Jump to content


Photo

Trojan detected on computer


  • This topic is locked This topic is locked
6 replies to this topic

#1 rokazulu

rokazulu

    Member

  • Full Member
  • Pip
  • 19 posts

Posted 26 February 2016 - 07:43 PM

AVG virus scanner has detected a trojan that keeps popping up on my computer. I'll edit this post with the exact description once it pops up again since I cant find it in the archive.

 

I have scanned with Malbyte and Search and Destroy but they are not finding any problems.

 

I have my scan files attached, please tell me if you need more information.

 

EDIT: "";"Trojan horse Exploit.SWF_c.BAC, //redir.adap.tv/redir/client/VPixel.swf";"Secured"

 

This is what comes up on AVG
 

 

EDIT: Many of our helpers will not download files that they did not specifically request that you attach... As you might guess, we have no way of knowing what might be in a downloaded file and malware creators might want to use the opportunity to infect helper's computers...  Please copy/paste your logs directly into your posts - we provide lots of room to do that and you can extend into another post if you run out of room...  Thank you...

Attached Files


Edited by Budfred, 27 February 2016 - 12:34 AM.


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,281 posts

Posted 28 February 2016 - 07:20 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to the a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
HKLM\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
HKU\S-1-5-21-3106575356-1166739083-4125166181-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={7AB1D439-5A8B-4A9F-970A-F81DC8899DBF}&mid=3a38d0a6935c47ccb70f75f39de793f8-6648c1d50ac03f8b48421a1110ff3c4b59764d69&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-12-07 19:20:12&v=4.2.4.155&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3106575356-1166739083-4125166181-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7AB1D439-5A8B-4A9F-970A-F81DC8899DBF}&mid=3a38d0a6935c47ccb70f75f39de793f8-6648c1d50ac03f8b48421a1110ff3c4b59764d69&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-12-07 19:20:12&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3106575356-1166739083-4125166181-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7AB1D439-5A8B-4A9F-970A-F81DC8899DBF}&mid=3a38d0a6935c47ccb70f75f39de793f8-6648c1d50ac03f8b48421a1110ff3c4b59764d69&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-12-07 19:20:12&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF SearchPlugin: C:\Users\Rokazulu\AppData\Roaming\Mozilla\Firefox\Profiles\9vmqwvwb.default-1453576084200\searchplugins\avg-secure-search.xml [2016-02-26]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-09-21] <==== ATTENTION
R2 vToolbarUpdater40.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [1949768 2016-02-22] (AVG Secure Search)


End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Please paste the contents of the Addition.txt file that was created by the Farbar tool. I need to review it.

Please let me know what problem persists with this computer.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 rokazulu

rokazulu

    Member

  • Full Member
  • Pip
  • 19 posts

Posted 28 February 2016 - 10:38 AM

Hmm the addition.txt is too big too upload so I posted it here
 
http://pastebin.com/uzAgW4BW

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-02-2016
Ran by Rokazulu (2016-02-28 10:35:05)
Running from C:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-08-21 00:38:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3106575356-1166739083-4125166181-500 - Administrator - Disabled)
Guest (S-1-5-21-3106575356-1166739083-4125166181-501 - Limited - Disabled)
Rokazulu (S-1-5-21-3106575356-1166739083-4125166181-1000 - Administrator - Enabled) => C:\Users\Rokazulu

