Results 1 to 10 of 11

Thread: Error during Check (Out of Memory)

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2015-02-09, 23:10 #1
    jamesth
    jamesth is offline
    Junior Member
    Join Date
    Feb 2015
    Posts
    5

    Default Error during Check (Out of Memory)

    Hi there,

    I've been trying to scan with spybot. However everytime I do so, I get a Error during check for certain items. I'm not sure how to proceed. Thanks. I have also scanned with Malwarebytes, Roguekiller and Kaspersky tdsskiller, but found nothing.


    --- Report generated: 2015-02-09 13:40 ---

    Error during check!: Win32.Adload.jm [7 - $AFC12AB3] (Out of memory) (Status)


    Error during check!: Virtumonde [245 - $7390885E] (Out of memory) (Status)


    Error during check!: Virtumonde [845 - $4A9C6736] (Out of memory) (Status)


    Error during check!: Virtumonde [547 - $EA212551] (Out of memory) (Status)


    Congratulations!: No immediate threats were found. (Status)



    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
    Ran by happycat (administrator) on HAPPYCAT-PC on 09-02-2015 13:52:42
    Running from C:\Users\happycat\Desktop
    Loaded Profiles: happycat (Available profiles: happycat)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Hi-Rez Studios) E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    () C:\Windows\SysWOW64\HsMgr.exe
    () C:\Windows\system\HsMgr64.exe
    (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    () C:\Program Files\Razer Barracuda AC-1 Gaming Audio Card\Customapp\Razer Barracuda AC-1 Gaming Audio card.exe
    (Flux Software LLC) C:\Users\happycat\AppData\Local\FluxSoftware\Flux\flux.exe
    (Dropbox, Inc.) C:\Users\happycat\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
    HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
    HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
    HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.cpl,CMICtrlWnd
    HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
    HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
    HKLM\...\Run: [BCSSync] => D:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [Razer Barracuda AC-1 Gaming Audio Card] => C:\Program Files (x86)\Razer Barracuda AC-1 Gaming Audio Card\Razer Barracuda AC-1 Gaming Audio card.exe [1205248 2010-03-02] ()
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
    HKU\S-1-5-21-2196593836-3544978208-278226143-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
    HKU\S-1-5-21-2196593836-3544978208-278226143-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
    HKU\S-1-5-21-2196593836-3544978208-278226143-1000\...\Run: [f.lux] => C:\Users\happycat\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
    HKU\S-1-5-21-2196593836-3544978208-278226143-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    Startup: C:\Users\happycat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\happycat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2196593836-3544978208-278226143-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.7.23

