Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE 11 Proxy Error 127.0.0.1:8080


  • This topic is locked This topic is locked
4 replies to this topic

#1 xPretend

xPretend

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:15 PM

Posted 03 June 2015 - 03:37 PM

Hey Everyone!

 

I was told to make a new post here about my problem to seek further help. Here is the previous link!  http://www.bleepingcomputer.com/forums/t/578261/ie-11-proxy-error-1270018080/

As of last night I noticed I can't run my game anymore it was popping up with an error

here is a picture of what it looks like!

 

3cb55099ba.png

 

I did some research and it all pointed to a proxy error with Internet Explorer 11 seeing as the game uses it for it's launcher.

I dont normally use internet explorer 11 however I did check to see if it was infact having any issues and when I launched it I could see it was.

so here is a picture of the overall problem I am seeking help for.

 

0e96b93500.png

 

I ran various scanners from my previous helper and they did find and remove alot of stuff!

She directed me to you after we discovered that reseting my modem would fix the problem for a minute or so.

after that it would revert back to it's problem stage

I did suspect my VPN Private internet access and removed it with a guide online the problem persists.

I followed the guide and got the logs it asks for so i'll post those! I hope to hear from you guys. excellent crowd here :)

 

LOG RESULTS

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by City wok (administrator) on CITYWOK-PC on 03-06-2015 14:20:55
Running from C:\Users\City wok\Downloads
Loaded Profiles: City wok (Available Profiles: City wok)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\puush\puush.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hirez Studios, Inc.) C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\Smite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hi-Rez Studios\HirezGameNotifier.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WTClient] => C:\Windows\SysWOW64\WTClient.exe [41280 2012-05-30] (Tablet Driver)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-29] ()
HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\Run: [Akamai NetSession Interface] => C:\Users\City wok\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\Run: [Spotify Web Helper] => C:\Users\City wok\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-30] (Spotify Ltd)
HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-20] (Disc Soft Ltd)
HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\MountPoints2: {592c3f3e-f2f3-11e4-a428-00acf0947de5} - G:\Install.exe
HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\MountPoints2: {592c3f46-f2f3-11e4-a428-00acf0947de5} - H:\NoAutorun.exe
AppInit_DLLs-x32: c:/progra~3/{c3062~1/192~1.1/nafi.dll => "c:\progra~3\{c3062~1\192~1.1\nafi.dll" File not found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [HKLM-x32] => file://C:\Windows\system32\Drivers\winpacket.pac
AutoConfigURL: [S-1-5-19] => file://C:\Windows\system32\Drivers\winpacket.pac
AutoConfigURL: [S-1-5-20] => file://C:\Windows\system32\Drivers\winpacket.pac
HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-26] (Oracle Corporation)
DPF: HKLM-x32 {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher_v1013.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value
Hosts: 194.145.200.27 pagead2.googlesyndication.com
Tcpip\Parameters: [DhcpNameServer] 74.211.15.210 74.211.15.211
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://google.com/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\City wok\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: pmang.jp/pmangdiagnostic-1 -> C:\GameOn\Common files\nppmangdiagnostic.dll [2015-03-24] (gameon)
FF Plugin-x32: pmang.jp/pmangsupport-1 -> C:\GameOn\Common files\nppmangsupport.dll [2015-03-24] (gameon)
FF Extension: ColorfulTabs - C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-27]
FF Extension: Firefox Security Update - C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590\Extensions\jid1-aMet0JAAbFecLw@jetpack.xpi [2015-03-12]
FF Extension: Dealz - C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590\Extensions\jid1-rrMTK7JqsxNOeQ@jetpack.xpi [2015-02-23]
FF Extension: YouTube™ HD Plus - C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590\Extensions\jid1-wkCmfgboni3B1Q@jetpack.xpi [2014-11-04]
FF Extension: Page Info Button - C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590\Extensions\pageinfobutton@wirble.de.xpi [2015-01-03]
FF Extension: Adblock Plus - C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-04]
FF Extension: YouTube Flash Video Player - C:\Users\City wok\AppData\Roaming\Mozilla\Firefox\Profiles\90mh6u3r.default-1400386673590\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2014-11-04]
FF Extension: Firefox Security Update - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-aMet0JAAbFecLw@jetpack.xpi [2015-03-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]

