "hxxp://google.ca/", "hxxp://www.v9.com/?type=hppp&ts=1404232067&from=adks&uid=SamsungXSSDX840XEVOX120GB_S1D5NSADC63703E&I=psd&t=344fccf27", "hxxp://www.v9.com/?type=hppp&ts=1404322292&from=adks&uid=SamsungXSSDX840XEVOX120GB_S1D5NSADC63703E&I=psd&t=3450a9391", "hxxp://mysearch.avg.com?cid={32589852-F03E-4E63-BC83-40E2735FD50E}&mid=24ec2a0f3a1c47d299f5c593afed850c-deb18940266d4729decc18da223c5dbc7d73be3d&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-07-06 03:38:36&v=3.0.0.2&pid=wtu&sg=&sap=hp"
CHR Profile: C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-07-09]
CHR Extension: (Media Hint) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akipcefbjlmpbcejgdaopmmidpnjlhnb [2015-02-24]
CHR Extension: (Google Docs) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-09]
CHR Extension: (Faceit Customizer) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomgehfnddilfkjooooihdnjeabknepl [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-09]
CHR Extension: (Adguard AdBlocker) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2014-07-09]
CHR Extension: (YouTube) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-09]
CHR Extension: (Adblock Plus) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-09]
CHR Extension: (Google Search) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-09]
CHR Extension: (LoL Stream Browser) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2014-10-10]
CHR Extension: (FrankerFaceZ) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2014-07-09]
CHR Extension: (AudioBox Micro Player) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfmlbdkencbfhbekcehpkgmianmlgfe [2015-02-02]
CHR Extension: (AdBlock) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-09]
CHR Extension: (Lone Tree) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2014-09-14]
CHR Extension: (YouRepeat) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpjonelgkpmoamjkigojeifadlhlbna [2014-07-09]
CHR Extension: (Adblock Advisor) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplojogpbcbnjoemcalepfmbcpnkpjjo [2014-07-09]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-07-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Until AM for Chrome) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-09]
CHR Extension: (Gmail) - C:\Users\Diolan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-03-29] (altPUG LLC)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-10] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1581440 2015-04-11] (Echobit LLC)
R3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [399120 2014-07-10] (Hauppauge Computer Works, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]
S2 WRSVC; "C:\Program Files\Webroot\WRSA.exe" -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-28] (Disc Soft Ltd)
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2015-04-11] (Echobit, LLC)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [969048 2014-04-29] (Hauppauge Computer Work, Inc.)
S0 hmUXjYgF; C:\Windows\System32\drivers\hmUXjYgF.sys [116736 2015-04-15] (Webroot)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ESEADriver2; \??\C:\Users\Diolan\AppData\Local\Temp\ESEADriver2.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R0 WRkrn; System32\drivers\WRkrn.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 21:25 - 2015-04-15 21:25 - 02097664 _____ (Farbar) C:\Users\Diolan\Downloads\FRST64.exe
2015-04-15 21:25 - 2015-04-15 21:25 - 00032767 _____ () C:\Users\Diolan\Downloads\FRST.txt
2015-04-15 21:25 - 2015-04-15 21:25 - 00000000 ____D () C:\FRST