    FireFox:
    ========
    FF ProfilePath: C:\Users\happycat\AppData\Roaming\Mozilla\Firefox\Profiles\p0ccw5zs.default
    FF DefaultSearchEngine: Google
    FF NetworkProxy: "http", "202.85.215.250"
    FF NetworkProxy: "http_port", 8080
    FF NetworkProxy: "no_proxies_on", ""
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
    FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2196593836-3544978208-278226143-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\happycat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Extension: YouTube Auto Replay - C:\Users\happycat\AppData\Roaming\Mozilla\Firefox\Profiles\p0ccw5zs.default\Extensions\YouTubeAutoReplay@arikv.com.xpi [2013-10-22]
    FF Extension: StumbleUpon - C:\Users\happycat\AppData\Roaming\Mozilla\Firefox\Profiles\p0ccw5zs.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-07-05]
    FF Extension: Download YouTube Videos as MP4 - C:\Users\happycat\AppData\Roaming\Mozilla\Firefox\Profiles\p0ccw5zs.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-07-18]
    FF Extension: Adblock Plus - C:\Users\happycat\AppData\Roaming\Mozilla\Firefox\Profiles\p0ccw5zs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-25]
    FF Extension: Greasemonkey - C:\Users\happycat\AppData\Roaming\Mozilla\Firefox\Profiles\p0ccw5zs.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-06-28]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    U2 HiPatchService; E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
    R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [18016 2014-12-17] (Olof Lagerkvist)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [50942144 2013-12-18] (Microsoft Corporation)
    S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
    S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-11] ()
    S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
    S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
    S3 TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [20536 2014-12-14] (Olof Lagerkvist)
    R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1038336 2007-03-26] (Razer)
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-31] (Disc Soft Ltd)
    R2 ImDisk; C:\Windows\System32\DRIVERS\imdisk.sys [43584 2014-12-17] (Olof Lagerkvist)
    R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-09] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-31] (Duplex Secure Ltd.)
    R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-02-09] ()
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-09 13:52 - 2015-02-09 13:52 - 00014727 _____ () C:\Users\happycat\Desktop\FRST.txt
    2015-02-09 13:51 - 2015-02-09 13:52 - 00000000 ____D () C:\FRST
    2015-02-09 13:51 - 2015-02-09 13:51 - 02132992 _____ (Farbar) C:\Users\happycat\Desktop\FRST64.exe
    2015-02-09 13:51 - 2015-02-09 13:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HAPPYCAT-PC-Windows-7-Ultimate-(64-bit).dat
    2015-02-09 13:51 - 2015-02-09 13:51 - 00000000 ____D () C:\RegBackup
    2015-02-09 13:50 - 2015-02-09 13:50 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2015-02-09 13:50 - 2015-02-09 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2015-02-09 13:50 - 2015-02-09 13:50 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2015-02-09 13:49 - 2015-02-09 13:49 - 04804736 _____ () C:\Users\happycat\Desktop\tweaking.com_registry_backup_setup.exe
    2015-02-09 13:28 - 2015-02-09 13:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2015-02-09 13:28 - 2015-02-09 13:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
    2015-02-09 13:28 - 2015-02-09 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    2015-02-09 13:27 - 2015-02-09 13:27 - 16409960 _____ (Safer Networking Limited ) C:\Users\happycat\Downloads\spybotsd162.exe
    2015-02-09 12:51 - 2015-02-09 13:11 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
    2015-02-09 12:51 - 2015-02-09 12:51 - 18570328 _____ () C:\Users\happycat\Desktop\RogueKillerX64.exe
    2015-02-09 12:51 - 2015-02-09 12:51 - 00000000 ____D () C:\ProgramData\RogueKiller
    2015-02-09 12:48 - 2015-02-09 12:48 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\happycat\Desktop\tdsskiller.exe
    2015-02-02 10:16 - 2015-02-02 10:16 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2015-02-02 10:16 - 2015-02-02 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-02-02 10:16 - 2015-02-02 10:16 - 00000000 ____D () C:\Program Files\Java
    2015-02-02 10:12 - 2015-02-02 10:12 - 00035194 _____ () C:\Users\happycat\Desktop\replay_pid1384.log
    2015-02-02 10:12 - 2015-02-02 10:12 - 00029353 _____ () C:\Users\happycat\Desktop\hs_err_pid1384.log
    2015-02-01 22:59 - 2015-02-01 22:59 - 00000915 _____ () C:\Users\Public\Desktop\Smite.lnk
    2015-02-01 22:59 - 2015-02-01 22:59 - 00000906 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
    2015-02-01 22:59 - 2015-02-01 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
    2015-02-01 22:55 - 2015-02-01 22:55 - 00009607 _____ () C:\Users\happycat\Documents\Uninstall Dragon Age 2.log
    2015-02-01 22:54 - 2015-02-01 22:55 - 46660424 _____ (Hi-Rez Studios) C:\Users\happycat\Desktop\InstallSmite.exe