Chrome:
=======
CHR Profile: C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-26]
CHR Extension: (Google Drive) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-26]
CHR Extension: (YouTube) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-26]
CHR Extension: (Google Search) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-26]
CHR Extension: (Bookmark Manager) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (MS Updater) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\iadddcofhgaeeniecnhpopipbhijnphj [2015-05-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-26]
CHR Extension: (Currently) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh [2014-10-06]
CHR Extension: (Gmail) - C:\Users\City wok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-26]
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bghejdcdajlenjngcknlkkoakmmjfanb] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eajjckckolcbgmmenaiiigegbadpeghb] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iadddcofhgaeeniecnhpopipbhijnphj] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iedokolghlgkcnafplkbjeokfamliokd] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jddmfogomafbmjkfcpfpnjfgecnjffng] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kpmccjcnkhkgcipodalpmbpighkgiaif] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lopcjmbilgeapfldddijpgpahphngjdk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhgliccaogcekoldfmachhehepjdfobj] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfkbfmjkmioenefhjdonleflegoephgm] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pedogdjgmjlabbbdhokgdafpglnjinhc] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bghejdcdajlenjngcknlkkoakmmjfanb] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eajjckckolcbgmmenaiiigegbadpeghb] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iadddcofhgaeeniecnhpopipbhijnphj] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iedokolghlgkcnafplkbjeokfamliokd] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jddmfogomafbmjkfcpfpnjfgecnjffng] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpmccjcnkhkgcipodalpmbpighkgiaif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [lopcjmbilgeapfldddijpgpahphngjdk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mhgliccaogcekoldfmachhehepjdfobj] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nfkbfmjkmioenefhjdonleflegoephgm] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pedogdjgmjlabbbdhokgdafpglnjinhc] - https://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (iWebar) - C:\Users\City wok\AppData\Roaming\Opera Software\Opera Stable\Extensions\hdhmofnopkgkpgnpggloijpbnaonhplc [2015-05-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-20] (Disc Soft Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3650024 2015-04-09] (INCA Internet Co., Ltd.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [999152 2015-05-04] (Overwolf LTD)
S4 PingzapperSvc; C:\Program Files (x86)\Pingzapper\PZService.exe [679424 2012-06-11] () [File not signed]
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
S2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WNDA6200; C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe [18944 2014-03-14] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 A6200; C:\Windows\System32\DRIVERS\bcmwlhigh664.sys [2567984 2013-02-28] (Broadcom Corporation)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-06-03] (Emsisoft GmbH)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-05-31] (Disc Soft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-03] ()
S3 hxsyol; C:\Windows\system32\hxsy64.sys [86352 2015-03-07] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 Neo_BD; C:\Windows\System32\DRIVERS\Neo_0032.sys [28640 2015-05-14] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0068.sys [28640 2015-05-14] (SoftEther VPN Project at University of Tsukuba, Japan.)
R1 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-26] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-10] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-10] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [35496 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-02-04] (Razer, Inc.)
S3 SEE; C:\Windows\System32\drivers\see.sys [38240 2015-05-14] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31232 2015-05-15] (The OpenVPN Project) [File not signed]
S3 tap0901cn; C:\Windows\System32\DRIVERS\tap0901cn.sys [39616 2014-12-29] (Connectify)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 14:20 - 2015-06-03 14:21 - 00025018 _____ C:\Users\City wok\Downloads\FRST.txt
2015-06-03 14:20 - 2015-06-03 14:20 - 02108928 _____ (Farbar) C:\Users\City wok\Downloads\FRST64.exe
2015-06-03 14:20 - 2015-06-03 14:20 - 00000000 ____D C:\FRST
2015-06-03 13:32 - 2015-06-03 13:32 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-03 13:30 - 2015-06-03 13:30 - 02870984 _____ (ESET) C:\Users\City wok\Downloads\esetsmartinstaller_enu.exe
2015-06-03 11:54 - 2015-06-03 11:54 - 00000743 _____ C:\Users\City wok\Desktop\Start Emsisoft Emergency Kit.lnk
2015-06-03 11:54 - 2015-06-03 11:54 - 00000000 ____D C:\EEK
2015-06-03 11:53 - 2015-06-03 11:54 - 156177752 _____ C:\Users\City wok\Downloads\EmsisoftEmergencyKit.exe
2015-06-03 11:52 - 2015-06-03 11:52 - 00001302 _____ C:\Users\City wok\Desktop\JRT.txt
2015-06-03 11:50 - 2015-06-03 11:50 - 02942610 _____ (Thisisu) C:\Users\City wok\Downloads\JRT(1).exe
2015-06-03 11:27 - 2015-06-03 11:27 - 02231296 _____ C:\Users\City wok\Downloads\AdwCleaner.exe
2015-06-03 10:51 - 2015-06-03 10:51 - 00064748 _____ C:\Users\City wok\Desktop\Result.txt
2015-06-03 10:39 - 2015-06-03 10:39 - 00403456 _____ (Farbar) C:\Users\City wok\Downloads\MiniToolBox.exe
2015-06-03 03:36 - 2015-06-03 03:36 - 00019346 _____ C:\Windows\system32\.crusader
2015-06-03 03:34 - 2015-06-03 03:37 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-06-03 03:34 - 2015-06-03 03:34 - 00001897 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-06-03 03:34 - 2015-06-03 03:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-06-03 03:34 - 2015-06-03 03:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-03 03:33 - 2015-06-03 03:36 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-03 03:32 - 2015-06-03 03:33 - 11024496 _____ (SurfRight B.V.) C:\Users\City wok\Downloads\HitmanPro_x64.exe
2015-06-03 03:28 - 2015-06-03 03:28 - 00000207 _____ C:\Windows\tweaking.com-regbackup-CITYWOK-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-03 03:28 - 2015-06-03 03:28 - 00000000 ____D C:\RegBackup
2015-06-03 03:27 - 2015-06-03 03:27 - 02947766 _____ (Thisisu) C:\Users\City wok\Downloads\JRT.exe
2015-06-03 01:27 - 2015-06-03 11:47 - 00000000 ____D C:\AdwCleaner
2015-06-03 01:24 - 2015-06-03 14:03 - 00000879 _____ C:\Users\City wok\Downloads\Result.txt
2015-06-03 01:18 - 2015-06-03 01:18 - 00659968 _____ C:\Users\City wok\Downloads\MicrosoftFixit50195.msi
2015-06-03 00:59 - 2015-06-03 00:59 - 00001604 _____ C:\Users\City wok\Desktop\Echo of Soul.lnk