2015-04-15 21:24 - 2015-04-15 21:25 - 150062624 _____ (Avast Software s.r.o.) C:\Users\Diolan\Downloads\avast_free_antivirus_setup.exe
2015-04-15 20:59 - 2015-04-15 20:59 - 00002794 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-04-15 20:59 - 2015-04-15 20:59 - 00000831 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-15 20:59 - 2015-04-15 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-15 20:59 - 2015-04-15 20:59 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-15 20:58 - 2015-04-15 20:59 - 05344528 _____ (Piriform Ltd) C:\Users\Diolan\Downloads\ccsetup504.exe
2015-04-15 20:56 - 2015-04-15 20:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2015-04-15 20:54 - 2015-04-15 20:54 - 00000000 ____D () C:\Imminent
2015-04-15 20:50 - 2015-04-15 20:50 - 00116736 _____ (Webroot) C:\Windows\system32\Drivers\hmUXjYgF.sys
2015-04-15 20:48 - 2015-04-15 20:48 - 00818096 _____ (Webroot) C:\Users\Diolan\Downloads\wsamgravt.exe
2015-04-15 20:46 - 2015-04-15 20:46 - 00000000 ____D () C:\Program Files\MotioninJoy
2015-04-15 20:46 - 2012-05-12 12:31 - 00121416 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys
2015-04-15 20:46 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\SETFF98.tmp
2015-04-15 20:46 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\SETFBF2.tmp
2015-04-15 20:46 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\SETDB75.tmp
2015-04-15 20:46 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\SETC98A.tmp
2015-04-15 20:46 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\SETC2A8.tmp
2015-04-15 20:46 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\SET9AEC.tmp
2015-04-15 20:46 - 2011-12-07 19:42 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll
2015-04-15 20:46 - 2011-12-07 19:42 - 00074960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xusb21.sys
2015-04-15 20:45 - 2015-04-15 20:45 - 04117346 _____ () C:\Users\Diolan\Downloads\motioninjoy-0-7-1001-en-win.zip
2015-04-15 20:43 - 2015-04-15 20:43 - 02268888 _____ () C:\Users\Diolan\Downloads\DS3 Tool 1.0005 Win 64bit (1).7z
2015-04-15 20:41 - 2015-04-15 20:56 - 00000000 ____D () C:\Windows\LastGood
2015-04-15 20:39 - 2013-05-19 03:02 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-04-15 20:39 - 2013-01-07 10:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-04-15 20:36 - 2015-04-15 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotionInJoy
2015-04-15 20:36 - 2015-04-15 20:36 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\MotioninJoy
2015-04-15 20:34 - 2015-04-15 20:34 - 02268888 _____ () C:\Users\Diolan\Downloads\DS3 Tool 1.0005 Win 64bit.7z
2015-04-14 19:12 - 2015-04-14 19:25 - 1020219424 _____ () C:\Users\Diolan\Downloads\Super Smash Bros. Melee (USA) (v1.02).7z
2015-04-14 19:07 - 2015-04-15 20:50 - 00000000 ____D () C:\Program Files (x86)\SoalePlus
2015-04-14 19:07 - 2015-04-14 19:07 - 00000000 ____D () C:\ProgramData\ibgbcibbebelcmilkemkojcfaflfgjjk
2015-04-14 19:07 - 2015-04-14 19:07 - 00000000 ____D () C:\ProgramData\4550243165891394748
2015-04-14 19:06 - 2015-04-15 20:50 - 00000000 ____D () C:\ProgramData\{fb696783-eda7-80fa-fb69-96783eda9e0f}
2015-04-14 19:06 - 2015-04-14 19:06 - 00374272 _____ () C:\Users\Diolan\Downloads\Super_Smash_Bros_Melee_U_OneUp.exe
2015-04-14 19:06 - 2015-04-14 19:06 - 00000000 ____D () C:\ProgramData\pplckchkbegbphedmogocpkmajicdglp
2015-04-14 19:00 - 2015-04-14 19:04 - 00000000 ____D () C:\Program Files\Dolphin