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{971D28B8-A1B0-F223-2DE8-E8F97088AC27}) (Version: 3.0.758.0 - ATI Technologies, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4540 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.6.552 - AVG Technologies)
AVG Zen (Version: 1.41.29 - AVG Technologies) Hidden
Banctec Service Agreement (HKLM-x32\...\{BD4B02C1-0271-4D7D-A850-19DE2E5CDF83}) (Version: 2.0.0 - Dell Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
Belkin F7D1101 Basic Wireless USB Adapter (HKLM-x32\...\InstallShield_{AFD89880-C544-4777-B645-FBF6D3391B11}) (Version: 1.0.0.4 - Belkin)
Belkin F7D1101 Basic Wireless USB Adapter (x32 Version: 1.0.0.4 - Belkin) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Command Center (HKLM-x32\...\InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}) (Version: 2.5.46.0 - Alienware Corp.)
Command Center (Version: 2.5.46.0 - Alienware Corp.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.74 - Dell)
Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
iTunesControl 0.63 (HKLM-x32\...\{4203CB7A-4E20-4DCE-8526-DE568AC061B5}) (Version: 0.63.134 - Carson Morrow)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
Nero 9 Essentials (HKLM-x32\...\{aa708013-4b7d-4f8a-92ef-878ac35d5ffd}) (Version: - Nero AG)
NVIDIA 3D Vision Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Daybreak Games)
PlanetSide 2 (HKU\S-1-5-21-3106575356-1166739083-4125166181-1000\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5986 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.88 - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warhammer: End Times - Vermintide (HKLM-x32\...\Steam App 235540) (Version: - Fatshark)
Windows 7 Xeno Driver (HKLM-x32\...\{88F11D6E-322B-4AA1-93DA-422B4520B948}) (Version: 1.00.0000 - Bigfoot Networks)
Windows Driver Package - Bigfoot (Xeno7x64) System (11/01/2009 5.0.3.0) (HKLM\...\ACE3E40539B65A2D24C735985DD8585F9E9C2123) (Version: 11/01/2009 5.0.3.0 - Bigfoot)
Xeno Suite (HKLM-x32\...\{9B361241-6AF0-4CE8-909B-C818209085EA}) (Version: 5.01.002 - Bigfoot Networks)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2636BB5C-C864-453E-9EE1-6B63F2354DB7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {2ED1771B-073B-4442-BDE3-F4073061FA8F} - System32\Tasks\{A984BBE8-9961-4F09-BC37-9F615C80F150} => pcalua.exe -a C:\Downloads\winexpress_full_ENU.exe -d C:\Downloads
Task: {AB25FF67-8A7C-49F0-B0EE-7AE5B0C754CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {C06BCC81-674B-4EED-9836-59DF0EBBB920} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {DE715C9A-2D68-4CEB-B050-9403725C84A2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3106575356-1166739083-4125166181-1000