2015-06-03 00:55 - 2015-06-03 00:55 - 00002028 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-06-03 00:55 - 2015-06-03 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-06-03 00:55 - 2015-06-03 00:55 - 00000000 ____D C:\Program Files (x86)\Aeria Games
2015-06-03 00:38 - 2015-06-03 00:55 - 00000000 ____D C:\AeriaGames
2015-06-03 00:38 - 2015-06-03 00:38 - 00505880 _____ (Aeria Games & Entertainment) C:\Users\City wok\Downloads\echoofsoul_us_downloader.exe
2015-06-02 21:17 - 2015-06-02 21:17 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-02 21:16 - 2015-06-02 21:17 - 40466392 _____ C:\Users\City wok\Downloads\Firefox Setup 38.0.5.exe
2015-06-02 20:27 - 2015-06-03 02:24 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-02 20:18 - 2015-06-02 20:18 - 00662016 _____ C:\Users\City wok\Downloads\MicrosoftFixit50566(1).msi
2015-06-02 20:17 - 2015-06-02 20:17 - 00662016 _____ C:\Users\City wok\Downloads\MicrosoftFixit50566.msi
2015-06-02 19:35 - 2015-06-02 19:35 - 00002760 _____ C:\ProgramData\HirezPipeError.txt
2015-06-01 00:47 - 2015-06-01 00:46 - 04857932 _____ C:\Users\City wok\Documents\P99Files36 (2).zip
2015-06-01 00:46 - 2015-06-01 00:46 - 04857932 _____ C:\Users\City wok\Downloads\P99Files36 (2).zip
2015-05-31 18:33 - 2015-05-31 18:33 - 04857932 _____ C:\Users\City wok\Downloads\P99Files36.zip
2015-05-31 18:33 - 2015-05-31 18:33 - 04857932 _____ C:\Users\City wok\Downloads\P99Files36 (1).zip
2015-05-31 17:56 - 2015-06-02 21:12 - 00000000 ____D C:\Users\City wok\AppData\Local\Disc_Soft_Ltd
2015-05-31 17:55 - 2015-06-02 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EverQuest
2015-05-31 17:55 - 2015-06-02 21:12 - 00000000 ____D C:\Program Files (x86)\Sony
2015-05-31 17:55 - 2015-05-31 18:14 - 00002019 _____ C:\Users\Public\Desktop\EverQuest.lnk
2015-05-31 17:55 - 2015-05-31 17:55 - 00001796 _____ C:\ProgramData\Microsoft\Windows\Start Menu\EverQuest.lnk
2015-05-31 17:46 - 2015-05-31 17:46 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-05-31 17:44 - 2015-06-01 01:55 - 00000258 __RSH C:\Users\City wok\ntuser.pol
2015-05-31 17:44 - 2015-05-31 17:44 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-05-31 17:44 - 2015-05-31 17:44 - 00000000 ____D C:\Windows\Lists
2015-05-31 17:44 - 2015-05-31 17:44 - 00000000 ____D C:\Program Files (x86)\66cdc8ce-1d36-42bf-a2a7-4125e69c04d1
2015-05-31 17:44 - 2015-05-31 17:44 - 00000000 ____D C:\Program Files (x86)\25f304f4-b036-4247-9aba-99149c2cd9c3
2015-05-31 17:44 - 2015-04-25 03:18 - 00295424 _____ (Groom-A-Zebu ™ ) C:\Windows\system32\ysxja.exe
2015-05-31 17:44 - 2015-04-25 03:18 - 00295424 _____ (Groom-A-Zebu ™ ) C:\Windows\cygavb.exe
2015-05-31 17:44 - 2015-04-25 03:18 - 00053248 _____ C:\Windows\zlib.dll
2015-05-31 17:44 - 2013-01-06 05:43 - 00000074 _____ C:\Windows\system32\Drivers\winpacket.pac
2015-05-31 17:44 - 2013-01-06 05:43 - 00000074 _____ C:\Windows\system32\Drivers\healusb.sys
2015-05-31 17:44 - 2013-01-06 05:43 - 00000074 _____ C:\Windows\system32\cygwin.sys
2015-05-31 17:44 - 2012-12-17 05:45 - 00018559 _____ C:\Windows\default.cfg
2015-05-31 17:44 - 2012-07-09 09:02 - 00279552 _____ (Eric Lawrence) C:\Windows\FiddlerCore4.dll
2015-05-31 17:43 - 2015-06-02 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-05-31 17:43 - 2015-05-31 17:45 - 00000000 ____D C:\ProgramData\TEMP
2015-05-31 17:43 - 2015-05-31 17:43 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-05-31 17:43 - 2015-05-31 17:43 - 00001773 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-05-31 17:43 - 2015-05-31 17:43 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-05-31 17:43 - 2013-12-05 05:36 - 00003542 _____ C:\Windows\mstdcvtr.bat
2015-05-31 17:43 - 2013-06-05 06:38 - 00004122 _____ C:\Windows\plofgye
2015-05-31 17:43 - 2013-06-05 06:37 - 00004194 _____ C:\Windows\soxe
2015-05-31 17:43 - 2013-06-05 06:36 - 00000038 _____ C:\Windows\initcvtr.bat
2015-05-31 17:42 - 2015-05-31 17:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\City wok\Downloads\DTLiteInstaller.exe
2015-05-31 17:39 - 2015-05-31 17:39 - 00000000 ____D C:\Users\City wok\Desktop\EverQuest Titanium
2015-05-30 11:04 - 2015-05-30 11:04 - 00324639 _____ C:\Users\Apps\local-files-desktop.spa
2015-05-28 19:35 - 2015-05-28 19:35 - 00001134 _____ C:\Users\City wok\Desktop\TeamSpeak 3 Client.lnk
2015-05-22 20:36 - 2015-06-02 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-22 05:14 - 2015-05-30 11:04 - 00145701 _____ C:\Users\Apps\hub.spa
2015-05-18 22:38 - 2015-05-18 22:38 - 04314120 _____ (Golden Frog, GmbH) C:\Users\City wok\Downloads\VyprVPN-2.7.5.5242-installer (3).exe
2015-05-16 13:16 - 2015-05-16 13:16 - 00475904 _____ C:\Users\City wok\Downloads\Get Song by soeew.zip
2015-05-16 13:14 - 2015-06-02 21:12 - 00000000 ____D C:\Users\City wok\AppData\Local\rekty.com
2015-05-16 13:13 - 2015-05-31 21:25 - 00000106 _____ C:\Users\City wok\Desktop\Get_Song_by_soeew.txt
2015-05-16 13:13 - 2015-05-16 13:17 - 00000000 ____D C:\Users\City wok\Desktop\New folder
2015-05-16 13:13 - 2015-05-16 13:13 - 00261163 _____ C:\Users\City wok\Downloads\Get Song by soeew.rar
2015-05-16 12:57 - 2015-05-16 12:57 - 00490317 _____ C:\Users\City wok\Downloads\SMD-0.1.0.0.zip
2015-05-16 12:57 - 2015-05-16 12:57 - 00000000 ____D C:\Users\City wok\AppData\Local\SMD
2015-05-16 12:52 - 2015-05-16 12:53 - 15164860 _____ C:\Users\City wok\Downloads\SMG 1.63 beta.zip
2015-05-16 00:50 - 2015-05-16 00:50 - 00000102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\검은사막.url
2015-05-16 00:50 - 2015-05-16 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum Games
2015-05-16 00:46 - 2015-05-16 00:47 - 15552360 _____ (Daum Games ) C:\Users\City wok\Downloads\BlackDesert_Setup.exe
2015-05-15 23:57 - 2015-06-03 01:13 - 00000000 ____D C:\Program Files\pia_manager
2015-05-15 23:57 - 2015-05-15 23:57 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2015-05-15 23:57 - 2015-05-15 23:57 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Titanium
2015-05-15 23:57 - 2015-05-15 23:57 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Apple Computer
2015-05-15 23:57 - 2015-05-15 23:57 - 00000000 ____D C:\Users\City wok\AppData\Local\Apple Computer
2015-05-15 22:01 - 2015-05-15 22:02 - 04314120 _____ (Golden Frog, GmbH) C:\Users\City wok\Downloads\VyprVPN-2.7.5.5242-installer (2).exe
2015-05-15 21:57 - 2015-05-15 21:57 - 00000000 ____D C:\Users\City wok\AppData\Local\Golden_Frog,_GmbH
2015-05-15 21:57 - 2015-05-15 21:57 - 00000000 ____D C:\Users\City wok\AppData\Local\Golden Frog, GmbH
2015-05-15 21:57 - 2015-05-15 21:57 - 00000000 ____D C:\ProgramData\Golden Frog, GmbH
2015-05-15 21:56 - 2015-05-15 21:57 - 04314120 _____ (Golden Frog, GmbH) C:\Users\City wok\Downloads\VyprVPN-2.7.5.5242-installer (1).exe
2015-05-15 15:47 - 2015-05-15 15:47 - 04398526 _____ (LokiReborn) C:\Users\City wok\Downloads\setup (1).exe
2015-05-14 18:52 - 2015-05-24 15:44 - 00000000 ____D C:\Program Files (x86)\VyprVPN
2015-05-14 18:52 - 2015-05-14 18:52 - 04314120 _____ (Golden Frog, GmbH) C:\Users\City wok\Downloads\VyprVPN-2.7.5.5242-installer.exe
2015-05-14 17:29 - 2015-05-14 17:29 - 00003308 _____ C:\Windows\System32\Tasks\{BC903E37-771E-4A96-B9F3-B649DF77BC01}
2015-05-14 16:56 - 2015-05-19 01:18 - 00000000 ____D C:\Users\City wok\Documents\Black Desert