2015-04-14 19:00 - 2015-04-14 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2015-04-14 18:58 - 2015-04-14 18:58 - 10150809 _____ () C:\Users\Diolan\Downloads\dolphin-x64-4.0.2.exe
2015-04-14 18:54 - 2015-04-14 19:06 - 602023884 _____ () C:\Users\Diolan\Downloads\Super Smash Bros. Melee (USA) (v1.02) (1).7z.crdownload
2015-04-14 18:35 - 2015-04-14 18:35 - 00041188 _____ () C:\Users\Diolan\Downloads\70581-super-smash-bros-brawl-usa-wii-english.torrent
2015-04-14 18:29 - 2015-04-14 19:31 - 00000000 ____D () C:\Users\Diolan\Documents\Dolphin Emulator
2015-04-14 16:41 - 2015-04-14 16:41 - 00000000 ____D () C:\Users\Diolan\AppData\Local\openvr
2015-04-11 22:26 - 2015-04-11 22:27 - 00000000 ____D () C:\Halo Online
2015-04-11 21:48 - 2015-04-11 21:48 - 00021656 _____ (Echobit, LLC) C:\Windows\system32\Drivers\evolve.sys
2015-04-11 21:48 - 2015-04-11 21:48 - 00002034 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2015-04-11 21:48 - 2015-04-11 21:48 - 00002022 _____ () C:\Users\Public\Desktop\Evolve.lnk
2015-04-11 21:47 - 2015-04-11 21:47 - 00000000 ____D () C:\Users\Diolan\AppData\Local\Echobit
2015-04-11 21:47 - 2015-04-11 21:47 - 00000000 ____D () C:\ProgramData\Echobit
2015-04-11 21:47 - 2015-04-11 21:47 - 00000000 ____D () C:\Program Files\Echobit
2015-04-08 03:29 - 2015-04-08 03:29 - 00000953 _____ () C:\Users\Diolan\Desktop\ESEA Client.lnk
2015-04-07 02:00 - 2015-04-07 02:00 - 00000982 _____ () C:\Users\Public\Desktop\Minecraft.lnk
2015-04-06 20:52 - 2015-04-15 21:17 - 00000000 ____D () C:\Users\Diolan\Desktop\Dolphin-x64
2015-04-06 20:52 - 2015-04-06 20:52 - 05104191 _____ () C:\Users\Diolan\Downloads\dolphin-master-4.0-5973-x64.7z
2015-04-04 22:00 - 2015-04-04 22:00 - 00341871 _____ () C:\Users\Diolan\Downloads\metal_gear_4.m4r
2015-04-04 21:59 - 2015-04-04 21:59 - 00476082 _____ () C:\Users\Diolan\Downloads\metal_gear_saga.m4r
2015-04-04 21:59 - 2015-04-04 21:59 - 00346084 _____ () C:\Users\Diolan\Downloads\borderlands_2 (1).m4r
2015-04-04 21:57 - 2015-04-04 21:57 - 00453174 _____ () C:\Users\Diolan\Downloads\sword_art_online.m4r
2015-04-04 21:57 - 2015-04-04 21:57 - 00265055 _____ () C:\Users\Diolan\Downloads\gnar_dance.m4r
2015-04-04 21:54 - 2015-04-04 21:54 - 00392574 _____ () C:\Users\Diolan\Downloads\borderlands_2.m4r
2015-04-04 21:53 - 2015-04-04 21:53 - 00475003 _____ () C:\Users\Diolan\Downloads\metal_gear_1.m4r
2015-04-04 21:48 - 2015-04-04 21:48 - 00292925 _____ () C:\Users\Diolan\Downloads\metal_gear_solid.m4r
2015-03-29 16:19 - 2015-03-29 16:20 - 00000000 ____D () C:\Users\Diolan\RuneLoader
2015-03-29 16:17 - 2015-03-29 16:19 - 00000000 ____D () C:\Users\Diolan\.runeloader_data
2015-03-18 09:27 - 2015-03-18 09:27 - 00000001 _____ () C:\Users\Diolan\rlvote.txt
2015-03-17 16:26 - 2015-03-17 16:26 - 00000000 ____D () C:\Users\Diolan\Tracing
2015-03-16 20:07 - 2015-03-16 20:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2015-03-16 20:07 - 2015-03-16 20:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 21:24 - 2014-07-09 20:18 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\Skype
2015-04-15 21:02 - 2015-02-24 23:06 - 00000000 ____D () C:\Users\Diolan\AppData\Local\CrashDumps
2015-04-15 21:02 - 2015-01-25 22:10 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\TS3Client
2015-04-15 21:02 - 2014-07-24 20:55 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\uTorrent
2015-04-15 21:02 - 2014-07-17 07:52 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\DAEMON Tools Pro
2015-04-15 21:02 - 2014-07-13 03:31 - 00000000 ____D () C:\Windows\Minidump
2015-04-15 21:02 - 2014-07-09 21:31 - 00000000 ____D () C:\Windows\Panther