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-12-07 19:20 - 2016-02-22 14:02 - 01215560 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-08-20 20:36 - 2015-08-06 18:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-04-12 17:32 - 2009-12-02 15:49 - 00414960 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-04-12 17:00 - 2009-11-23 16:03 - 00230400 _____ () C:\Program Files (x86)\Bigfoot Networks\Xeno Suite\GameDetectService.exe
2015-12-07 19:20 - 2016-02-22 14:02 - 02874440 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2010-04-12 16:55 - 2010-04-12 16:55 - 00037200 _____ () C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.87.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00075056 _____ () C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.87.0__bebb3c8816410241\AlienLabsTools.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00128240 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 01123568 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-04-12 17:32 - 2009-12-02 15:48 - 00079088 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00234736 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00074992 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00111856 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00121072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00115952 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-04-12 17:01 - 2009-12-23 16:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00025840 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00025840 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
2010-04-12 17:32 - 2009-12-02 15:47 - 00025840 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00024896 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.87.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00011584 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.87.0__bebb3c8816410241\AlienFX.Communication.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00024904 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.87.0__bebb3c8816410241\AlienFX.Communication.XPS.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00028496 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.87.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00027984 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.87.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00036176 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.87.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00019792 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.87.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00036176 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.87.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00037200 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.87.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll
2010-04-12 16:55 - 2010-04-12 16:55 - 00017224 _____ () C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.87.0__bebb3c8816410241\AlienFX.Communication.Core.dll
2015-09-05 14:37 - 2015-12-14 23:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-09-05 14:37 - 2015-07-03 10:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-09-05 14:37 - 2015-07-03 10:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-09-05 14:37 - 2015-07-03 10:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-09-05 14:37 - 2016-02-04 15:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2015-09-05 14:37 - 2015-09-23 18:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-09-05 14:37 - 2015-09-23 18:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-09-05 14:37 - 2015-09-23 18:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-09-05 14:37 - 2015-09-23 18:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-09-05 14:37 - 2015-09-23 18:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-09-05 14:37 - 2016-02-04 15:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-09-05 14:37 - 2015-12-29 19:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-12-07 18:52 - 2015-12-07 18:51 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-02-22 14:03 - 2016-02-22 14:02 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\log4cplusU.dll
2015-09-05 14:37 - 2016-01-05 19:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-02-09 11:43 - 2016-02-09 11:43 - 17891008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-11-08 15:33 - 2016-02-06 21:30 - 00000797 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3106575356-1166739083-4125166181-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rokazulu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Xeno Tray.lnk => C:\Windows\pss\Xeno Tray.lnk.CommonStartup
MSCONFIG\startupreg: BDRegion => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: PDVD8LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl8 => "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SPIRunE => Rundll32 SPIRunE.dll,RunDLLEntry
MSCONFIG\startupreg: Thermal Controller => "C:\Program Files\Alienware\Command Center\ThermalController.exe" /auto
MSCONFIG\startupreg: VolPanel => "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{06D8EA17-2E3C-4587-92FF-2AABC9927B83}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{F421BE71-25A6-4667-85BA-C731E6A7576A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{368C7FB4-6245-4EDC-8424-488DD9798521}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F445965B-A64E-42DA-BD82-0754EEEDBE8A}] => (Allow) C:\Vidya Games\Battle.net\Battle.net.exe
FirewallRules: [{28A69A83-8C36-4ED1-8075-2035B6C62877}] => (Allow) C:\Vidya Games\Battle.net\Battle.net.exe
FirewallRules: [{86EBD62E-E19B-4DD5-BDA7-0C3EC8577C67}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2889BFFC-D04F-4BC2-BFB0-F09E1EB9727F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9F246E66-755D-4E12-85A2-C88A1A7EAB05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E2586089-1BDC-4E88-BF85-A26586A7987E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B3FE494-B0DF-4B87-AC8F-F0E414F81272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1D4F0308-BB70-423A-9118-FFC96B049FE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E5AF0BBB-0D95-4DE1-A0DA-F342F7D434A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{41B1191D-ECDD-4C41-A50B-A4AF295DD003}] => (Allow) C:\Vidya Games\StarCraft II\StarCraft II.exe
FirewallRules: [{5BF06268-E5DD-409B-BF2C-EB34F183F226}] => (Allow) C:\Vidya Games\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{63635AAE-A9C9-48A9-820B-4B7F15EC841F}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{9DAB0182-8B68-4456-A1BB-AF92A51DC876}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{848E33DF-7D20-457F-A31E-8954B3B6C129}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AE1BBA4-BEBB-41DF-98D0-25B1F1439754}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66711444-5365-48E8-AE86-E02D4E57FE8A}] => (Allow) C:\Vidya Games\Hearthstone\Hearthstone.exe