2015-05-14 16:53 - 2015-05-27 18:17 - 01705960 _____ (GameOn) C:\Windows\PmangDownloader.exe
2015-05-14 16:52 - 2015-05-14 16:52 - 00000000 ____D C:\GameOn
2015-05-14 15:53 - 2015-05-14 15:53 - 00002573 _____ C:\Users\Public\Desktop\Black Desert Patcher - Japan.lnk
2015-05-14 15:47 - 2015-05-14 15:47 - 00000215 _____ C:\Users\Public\Desktop\•‚¢»”™.url
2015-05-14 15:44 - 2015-05-14 15:44 - 00028640 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0068.sys
2015-05-14 15:24 - 2015-05-14 15:24 - 04398526 _____ (LokiReborn) C:\Users\City wok\Downloads\setup.exe
2015-05-14 15:14 - 2015-05-14 15:52 - 00000000 ____D C:\Users\City wok\Desktop\BD
2015-05-14 11:49 - 2015-05-14 14:28 - 555516236 _____ C:\Users\City wok\Downloads\BlackDesert_live_1.zip
2015-05-14 11:49 - 2015-05-14 12:09 - 2139861979 _____ (GameOn) C:\Users\City wok\Downloads\BlackDesert_live.exe
2015-05-14 11:32 - 2015-05-14 11:32 - 00028640 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0028.sys
2015-05-14 11:24 - 2015-05-14 11:24 - 00038240 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\see.sys
2015-05-14 11:14 - 2015-05-14 11:14 - 00028640 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0032.sys
2015-05-14 11:13 - 2015-05-24 15:45 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-05-14 11:13 - 2015-05-14 11:13 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2015-05-13 15:03 - 2015-05-13 20:42 - 00000000 ____D C:\Users\City wok\AppData\Local\FF3_Win32
2015-05-13 15:03 - 2015-05-13 15:03 - 00000000 ____D C:\Users\City wok\Documents\Square Enix
2015-05-13 15:00 - 2015-06-03 10:44 - 00000000 ____D C:\Program Files (x86)\Final Fantasy III
2015-05-10 00:32 - 2015-05-10 00:32 - 00000000 ____D C:\Users\City wok\AppData\Local\BNSUpdater
2015-05-08 16:56 - 2015-05-14 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LokiReborn
2015-05-08 16:56 - 2015-05-14 15:53 - 00000000 ____D C:\Program Files (x86)\LokiReborn
2015-05-08 16:56 - 2015-05-08 16:56 - 00000000 ____D C:\Users\City wok\AppData\Local\Downloaded Installations
2015-05-04 15:09 - 2015-05-04 15:09 - 00044896 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapvyprvpn.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 14:19 - 2014-04-26 20:08 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Skype
2015-06-03 14:00 - 2014-04-26 11:52 - 01504480 _____ C:\Windows\WindowsUpdate.log
2015-06-03 13:51 - 2014-10-06 12:19 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-03 13:39 - 2014-05-11 00:27 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 13:30 - 2014-04-26 20:16 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 11:53 - 2009-07-13 23:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-03 11:48 - 2014-10-06 12:19 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 11:48 - 2009-07-13 22:51 - 00066413 _____ C:\Windows\setupact.log
2015-06-03 11:47 - 2014-04-25 21:33 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-03 11:47 - 2010-11-20 21:47 - 00895902 _____ C:\Windows\PFRO.log
2015-06-03 11:47 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-03 10:45 - 2014-06-10 22:39 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
2015-06-03 10:41 - 2014-05-02 19:39 - 00000000 ____D C:\Users\City wok\AppData\Roaming\uTorrent
2015-06-03 03:13 - 2014-04-26 11:52 - 00000000 ____D C:\Users\City wok
2015-06-03 03:12 - 2015-03-07 15:47 - 00000000 ____D C:\Users\City wok\AppData\Local\Akamai
2015-06-03 03:12 - 2014-07-17 09:27 - 00000000 ____D C:\Users\City wok\AppData\Roaming\puush
2015-06-03 03:12 - 2009-07-13 23:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-06-03 03:12 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-03 03:12 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2015-06-03 03:12 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 03:12 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-03 03:02 - 2015-05-02 19:24 - 00000000 ____D C:\Users\City wok\AppData\Local\Spotify
2015-06-03 01:15 - 2014-04-27 15:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 00:59 - 2015-03-07 16:51 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-06-03 00:40 - 2015-05-02 19:24 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Spotify
2015-06-02 21:17 - 2014-11-04 10:27 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-02 21:12 - 2014-10-01 06:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-02 21:12 - 2014-04-26 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-02 21:12 - 2014-04-26 20:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-02 21:12 - 2014-04-26 20:08 - 00000000 ____D C:\ProgramData\Skype
2015-06-02 21:12 - 2014-04-26 12:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-02 21:12 - 2014-04-26 11:52 - 00000000 ____D C:\Users\City wok\AppData\Local\VirtualStore
2015-06-02 21:12 - 2014-04-26 01:11 - 00000000 ____D C:\Users\City wok\AppData\Roaming\OBS
2015-06-02 21:12 - 2014-04-25 21:42 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-02 21:12 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-02 21:07 - 2011-04-12 02:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-06-02 20:47 - 2009-07-13 22:45 - 00023696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-02 20:47 - 2009-07-13 22:45 - 00023696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 02:05 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\TAPI
2015-06-01 01:55 - 2014-05-20 19:55 - 00000000 ____D C:\Users\City wok\AppData\Roaming\TS3Client
2015-06-01 01:55 - 2009-07-13 22:45 - 00277880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-01 01:51 - 2014-04-26 20:16 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-31 17:44 - 2015-03-30 07:26 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-05-31 17:44 - 2014-05-26 20:51 - 00000000 ____D C:\Program Files (x86)\Advanced Combat Tracker
2015-05-31 17:43 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-05-30 11:04 - 2015-04-25 13:41 - 41287224 _____ C:\Users\libcef.dll
2015-05-30 11:04 - 2015-04-25 13:41 - 10457856 _____ C:\Users\icudtl.dat
2015-05-30 11:04 - 2015-04-25 13:41 - 07323192 _____ (Spotify Ltd) C:\Users\Spotify.exe
2015-05-30 11:04 - 2015-04-25 13:41 - 04253463 _____ C:\Users\devtools_resources.pak
2015-05-30 11:04 - 2015-04-25 13:41 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll
2015-05-30 11:04 - 2015-04-25 13:41 - 02314260 _____ C:\Users\Apps\musixmatch-lyrics.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 02157552 _____ C:\Users\Apps\glue-resources.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2015-05-30 11:04 - 2015-04-25 13:41 - 02021944 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe
2015-05-30 11:04 - 2015-04-25 13:41 - 02018406 _____ C:\Users\cef.pak
2015-05-30 11:04 - 2015-04-25 13:41 - 01488440 _____ C:\Users\libGLESv2.dll
2015-05-30 11:04 - 2015-04-25 13:41 - 00968248 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll
2015-05-30 11:04 - 2015-04-25 13:41 - 00828468 _____ C:\Users\Apps\zlink.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00777272 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe
2015-05-30 11:04 - 2015-04-25 13:41 - 00713882 _____ C:\Users\Apps\browse.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00598403 _____ C:\Users\cef_200_percent.pak