2015-04-15 21:02 - 2014-07-09 19:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-15 20:57 - 2014-07-09 17:58 - 01103255 ____N () C:\Windows\WindowsUpdate.log
2015-04-15 20:51 - 2014-12-16 03:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-15 20:50 - 2015-02-01 07:47 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2015-04-15 20:48 - 2014-07-09 18:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-15 17:48 - 2014-07-09 18:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-15 16:13 - 2009-07-14 01:13 - 00006346 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 16:07 - 2014-07-31 00:13 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\sys32
2015-04-15 16:07 - 2014-07-30 14:33 - 00000000 ____D () C:\Users\Diolan\AppData\Local\Spotify
2015-04-15 16:07 - 2014-07-30 14:31 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\Spotify
2015-04-15 16:07 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-15 03:23 - 2014-07-10 04:02 - 00000000 ____D () C:\Users\Diolan\AppData\Local\Battle.net
2015-04-14 18:36 - 2014-08-05 01:40 - 00000000 ____D () C:\Users\Diolan\Desktop\Games
2015-04-14 16:51 - 2014-12-16 03:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 16:51 - 2014-12-16 03:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 16:51 - 2014-12-16 03:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 21:24 - 2014-07-10 18:54 - 00000045 _____ () C:\Users\Diolan\jagex_cl_oldschool_LIVE.dat
2015-04-11 00:41 - 2014-08-24 06:08 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-04-10 21:40 - 2014-07-09 20:31 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\OBS
2015-04-10 02:09 - 2014-07-20 00:31 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\vlc
2015-04-10 01:30 - 2015-02-05 11:08 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\Curse Client
2015-04-09 23:04 - 2014-08-12 23:02 - 00000000 ____D () C:\Users\Diolan\AppData\Roaming\.minecraft
2015-04-09 14:36 - 2014-09-15 18:36 - 00000000 ____D () C:\ProgramData\Origin
2015-04-09 03:55 - 2009-07-14 00:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 03:55 - 2009-07-14 00:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-08 00:41 - 2015-03-14 23:57 - 00000000 ____D () C:\Users\Diolan\AppData\Local\Deployment
2015-04-07 20:18 - 2014-07-10 04:02 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-07 02:00 - 2014-12-21 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-04-07 02:00 - 2014-12-21 14:20 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-04-04 13:24 - 2009-07-14 01:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-29 16:19 - 2014-07-09 17:59 - 00000000 ____D () C:\Users\Diolan
2015-03-25 16:17 - 2014-07-09 20:31 - 00000000 ____D () C:\Program Files (x86)\OBS
2015-03-25 08:06 - 2014-07-30 17:49 - 00001713 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-03-25 08:06 - 2014-07-30 17:49 - 00000000 ____D () C:\Program Files\Rainmeter
2015-03-18 09:27 - 2014-11-27 01:56 - 00000000 _____ () C:\Users\Diolan\songList.txt
2015-03-17 16:40 - 2014-07-09 20:18 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-17 16:40 - 2014-07-09 20:18 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2014-12-04 04:00 - 2014-12-04 04:00 - 0000030 _____ () C:\Users\Diolan\AppData\Roaming\.runescape_cache.dat
2015-01-20 00:56 - 2015-01-20 00:56 - 0007602 _____ () C:\Users\Diolan\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\Diolan\AppData\Local\setup.txt
2015-04-04 21:38 - 2015-04-04 21:50 - 0082068 _____ () C:\Users\Diolan\AppData\Local\ZedgeLog.txt