FirewallRules: [{92CA359D-E02A-482D-B1DA-6782FA072ED5}] => (Allow) C:\Vidya Games\Hearthstone\Hearthstone.exe
FirewallRules: [{B60102F4-9507-41EE-A324-60DD12A33B95}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E0179C2-EAED-4D1E-830F-D1217663A730}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1246D38B-6483-46FC-93D5-5CC87470A60D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C3C8EF5-1A39-45F7-BB5D-BE36651D842A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4A8D0ADC-6537-4241-B44C-B0A57DAE3474}] => (Allow) C:\Vidya Games\Heroes of the Storm\Versions\Base37351\HeroesOfTheStorm_x64.exe
FirewallRules: [{EB640DB3-E1C5-4587-80C4-CF431AD46E17}] => (Allow) C:\Vidya Games\Heroes of the Storm\Versions\Base37351\HeroesOfTheStorm_x64.exe
FirewallRules: [{F31821DD-1ED7-4C37-AC9F-E4E4E7B6A006}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{8394E1E1-1854-4DD3-9252-2C2559DE8CD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [TCP Query User{F95D6E57-7805-434D-8A9B-6BE6EF4B00E7}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{8CB2EFE4-0FD1-46AA-9EA7-6B4F18438954}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{A4697DF7-4CC0-4C47-82F1-6D9B24E581C7}] => (Allow) C:\Vidya Games\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [{D84F33CD-BF15-4F71-A1B2-6184B7C0D428}] => (Allow) C:\Vidya Games\StarCraft II\Versions\Base32283\SC2.exe
FirewallRules: [TCP Query User{4468104B-F02E-4AAC-8056-3EF5EF4FE127}C:\vidya games\diablo iii\diablo iii.exe] => (Allow) C:\vidya games\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{590F0F8B-E885-4AEF-BC95-CCE7C038D2D3}C:\vidya games\diablo iii\diablo iii.exe] => (Allow) C:\vidya games\diablo iii\diablo iii.exe
FirewallRules: [{8E8065C2-7B04-4483-8776-EB545EDF7BE4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8570C73A-01B8-4E2F-A96A-1517EE9D34D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F933FA2E-7282-4CED-A47F-6A6A78D64C66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{629A6DE0-5082-44B1-90FC-2011DAA58830}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E7DCAAE-99A6-4DF2-8DA1-248CE65D26AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21BEDE0E-8E42-4985-9A4B-AC2BB7E8146D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{96E11306-4FA9-481B-B6A7-085D9BC497B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EF1CFC62-1DEF-4BA6-AE70-88052DAECA76}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6E7EA9F4-A0FE-4B84-BA56-CB48D7CBD5B4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3B249D48-0605-4EDC-BBB3-E6343BA67238}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DCC5C11A-EB33-4555-A2A1-EAC0B41FE3F0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{07CA6556-1D61-4E92-BE14-C63D801EA702}C:\vidya games\hearthstone\hearthstone.exe] => (Allow) C:\vidya games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{29BC9B9D-634B-424D-B8D3-2AE6A4745055}C:\vidya games\hearthstone\hearthstone.exe] => (Allow) C:\vidya games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1183F953-9E53-4639-94A8-531856B26A10}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{2E5CADF8-9A40-4CC7-B056-BFC9474D10ED}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{BBBB5159-5AA3-4934-9823-50B9F4DADCBF}C:\vidya games\diablo iii\diablo iii.exe] => (Allow) C:\vidya games\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{00BFE980-04A2-4AD3-8CEA-FDBF05D9574E}C:\vidya games\diablo iii\diablo iii.exe] => (Allow) C:\vidya games\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{0E749101-8C9F-40F6-8D66-20A33C972539}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{7BA017C3-4622-4D83-8C7E-F224051E5A79}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{6CA8D988-A65A-4C2E-9D54-CAEADF31D766}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D6DC3539-5216-4319-914B-E939FD967062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{97BCFA41-CEF5-44F7-A6F1-1E02B4911240}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{FD56C921-F6A0-434E-A3BF-8EF65CB7F881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{50F1679F-C02B-4EC5-8794-7FD94B74BC5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Hazard\runme.exe
FirewallRules: [{F13EAF2A-8B14-42D6-BCAC-0A2704D0B083}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beat Hazard\runme.exe
FirewallRules: [{AFBD6693-77CA-4872-A01A-1FB92D73B4E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{1BC832DA-9CAE-485F-8E81-49CEE1F53565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{192173FC-9D93-40AF-8DA6-53B7B54E5DC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{A3C5249B-4114-45D0-8DAD-E8474A32457C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [TCP Query User{8EC5C3F6-2BCB-45A3-BC2A-15E7057CC823}C:\program files (x86)\obs\hexchat\hexchat.exe] => (Allow) C:\program files (x86)\obs\hexchat\hexchat.exe
FirewallRules: [UDP Query User{1CAD5C5F-63AC-46E1-8224-A7152972864A}C:\program files (x86)\obs\hexchat\hexchat.exe] => (Allow) C:\program files (x86)\obs\hexchat\hexchat.exe
FirewallRules: [{79889ACA-C9BF-4D27-88A6-D7E0361AFE2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{E79D894F-07D8-42E4-BB95-18497F92DC16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{A2A7E2B7-3B0E-4CDB-B401-DA56818F753A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{BBDD779E-0AA0-4440-8DF7-91A129FF49CA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{AE315894-C084-45D8-9005-47F4EF9A9C4E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{5CCFE960-6AB4-4C85-96E7-AC2BF98DDDC2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{57DBA198-7A4D-4907-8963-AC36075C350D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{A4CD9FCE-4CE0-4FD1-B8B9-7F54B9212E17}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{09B74293-5F1D-4128-A5DD-6F5652185DFA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{6CC32DFD-69DE-40AE-BD62-617995D289BF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D0C9DE38-A5B9-43F0-8C26-CA171C36BA0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{5CB311EB-F7EB-4C43-97B2-B584E73F6E48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{80FEE53A-4623-497A-AC17-9153B5F058FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{7C96F76F-8BBB-496C-8DE9-0A2E64877D35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2016 10:27:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avgsvca.exe, version: 1.62.1.59918, time stamp: 0x56c5a6e1
Faulting module name: ntdll.dll, version: 6.1.7601.19135, time stamp: 0x56a1c9c5
Exception code: 0xc0000005
Fault offset: 0x000000000004a604
Faulting process id: 0x3cc
Faulting application start time: 0xavgsvca.exe0
Faulting application path: avgsvca.exe1
Faulting module path: avgsvca.exe2
Report Id: avgsvca.exe3