2015-05-30 11:04 - 2015-04-25 13:41 - 00532827 _____ C:\Users\Apps\notification-center.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00523578 _____ C:\Users\Apps\collection.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00505562 _____ C:\Users\Apps\genre.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00502734 _____ C:\Users\Apps\collection-artist.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00489222 _____ C:\Users\Apps\discover.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00463102 _____ C:\Users\Apps\collection-album.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00444515 _____ C:\Users\cef_100_percent.pak
2015-05-30 11:04 - 2015-04-25 13:41 - 00436638 _____ C:\Users\Apps\article.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00419994 _____ C:\Users\Apps\messages.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00408845 _____ C:\Users\Apps\album.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00385462 _____ C:\Users\Apps\social-feed.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00363379 _____ C:\Users\Apps\collection-songs.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00361920 _____ C:\Users\Apps\charts.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00357199 _____ C:\Users\Apps\artist.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00345753 _____ C:\Users\Apps\social-chart.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00344387 _____ C:\Users\Apps\buddy-list.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00331084 _____ C:\Users\Apps\playlist-desktop.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00299819 _____ C:\Users\Apps\radio.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00285287 _____ C:\Users\Apps\folder.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00251227 _____ C:\Users\Apps\profile.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00246374 _____ C:\Users\Apps\share.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00233679 _____ C:\Users\Apps\chart.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00209721 _____ C:\Users\Apps\findfriends.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00191376 _____ C:\Users\Apps\search.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00178608 _____ C:\Users\Apps\settings.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00177470 _____ C:\Users\Apps\suggest.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00162516 _____ C:\Users\Apps\zlink-queue.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00158229 _____ C:\Users\Apps\follow.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00124472 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe
2015-05-30 11:04 - 2015-04-25 13:41 - 00112424 _____ C:\Users\Apps\zlogin.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00086386 _____ C:\Users\Apps\about.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00079928 _____ C:\Users\libEGL.dll
2015-05-30 11:04 - 2015-04-25 13:41 - 00073272 _____ C:\Users\wow_helper.exe
2015-05-30 11:04 - 2015-04-25 13:41 - 00053462 _____ C:\Users\Apps\ad.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00040253 _____ C:\Users\Apps\licenses.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00038320 _____ C:\Users\Apps\error.spa
2015-05-30 11:04 - 2015-04-25 13:41 - 00013506 _____ C:\Users\locales\en-US.pak
2015-05-30 11:04 - 2015-04-25 13:41 - 00007047 _____ C:\Users\locales\el.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00006945 _____ C:\Users\locales\ru.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00006203 _____ C:\Users\locales\ja.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00006086 _____ C:\Users\locales\fr-CA.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00006079 _____ C:\Users\locales\hu.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00006022 _____ C:\Users\locales\fr.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00006007 _____ C:\Users\locales\fi.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00006006 _____ C:\Users\locales\pl.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005947 _____ C:\Users\locales\es-419.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005914 _____ C:\Users\locales\nl.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005872 _____ C:\Users\locales\es.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005868 _____ C:\Users\locales\zsm.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005868 _____ C:\Users\locales\de.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005859 _____ C:\Users\locales\tr.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005859 _____ C:\Users\locales\it.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005858 _____ C:\Users\locales\zh-Hant.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005852 _____ C:\Users\locales\pt-BR.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005808 _____ C:\Users\locales\sv.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005694 _____ C:\Users\locales\arb.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00005623 _____ C:\Users\locales\en.mo
2015-05-30 11:04 - 2015-04-25 13:41 - 00000020 _____ C:\Users\inst_ver.dat
2015-05-30 11:04 - 2015-04-25 13:41 - 00000000 ____D C:\Users\locales
2015-05-30 11:04 - 2015-04-25 13:41 - 00000000 _____ C:\Users\City.redir
2015-05-28 19:35 - 2014-04-26 22:50 - 00000000 ____D C:\Program Files (x86)\TERA
2015-05-28 00:47 - 2015-04-01 03:07 - 00000000 ____D C:\Users\City wok\Desktop\Minion
2015-05-27 01:25 - 2014-05-26 20:52 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Advanced Combat Tracker
2015-05-25 16:53 - 2014-10-06 12:20 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-24 15:47 - 2014-05-02 16:34 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Equalify
2015-05-24 15:45 - 2015-05-03 00:18 - 00000000 ____D C:\Program Files (x86)\Neffy
2015-05-24 13:50 - 2015-03-01 23:32 - 00000000 ____D C:\Windows\pss
2015-05-23 20:14 - 2014-05-02 16:42 - 00012155 _____ C:\Users\City wok\Desktop\IP.txt
2015-05-20 06:28 - 2015-03-24 06:27 - 00003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1427200071
2015-05-20 06:28 - 2015-03-24 06:27 - 00000000 ____D C:\Program Files (x86)\Opera
2015-05-16 00:50 - 2015-03-07 16:51 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-15 05:46 - 2014-10-06 12:19 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 05:46 - 2014-10-06 12:19 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 21:42 - 2014-04-26 12:12 - 00062600 _____ C:\Users\City wok\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-14 15:34 - 2014-04-27 04:52 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-14 11:50 - 2009-07-13 23:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-14 11:25 - 2014-04-27 17:54 - 00000000 ____D C:\Users\City wok\AppData\Roaming\Mumble
2015-05-14 11:25 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-05-05 15:37 - 2015-04-25 21:36 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-05-05 00:54 - 2014-04-26 12:13 - 00000000 ____D C:\Users\City wok\AppData\Local\Deployment
2015-05-05 00:53 - 2015-04-25 21:35 - 00000000 ____D C:\Users\City wok\AppData\Local\Overwolf