Files to move or delete:
====================
C:\Users\Diolan\5FD64C77B7ECACC7315CD3FC2C86E70D.dat
C:\Users\Diolan\7A1920D61156ABC05A60135AEFE8BC67.dat
C:\Users\Diolan\829CFEFC69C06850A5725503FB7D9FF0.dat
C:\Users\Diolan\boomscape_cl_boomscape_LIVE.dat
C:\Users\Diolan\jagex_cl_oldschool_LIVE.dat
C:\Users\Diolan\jagex_cl_oldschool_LIVE1.dat
C:\Users\Diolan\jagex_cl_runescape_LIVE.dat
C:\Users\Diolan\random.dat
C:\Users\Diolan\system32log.dat
C:\Users\Diolan\YOUR CLIENT NAME HERE_runescape_preferences.dat
C:\Users\Diolan\YOUR CLIENT NAME HERE_runescape_preferences2.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-04 17:56

==================== End Of Log ============================

Dragonsgg · Apr 15, 2015

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04
Ran by Diolan at 2015-04-15 21:26:01
Running from C:\Users\Diolan\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Action! (HKLM-x32\...\{7A9DEE45-1F8D-4D1A-A9EA-F0108DAE6FEC}) (Version: 1.9.0 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.0 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bots 1 (HKLM-x32\...\Bots 1) (Version: 1 - Zylon Gaming)
Broadcom 802.11n Network Adapter (HKLM-x32\...\{AFD36BF1-DA28-4702-A83F-C49D03199A0F}) (Version: 07.13.2006 - Broadcom)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Content Manager Assistant for PlayStation(R) (HKLM-x32\...\{81AD22B9-C28A-45a3-94B3-5FECD221AD5C}) (Version: 3.10.7525.4 - Sony Computer Entertainment Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
Defiance (HKLM-x32\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
DS3 Tool 1.0005 Windows (HKLM-x32\...\{C029726A-CCBF-46D8-893A-E62105DB9803}_is1) (Version: 1.0005 - MotionInJoy.)
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
ESEA Client (HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.11 - Echobit, LLC)
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
f.lux (HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Flux) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hauppauge Capture (HKLM-x32\...\Hauppauge Capture) (Version: 1.0.32168 - Hauppauge Computer Works)
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.3.32191 - Hauppauge Computer Works, Inc.)
Hauppauge StreamEez (HKLM-x32\...\Hauppauge StreamEez) (Version: 1.3.32191 - Hauppauge Computer Works, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Network Connections 16.5.2.0 (HKLM\...\PROSetDX) (Version: 16.5.2.0 - Intel)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - )
Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Livestreamer 1.10.2 (HKLM-x32\...\Livestreamer) (Version: - )
MapleStory (HKLM-x32\...\Steam App 216150) (Version: - Nexon)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mumble 1.3.0 (HKLM\...\{949B2D8F-C4CB-48AB-95B8-0C027F83267C}) (Version: 1.3.0 - The Mumble team)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.9 - Portforward, LLC)
Ragnarok (HKLM-x32\...\Steam App 215100) (Version: - Gravity Interactive)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.16.22443 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spotify (HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TeeBoard: The Twitch Army Knife (HKLM-x32\...\be.gip.twitch.TeeBoard) (Version: 0.1.5 - UNKNOWN)
TeeBoard: The Twitch Army Knife (x32 Version: 0.1.5 - UNKNOWN) Hidden
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
TRENDnet TEW-649UB Wireless N speed USB Adapter (HKLM-x32\...\{35163C1D-77D1-4D6C-B7D5-B22E6EEBE2A8}) (Version: 1.06.0001 - TRENDnet)
TwitchAlerts (HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
ZMR (HKLM-x32\...\{EF14889D-3ECF-4289-91AC-4236CD983CA3}) (Version: 1.0.4.0000 - En Masse Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

15-04-2015 20:56:25 Device Driver Package Install: www.MotioninJoy.com Microsoft Common Controller For Windows Class