Error: (02/28/2016 10:26:10 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Downloads\FRST64.exe ; Description = Restore Point Created by FRST; Error = 0x80070422).

Error: (02/27/2016 04:13:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (02/26/2016 09:30:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (02/26/2016 10:25:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (02/26/2016 01:18:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\servicing\TrustedInstaller.exe; Description = Windows Modules Installer; Error = 0x80070422).

Error: (02/26/2016 01:18:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80070422).

Error: (02/25/2016 07:13:44 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (02/24/2016 12:05:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (02/23/2016 08:54:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avguix.exe, version: 1.52.1.51616, time stamp: 0x56951ab5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x10c4
Faulting application start time: 0xavguix.exe0
Faulting application path: avguix.exe1
Faulting module path: avguix.exe2
Report Id: avguix.exe3


System errors:
=============
Error: (02/28/2016 10:29:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Alienware Fusion Service service failed to start due to the following error:
%%1053

Error: (02/28/2016 10:29:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.

Error: (02/28/2016 10:27:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AVG Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2016 10:26:45 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (02/28/2016 10:26:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2016 10:26:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/28/2016 10:26:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Virtual Disk service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/28/2016 10:26:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/28/2016 10:26:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/28/2016 10:26:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Andrea RT Filters Service service terminated unexpectedly. It has done this 1 time(s).


==================== Memory info ===========================

Processor: Intel® Core™ i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 32%
Total physical RAM: 8183.08 MB
Available physical RAM: 5524.77 MB
Total Virtual: 16364.36 MB
Available Virtual: 13245.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:457.5 GB) (Free:213.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: C796C700)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=8.2 GB) - (Type=27)
Partition 3: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files



#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,281 posts

Posted 29 February 2016 - 06:43 AM



The only thing found on your Addition.txt file is this report that hour Java is outdated.


Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com...d/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmic...java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.co...oads/index.html

How to disable Java in your browsers
http://www.infoworld...browsers-210882


If present remove the old version(s) of Java via the Control Panel > Programs and Features applet.
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)

Can you post the Fixlog.txt that was created when you ran the fix.

Let me know of any remaining issues?

p.s.
I was able to paste the contents of your Addition.txt file.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 rokazulu

rokazulu

    Member

  • Full Member
  • Pip
  • 19 posts

Posted 01 March 2016 - 09:42 AM

Fixlog is here

 

I'll bump this thread if I find anymore problems.

Attached Files



#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,281 posts

Posted 02 March 2016 - 06:18 AM



Error: (0) Failed to create a restore point.

Turn System Restore ON - Windows Help
http://windows.micro...f#1TC=windows-7

If you get an error message please post it.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,281 posts

Posted 23 April 2016 - 05:25 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button