==================== Files in the root of some directories =======

2015-04-01 22:10 - 2015-04-01 22:10 - 103476992 _____ () C:\Program Files (x86)\Advanced Combat Tracker.rar
2015-03-01 23:59 - 2015-03-03 12:59 - 0000125 _____ () C:\Users\City wok\AppData\Roaming\WB.CFG
2015-01-20 19:31 - 2015-01-20 19:31 - 0000038 ___SH () C:\Users\City wok\AppData\Local\1754111884ee9ab5277ca00.95260103
2014-04-26 12:04 - 2014-04-26 12:04 - 0000000 _____ () C:\Users\City wok\AppData\Local\Driver_LOM_8161Present.flag
2015-03-03 12:59 - 2015-03-03 12:59 - 0000010 _____ () C:\Users\City wok\AppData\Local\DSI.DAT
2014-07-09 22:54 - 2014-07-09 22:54 - 0000000 _____ () C:\ProgramData\1004018751
2014-07-13 18:17 - 2014-07-13 18:17 - 0000000 _____ () C:\ProgramData\1041865501
2014-07-09 22:59 - 2014-07-09 22:59 - 0000000 _____ () C:\ProgramData\1078690784
2014-07-11 22:25 - 2014-07-11 22:25 - 0000000 _____ () C:\ProgramData\1191945156
2014-07-07 11:54 - 2014-07-07 11:54 - 0000000 _____ () C:\ProgramData\1406002563
2014-07-06 22:10 - 2014-07-06 22:10 - 0000000 _____ () C:\ProgramData\1684319627
2014-07-09 17:03 - 2014-07-09 17:03 - 0000000 _____ () C:\ProgramData\1836197505
2014-07-12 08:18 - 2014-07-12 08:18 - 0000000 _____ () C:\ProgramData\2161121016
2014-07-15 19:59 - 2014-07-15 19:59 - 0000000 _____ () C:\ProgramData\330426891
2014-07-13 21:46 - 2014-07-13 21:46 - 0000000 _____ () C:\ProgramData\3754688948
2014-07-11 11:51 - 2014-07-11 11:51 - 0000000 _____ () C:\ProgramData\401797354
2014-07-10 15:33 - 2014-07-10 15:33 - 0000000 _____ () C:\ProgramData\4044265060
2014-07-17 19:32 - 2014-07-17 19:32 - 0000000 _____ () C:\ProgramData\686954657
2015-06-02 19:35 - 2015-06-02 19:35 - 0002760 _____ () C:\ProgramData\HirezPipeError.txt
2014-07-06 22:05 - 2014-07-06 22:05 - 0005014 _____ () C:\ProgramData\zrmjlmea.zpl
2014-07-06 22:10 - 2014-07-06 22:10 - 0005077 _____ () C:\ProgramData\{rmjlmea.zpl

Some files in TEMP:
====================
C:\Users\City wok\AppData\Local\Temp\3177e7e47f9cee1f0ab421d5bbf06239.dll
C:\Users\City wok\AppData\Local\Temp\bitool.dll
C:\Users\City wok\AppData\Local\Temp\cabex.dll
C:\Users\City wok\AppData\Local\Temp\devcon64.exe
C:\Users\City wok\AppData\Local\Temp\f4e0f75bd8e18f1e385a323241c0ff29.dll
C:\Users\City wok\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\City wok\AppData\Local\Temp\Quarantine.exe
C:\Users\City wok\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\City wok\AppData\Local\Temp\sqlite3.dll
C:\Users\City wok\AppData\Local\Temp\unelevate.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 04:43

==================== End of log ============================



BC AdBot (Login to Remove)

 


m

#2 xPretend

xPretend
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:15 PM

Posted 03 June 2015 - 03:46 PM

Was getting an error attatching the second log so I will post it!

 

e106c85def.png

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by City wok at 2015-06-03 14:21:09
Running from C:\Users\City wok\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3329031094-3307353646-2518575607-500 - Administrator - Disabled)
City wok (S-1-5-21-3329031094-3307353646-2518575607-1000 - Administrator - Enabled) => C:\Users\City wok
Guest (S-1-5-21-3329031094-3307353646-2518575607-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3329031094-3307353646-2518575607-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version:  - )
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AutoHotkey 1.1.22.00 (HKLM\...\AutoHotkey) (Version: 1.1.22.00 - Lexikos)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Black Desert (HKLM-x32\...\Pmang_BlackDesert_live) (Version: 14951208 - GameOn)
Black Desert Patcher Japan (HKLM-x32\...\{39655020-2B5A-4E36-8BE0-C69331AA7210}) (Version: 1.0.0.4 - LokiReborn)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
China Localization Patcher (HKLM-x32\...\{49C5170D-08A3-4FA8-A644-FB95E56859EA}) (Version: 2.0.4.2 - LokiReborn)
Common (HKLM-x32\...\Pmang_common) (Version: 12385632 - GameOn)
Core FTP LE (HKLM-x32\...\CoreFTP) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version:  - )
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
EverQuest Titanium (HKLM-x32\...\{32714287-4234-412A-877B-D33AFABFDE2B}) (Version: 1.00.000 - )
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.241 - SurfRight B.V.)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
Mumble 1.2.7 (HKLM-x32\...\{CF8BBFA2-5502-4904-A9E9-8D5CAA8DF785}) (Version: 1.2.7 - Thorvald Natvig)
NCLauncher (NCSOFT) (HKLM-x32\...\NCLauncher_NCJapan) (Version:  - NCSOFT)
NETGEAR A6200 Genie (HKLM-x32\...\{48E61F3E-61D4-42A3-9D29-D0CF40838779}) (Version: 26.0.0.0 - NETGEAR)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
osu! (HKLM-x32\...\{cc2ef6d9-0e1e-4e3e-a1ab-1d563480adeb}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.85.190.0 - Overwolf Ltd.)
Personality Voices (HKLM-x32\...\{29C042AB-059B-414C-840E-94775E3F24A8}) (Version: 1.0.0 - Screaming Bee)
Pingzapper version 2.0.1 (HKLM-x32\...\{7FD61982-5436-439B-B5D0-36F0536FF8BF}_is1) (Version: 2.0.1 - Pingzapper)
Pmangインストールマネージャー (HKLM-x32\...\Pmang) (Version: 1.0.1.1 - GameOn,Pmang)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Project Blackout (HKLM-x32\...\Project Blackout) (Version: 1.0.0 - Zepetto)
Project Kryptonite version 1.0.4 (HKLM-x32\...\{2C0DDC2F-29FF-4FCC-8B3A-A935287D078C}_is1) (Version: 1.0.4 - Rohrbacher Development)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.34.1015 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.34.1015 - Qualcomm Atheros) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24735 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
SmartClose 1.1 (HKLM-x32\...\SmartClose.{7F22CBCB-92B5-4F5D-9A34-BB690215BEF2}_is1) (Version: 1.1 - BM-productions)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.7.2766.1 - Hi-Rez Studios)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Tablet Driver V7.0 (HKLM-x32\...\TabletDriver) (Version:  - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Translator Fun Voice Pack (HKLM-x32\...\{602A1471-063B-4E03-9DCE-0210B914EFF5}) (Version: 1.5.0 - Screaming Bee)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.4 - win.rar GmbH)
검은사막 클라이언트 (HKLM-x32\...\검은사막_is1) (Version:  - Daum Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3329031094-3307353646-2518575607-1000_Classes\CLSID\{feda4990-bcfd-4a05-853d-1fab15a25f1c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================

03-06-2015 01:10:30 Removed Private Internet Access Support Files
03-06-2015 01:12:35 Installed Private Internet Access Support Files
03-06-2015 01:18:29 Installed Microsoft Fix it 50195
03-06-2015 02:13:59 Windows Modules Installer
03-06-2015 02:17:59 Windows Modules Installer
03-06-2015 02:19:36 Windows Modules Installer
03-06-2015 02:23:29 Windows Modules Installer
03-06-2015 03:06:39 Windows Modules Installer
03-06-2015 03:12:03 Restore Operation
03-06-2015 03:36:01 Checkpoint by HitmanPro
03-06-2015 03:36:26 Checkpoint by HitmanPro