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0376B089-D64C-4E6A-B9E5-3C6ABFE89E84} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {0F0D1965-2273-4066-B2F4-4BF7D1C906D2} - System32\Tasks\{567864AD-98F6-48E6-B732-737CE1E7E685} => D:\League Of Legends\lol.launcher.exe
Task: {1EC70C90-6033-4E34-9C09-1274B58289D6} - System32\Tasks\{3A4B7AC7-C7F9-450F-90ED-868F2328C7A9} => D:\League Of Legends\lol.launcher.admin.exe
Task: {254B246C-B12C-4067-82FC-365C7157B4CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {54A6A40A-E410-491F-A56C-B1103695166C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-09] (Google Inc.)
Task: {6B40C04E-F025-4DBD-B516-8E0F1F9E47D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-09] (Google Inc.)
Task: {79E8CB39-F3BB-4C15-9D1D-96E9986BC857} - System32\Tasks\{3D3CF043-96C7-4E98-956E-C2E4D709E1AC} => pcalua.exe -a "G:\DAEMON Tools Pro\InstallGadget.exe" -d "G:\DAEMON Tools Pro"
Task: {80BF43BF-3DCF-4F89-BB19-A3E9B7883A6B} - System32\Tasks\{D28EA8CB-2FDC-422B-923C-721358B42188} => C:\Riot Games\League of Legends KR\lol.launcher.admin.exe
Task: {C89BC458-E95E-4819-8BBA-94588B28B3B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {D96799BA-8427-4D80-A4F7-6FEB2CBB7AAD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E261AB45-EBDA-4F26-9290-803BD8F99DF4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-14 15:01 - 2014-07-14 15:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-09 18:15 - 2008-06-26 19:09 - 00167936 _____ () C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-12 19:21 - 2013-02-18 08:23 - 00695808 _____ () C:\Program Files (x86)\Dual Monitor\ExplorerHook64.dll
2014-07-09 18:15 - 2011-10-07 15:25 - 00581632 _____ () C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe
2015-04-06 20:52 - 2015-04-06 09:35 - 13341696 _____ () C:\Users\Diolan\Desktop\Dolphin-x64\Dolphin.exe
2015-04-06 20:52 - 2015-01-26 22:30 - 00797305 _____ () C:\Users\Diolan\Desktop\Dolphin-x64\OpenAL32.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-07-09 18:15 - 2011-08-11 10:18 - 00413696 _____ () C:\Program Files\TRENDnet\TEW-649UB\WlanDll.dll
2014-07-09 18:15 - 2011-08-26 11:55 - 00294912 _____ () C:\Program Files\TRENDnet\TEW-649UB\WPSCtrl.dll
2014-07-10 03:10 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-07-10 03:10 - 2009-07-10 09:07 - 00166912 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-07-09 19:24 - 2015-03-10 02:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 16:23 - 2014-12-01 20:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 16:23 - 2014-12-01 20:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 16:23 - 2014-12-01 20:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-07-09 19:24 - 2015-04-13 19:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-03 15:54 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-03 15:54 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-03 15:54 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-03 15:54 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-03 15:54 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-07-09 19:24 - 2015-04-13 19:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-09 19:24 - 2015-02-24 21:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 12:42 - 2015-02-24 21:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-04-03 17:49 - 2015-03-30 17:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-03 17:49 - 2015-03-30 17:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-03 17:49 - 2015-03-30 17:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-03 17:49 - 2015-03-30 17:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1416841813-2958593455-3838444299-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Diolan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.68.220.220

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-1416841813-2958593455-3838444299-500 - Administrator - Disabled)
Diolan (S-1-5-21-1416841813-2958593455-3838444299-1000 - Administrator - Enabled) => C:\Users\Diolan
Guest (S-1-5-21-1416841813-2958593455-3838444299-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1416841813-2958593455-3838444299-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2015 09:19:11 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (04/15/2015 08:50:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DisplayFusion.exe, version: 7.1.0.0, time stamp: 0x54ad5075
Faulting module name: mscorwks.dll, version: 2.0.50727.5420, time stamp: 0x4ca2b7e1
Exception code: 0xc0000005
Fault offset: 0x000000000017355f
Faulting process id: 0x%9
Faulting application start time: 0xDisplayFusion.exe0
Faulting application path: DisplayFusion.exe1
Faulting module path: DisplayFusion.exe2
Report Id: DisplayFusion.exe3

Error: (04/15/2015 08:50:20 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5420 - Fatal Execution Engine Error (000007FEF7EDAF0E) (80131506)