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-06-02 21:54 - 00000872 ____A C:\Windows\system32\Drivers\etc\hosts
194.145.200.27 pagead2.googlesyndication.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {088F4051-5F3C-44DC-848A-E605D9D18C88} - \ShopperPro No Task File <==== ATTENTION
Task: {10D34E01-2DF1-44B9-A695-267239BF8B60} - System32\Tasks\{BC903E37-771E-4A96-B9F3-B649DF77BC01} => pcalua.exe -a "C:\Users\City wok\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KKI3J6D\pmang_common_module.exe" -d "C:\Users\City wok\Desktop"
Task: {1B75F6EF-4BE2-4E26-B24E-960AC9609D11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06] (Google Inc.)
Task: {49B532BC-7AD1-4E64-94B9-80779D12EA25} - \SPBIW_UpdateTask_Time_323538363930373139362d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: {5AB3B737-22B7-4AF2-AE90-D0C704A33F1F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-26] (Microsoft Corporation)
Task: {5AE05F71-1428-494E-BD90-54F0F13054EB} - \Winupdate No Task File <==== ATTENTION
Task: {60363DF3-73A0-4ADB-BBDD-4F18FD056E6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {66546AA1-4772-440C-AB74-3EFB77506A30} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-05-04] (Overwolf LTD)
Task: {7E047802-6907-4613-8741-C33FCC2C001F} - System32\Tasks\{7610404F-E951-4F84-8854-8718F7404450} => pcalua.exe -a "C:\Users\City wok\Downloads\setup.exe" -d "C:\Users\City wok\Downloads"
Task: {8D5D7049-B35F-4BD1-9308-55231D790A3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06] (Google Inc.)
Task: {9C946AFB-128D-4BF6-B1AD-AB52DDD1D4C8} - \SPDriver No Task File <==== ATTENTION
Task: {9E923AA5-53BF-4474-99E3-42D6A5FBB826} - System32\Tasks\Opera scheduled Autoupdate 1427200071 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {BAD64A6A-24D6-47B6-93F9-790384D71171} - \EssentialUpdateMachine No Task File <==== ATTENTION
Task: {E5712805-5C31-42F4-A89C-A2D31640CF30} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-01-10 14:41 - 2015-03-29 21:31 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2014-04-30 15:27 - 2013-09-16 13:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2012-05-30 04:09 - 2012-05-30 04:09 - 00301888 _____ () C:\Windows\system32\wintab32.dll
2015-06-01 08:02 - 2015-05-29 17:22 - 02427392 ____R () C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\binaries\Win32\MctsInterface.dll
2013-10-01 19:36 - 2012-12-28 14:11 - 20645216 ____R () C:\Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\binaries\Win32\awesomium.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\...\aeriagames.com -> hxxp://aeriagames.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3329031094-3307353646-2518575607-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\City wok\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 74.211.15.210 - 74.211.15.211

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: PingzapperSvc => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: VyprVPN => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:\Windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^City wok^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^City wok^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^City wok^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OptimizerPro.lnk => C:\Windows\pss\OptimizerPro.lnk.Startup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: LanuchApp => C:\Program Files (x86)\NETGEAR\A6200\LanuchApp.exe -s
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: SoftEther VPN Client UI Helper => "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
MSCONFIG\startupreg: Spotify => "C:\Users\City wok\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\City wok\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\City wok\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4CE71398-1D90-48EB-8387-8B12E7B9AE7D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C6C44E40-83B4-4E7C-BB4C-167AA293A403}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{40DB5CA3-BC02-42A0-842C-7CA03725097D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{434FF953-51D4-40A8-9CF7-E9B01533769C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0C56FC44-7B54-438A-9497-49BFA63E1E1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{97316A90-016E-4385-9644-E92FD4907A33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{38FA4F5E-2F06-4AB9-A3C1-F1D55FE99FB7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB01CF4A-B4B0-44A4-A208-7B8B95394568}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3565AD21-DFB4-4169-B5C6-C972A8D3C885}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{42993FDC-4513-4EF4-9E2B-F6093937EC44}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{2B35E32B-9F93-4B20-8DFC-6AB25F88BDD2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{414C0927-1785-492E-A426-076F46F3F45F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F360AE7C-75B6-4333-ABC9-A77152BBCD4F}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{03243F97-B809-471E-95B1-7F3A3A0424E5}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{F3235E6E-26D8-4133-BBD0-7883DED6A7B3}F:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) F:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{8CD7BAF5-1881-4E5D-A25A-1056D098595A}F:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) F:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9EE94A64-6548-48CE-8F81-DDADC423AB1F}C:\users\city wok\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\city wok\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{028B6FD4-B03D-48D8-ADC3-4B6130F57867}C:\users\city wok\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\city wok\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6A4B7659-B17A-4BBC-A6B6-5A16EF8FF87D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{ACB6A1BE-C12B-4251-9FBC-CF14940B1FEF}C:\program files (x86)\steam\steamapps\common\daylight\limagame\binaries\win64\daylight.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\daylight\limagame\binaries\win64\daylight.exe
FirewallRules: [UDP Query User{4AF3988D-D6F1-4F43-9812-176C7E85A687}C:\program files (x86)\steam\steamapps\common\daylight\limagame\binaries\win64\daylight.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\daylight\limagame\binaries\win64\daylight.exe
FirewallRules: [{B0771A13-7A75-42D1-B0C0-F1301CD7A53F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{0F8B856A-952C-4D75-9377-032CEF933F7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E30D72AB-3C0C-4704-9801-4E3B7797BFF8}] => (Allow) C:\Program Files (x86)\Project Blackout\PBlackout.exe
FirewallRules: [{35602524-3A45-43EE-98A1-99E105A71CD8}] => (Allow) C:\Program Files (x86)\Project Blackout\PBlackout.exe
FirewallRules: [TCP Query User{C0A70009-9E1F-4680-95E5-FB5BB3BBDC46}C:\program files (x86)\kraven manor demo\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\kraven manor demo\binaries\win32\udk.exe
FirewallRules: [UDP Query User{C3109D33-4F32-49B6-88A8-2932081756D5}C:\program files (x86)\kraven manor demo\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\kraven manor demo\binaries\win32\udk.exe
FirewallRules: [{EDF02F02-86EE-4E1F-BCE7-020632FBC0FC}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{47DBB8F5-8E35-4C87-A620-05DC0721D9A2}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{FDAFDEF8-9FF2-4185-A429-94782245C5CC}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{9CFAEF9C-801F-4377-BD29-414E6A446985}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{6A5E38F9-8E9B-4D6C-9633-CE13B686E1B6}C:\users\city wok\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\city wok\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F6DB9C9E-6C92-48CF-9563-5A1424DC22D5}C:\users\city wok\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\city wok\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC615BFF-5B80-4426-92B8-C00233E5DAF9}] => (Allow) C:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{5BFD3CA3-C272-4D70-B83F-F720FB201A32}] => (Allow) C:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{83E0F557-C30F-45FA-B1C8-D72B0EE126BF}] => (Allow) C:\Program Files (x86)\Project Kryptonite\data\OverlayLoader_win32.exe
FirewallRules: [{3EDAB019-EAA7-45F2-8650-9FDCDA12272E}] => (Allow) C:\Program Files (x86)\Project Kryptonite\data\OverlayLoader_win64.exe
FirewallRules: [{12137FF3-033F-4287-BC48-38C4653017E2}] => (Allow) C:\Program Files (x86)\Project Kryptonite\data\browser\Offscreen_Browser.exe
FirewallRules: [{794557BB-89A2-4249-A01F-FB8C5A647EAE}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{217F831E-10CF-4CB4-9682-B501B0259093}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{A31BEE37-3E77-497C-A36C-6606A268C561}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{49D43F89-8275-4240-A56D-4E17F41704CE}] => (Allow) LPort=2869
FirewallRules: [{4CCBC95A-1D96-4317-A305-4822E6D71F7C}] => (Allow) LPort=1900
FirewallRules: [{0A54CEAC-8EC1-4953-B26F-46FF99FF1083}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{77D48BD0-BCB1-4AD0-B83A-724BE68E1E7B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AE466C45-D9B9-41E3-B17F-5BC718B26C30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{FA14DBBE-F7B5-4190-8D9E-6980ABAC94A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{81D83158-6930-4BF2-B996-DB25CEC58342}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A5D119EC-00D6-4060-94A2-A32659D71488}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{482F6ACB-9C69-4216-A845-0C422972D27C}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{AFBDED0D-EF13-4072-87D6-88071EEDBC34}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{39CC876C-673C-4B94-B0D7-58A9841DF538}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{0845B39B-F029-4223-9DF5-91D13FE9EEAF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{992FCA88-6931-49EE-A289-AFB69AB8ECDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B5F8D8FD-F2E4-4D65-AFC4-5847F3ECBFE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5C6130D-558A-4454-93FD-221C17A833E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{008A982C-7CD1-4654-BED2-81290939D1C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{E8EB380A-F986-4449-AED9-A8A1002DEA23}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{7D4089A6-3875-4A2D-9C3C-095C544CE25E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{68DE0E19-80F6-461B-A868-9770FD100A80}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{F80E5890-B208-42B1-84A8-04FE19CE2B45}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{EEF5CEC0-F634-42F8-A02F-AE6AC2119AE9}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{D9D9BB10-0280-4C68-AB6A-CE2488A1A29F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{0A543FEC-23EC-4333-A3E6-9BA935AAAA44}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{000D9EBF-BE70-4462-85A3-58059F51CA8F}] => (Allow) F:\Black Desert\bin\BlackDesert32.exe
FirewallRules: [{F897A09E-183D-4205-88C3-F04418D93716}] => (Allow) F:\Black Desert\bin64\BlackDesert64.exe
FirewallRules: [{582F2852-A131-48C6-82B1-59970467B10E}] => (Allow) F:\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{859F2DFD-153D-46A0-A1CB-546C60480ED3}] => (Allow) F:\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{AE5B3A56-B0B3-4A79-B831-5FA5E582967F}] => (Allow) F:\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{AA691033-8A66-4853-8E33-0135DC3F7464}] => (Allow) F:\Black Desert\BlackDesert_Launcher.exe
FirewallRules: [{B3684E29-D39D-4C61-872D-25E3B29FE9C5}] => (Allow) F:\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{3377F9A2-8151-48F0-B555-29B670583FB8}] => (Allow) F:\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{90C0AC52-5764-4B55-9F37-B7F95FFCB092}] => (Allow) F:\Black Desert\BlackDesert_Downloader.exe
FirewallRules: [{B084A852-40D4-43FC-BD26-02AEE69AD5F2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2015 01:32:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/03/2015 01:31:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/03/2015 00:35:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 00:35:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2015 11:49:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 11:47:57 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (06/03/2015 03:39:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 03:37:29 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (06/03/2015 03:36:31 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002f0,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000449F270.72).  hr = 0x80070005, Access is denied.
.

Error: (06/03/2015 03:36:31 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002e4,(null),0,REG_BINARY,00000000019EE090.72).  hr = 0x80070005, Access is denied.
.


Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {7b8cd524-a773-43d0-aa7f-9ccff4b6be27}


System errors:
=============
Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Disc Soft Lite Bus Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NETGEAR A6200 Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WinTab Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server VSS Writer service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Overlay Subsystem Emergency Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/03/2015 11:51:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.


Microsoft Office:
=========================
Error: (06/03/2015 01:32:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\City wok\Downloads\esetsmartinstaller_enu.exe

Error: (06/03/2015 01:31:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\City wok\Downloads\esetsmartinstaller_enu.exe

Error: (06/03/2015 00:35:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\$RECYCLE.BIN\S-1-5-21-3329031094-3307353646-2518575607-1000\$RCQPM0D.exe

Error: (06/03/2015 00:35:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\Users\Sterling\Downloads\vcredist_arm.exe

Error: (06/03/2015 11:49:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 11:47:57 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (06/03/2015 03:39:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 03:37:29 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (06/03/2015 03:36:31 AM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002f0,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000449F270.72)0x80070005, Access is denied.

Error: (06/03/2015 03:36:31 AM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002e4,(null),0,REG_BINARY,00000000019EE090.72)0x80070005, Access is denied.


Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {7b8cd524-a773-43d0-aa7f-9ccff4b6be27}


==================== Memory info ===========================

Processor: Intel® Core™ i7-4770S CPU @ 3.10GHz
Percentage of memory in use: 25%
Total physical RAM: 16327.91 MB
Available physical RAM: 12191.2 MB
Total Pagefile: 32654.01 MB
Available Pagefile: 28094.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:16.45 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:1862.92 GB) (Free:1739.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 788F3BC1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E621BC2B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End of log ============================



#3 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:15 PM

Posted 06 June 2015 - 01:17 PM

xPretend,
:welcome:  to BleepingComputer! 
My name is Jason and I'll be helping you with your computer problems. You can call me by my screen name jntkwx or Jason is fine.
 
 

Ground Rules:

  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.  :)
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started  :thumbup2:

===================================================

 

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

 

Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.
 
 

I don't see any malware in the log.
 
 
Double Check the Proxy Settings

  • Open Internet Explorer.
  • Click on Tools and then click Internet options.
  • Click the Connections tab, and then click LAN settings.
  • Deselect the option Use a proxy server for your LAN.
  • Place a check mark on Automatically detect settings.
  • Click OK twice.

If that doesn't work, this may be due to a program called Fiddler. Do you recognize that name?
 
If you do, open Fiddler which will act as system proxy again (make sure you set the option in "Fiddler Options" - "WinINET Connetions"). Then, close the application and it should fix the connection.


Edited by jntkwx, 06 June 2015 - 01:22 PM.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:15 PM

Posted 11 June 2015 - 11:32 AM

xPretend,

It's been several days since my last post. Do you still need help?

If you do, please follow my previous instructions. :thumbup2:


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#5 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:15 PM

Posted 15 June 2015 - 07:45 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users