Error: (04/15/2015 08:50:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DisplayFusionService.exe, version: 7.1.0.0, time stamp: 0x54ad50ec
Faulting module name: mscorwks.dll, version: 2.0.50727.5420, time stamp: 0x4ca2b7e1
Exception code: 0xc0000005
Fault offset: 0x000000000017355f
Faulting process id: 0x%9
Faulting application start time: 0xDisplayFusionService.exe0
Faulting application path: DisplayFusionService.exe1
Faulting module path: DisplayFusionService.exe2
Report Id: DisplayFusionService.exe3

Error: (04/15/2015 08:50:03 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5420 - Fatal Execution Engine Error (000007FEF7EDAF0E) (80131506)

Error: (04/15/2015 05:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Diolan-PC.local already in use; will try Diolan-PC-2.local instead

Error: (04/15/2015 05:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Diolan-PC.local. Addr 192.168.2.11

Error: (04/15/2015 05:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.31:5353 4 Diolan-PC.local. Addr 192.168.2.31

Error: (04/15/2015 04:54:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Diolan-PC.local already in use; will try Diolan-PC-2.local instead

Error: (04/15/2015 04:54:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Diolan-PC.local. Addr 192.168.2.11

System errors:
=============
Error: (04/15/2015 09:19:11 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (04/15/2015 08:50:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DisplayFusionService service terminated unexpectedly. It has done this 1 time(s).

Error: (04/15/2015 01:15:25 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/14/2015 06:52:46 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/12/2015 10:03:41 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ANNABELLE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{80A1ADCE-CC72-4A27-9684-87295C42B3F7}.
The master browser is stopping or an election is being forced.

Error: (04/12/2015 05:50:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Evolve Service service terminated unexpectedly. It has done this 2 time(s).

Error: (04/12/2015 05:39:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Evolve Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/11/2015 09:01:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:00:26 PM on ‎4/‎11/‎2015 was unexpected.

Error: (04/10/2015 08:10:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (04/10/2015 08:10:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Microsoft Office Sessions:
=========================
Error: (04/15/2015 09:19:11 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005

Error: (04/15/2015 08:50:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DisplayFusion.exe7.1.0.054ad5075mscorwks.dll2.0.50727.54204ca2b7e1c0000005000000000017355f

Error: (04/15/2015 08:50:20 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5420 - Fatal Execution Engine Error (000007FEF7EDAF0E) (80131506)

Error: (04/15/2015 08:50:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DisplayFusionService.exe7.1.0.054ad50ecmscorwks.dll2.0.50727.54204ca2b7e1c0000005000000000017355f

Error: (04/15/2015 08:50:03 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5420 - Fatal Execution Engine Error (000007FEF7EDAF0E) (80131506)

Error: (04/15/2015 05:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Diolan-PC.local already in use; will try Diolan-PC-2.local instead

Error: (04/15/2015 05:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Diolan-PC.local. Addr 192.168.2.11

Error: (04/15/2015 05:07:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.31:5353 4 Diolan-PC.local. Addr 192.168.2.31

Error: (04/15/2015 04:54:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Diolan-PC.local already in use; will try Diolan-PC-2.local instead

Error: (04/15/2015 04:54:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Diolan-PC.local. Addr 192.168.2.11

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8167.02 MB
Available physical RAM: 4201.88 MB
Total Pagefile: 16332.23 MB
Available Pagefile: 11695.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:111.79 GB) (Free:17.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (OS Iso) (Fixed) (Total:9.67 GB) (Free:2.72 GB) NTFS
Drive g: () (Fixed) (Total:921.75 GB) (Free:326.11 GB) NTFS
Drive h: (CD_ROM) (CDROM) (Total:3.48 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0000C4B9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=921.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A480DCB2)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Broni · Apr 15, 2015

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=============================

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
- Launch Malwarebytes Anti-Malware
- A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Inactive Sale Plus Virus.

Dragonsgg

Dragonsgg

Broni

Posts: 56,041 +516

Similar threads

Latest posts