    2015-01-31 19:21 - 2015-02-05 22:07 - 00000000 ____D () C:\ProgramData\Tunngle
    2015-01-31 19:21 - 2015-01-31 19:21 - 00000706 _____ () C:\Users\Public\Desktop\Tunngle.lnk
    2015-01-31 19:21 - 2015-01-31 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
    2015-01-31 19:19 - 2015-01-31 19:19 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
    2015-01-30 17:52 - 2015-01-30 17:52 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
    2015-01-30 17:52 - 2015-01-30 17:52 - 00000000 ____D () C:\Users\happycat\AppData\Local\FluxSoftware
    2015-01-30 17:51 - 2015-01-30 17:51 - 00597304 _____ () C:\Users\happycat\Desktop\flux-setup.exe
    2015-01-29 18:43 - 2015-01-29 18:43 - 00000000 _____ () C:\Users\happycat\Desktop\New Text Document (2).txt
    2015-01-28 21:02 - 2015-01-28 21:02 - 00000000 ____D () C:\Users\happycat\Documents\Larian Studios
    2015-01-27 21:51 - 2015-02-08 11:08 - 00000000 ____D () C:\Users\happycat\AppData\Local\ftblauncher
    2015-01-27 21:51 - 2015-01-27 21:52 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\ftblauncher
    2015-01-27 21:51 - 2015-01-27 21:51 - 00000000 ____D () C:\ProgramData\Sun
    2015-01-27 21:51 - 2015-01-27 21:51 - 00000000 ____D () C:\ProgramData\Oracle
    2015-01-27 21:49 - 2015-01-27 21:49 - 06619054 _____ () C:\Users\happycat\Desktop\FTB_Launcher.exe
    2015-01-26 10:56 - 2015-01-26 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-01-23 22:12 - 2015-01-23 22:15 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\OBS
    2015-01-23 22:12 - 2015-01-23 22:12 - 00000939 _____ () C:\Users\happycat\Desktop\Open Broadcaster Software.lnk
    2015-01-23 22:12 - 2015-01-23 22:12 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
    2015-01-23 22:09 - 2015-01-23 22:12 - 00000000 ____D () C:\Program Files\OBS
    2015-01-23 22:09 - 2015-01-23 22:12 - 00000000 ____D () C:\Program Files (x86)\OBS
    2015-01-23 22:09 - 2015-01-23 22:09 - 07516302 _____ () C:\Users\happycat\Desktop\OBS_0_64b_Installer.exe
    2015-01-22 22:14 - 2015-01-22 22:14 - 03125280 _____ () C:\Users\happycat\Desktop\1421204850651.webm
    2015-01-22 22:14 - 2015-01-22 22:14 - 02618171 _____ () C:\Users\happycat\Desktop\1421204802565.webm
    2015-01-19 13:29 - 2015-01-19 13:29 - 00053616 _____ () C:\Users\happycat\Desktop\The Last of Us - Main Theme.rar
    2015-01-19 13:09 - 2015-01-19 13:09 - 00003059 _____ () C:\Users\happycat\Desktop\Main Theme - The Last of Us EX MIDI_0.mid
    2015-01-13 13:01 - 2014-12-11 21:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-01-13 13:01 - 2014-12-11 21:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-01-13 13:01 - 2014-12-11 21:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-01-13 13:01 - 2014-12-11 21:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-01-13 13:01 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-01-13 13:01 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-01-13 13:01 - 2014-12-11 21:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-01-13 12:21 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-13 12:21 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-13 12:21 - 2014-12-11 09:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2015-01-13 12:21 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-13 12:21 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
    2015-01-13 12:21 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-09 13:31 - 2014-05-16 20:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-02-09 13:27 - 2009-07-13 20:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-09 13:27 - 2009-07-13 20:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-09 13:26 - 2009-07-13 21:13 - 00006416 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-02-09 13:24 - 2013-06-25 00:11 - 01760659 _____ () C:\Windows\WindowsUpdate.log
    2015-02-09 13:21 - 2013-09-22 09:30 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\Dropbox
    2015-02-09 13:20 - 2014-03-19 19:56 - 00146369 _____ () C:\Windows\setupact.log
    2015-02-09 13:20 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-02-09 13:04 - 2014-03-19 19:56 - 00012954 _____ () C:\Windows\PFRO.log
    2015-02-09 13:03 - 2013-06-25 12:42 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\uTorrent
    2015-02-09 12:06 - 2014-12-12 11:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-08 17:29 - 2013-06-25 13:44 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\Mumble
    2015-02-05 22:07 - 2013-09-14 19:35 - 00000000 ____D () C:\Users\happycat\AppData\Roaming\Tunngle
    2015-02-04 19:06 - 2014-12-12 11:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-02-04 19:06 - 2013-06-25 13:51 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-02-04 19:06 - 2013-06-25 13:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-02-01 23:32 - 2014-05-23 09:53 - 00167807 _____ () C:\Windows\DirectX.log
    2015-02-01 22:59 - 2013-11-08 19:21 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
    2015-02-01 22:59 - 2013-06-25 01:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-02-01 22:55 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-02-01 19:07 - 2009-07-13 21:08 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-01-29 18:44 - 2015-01-03 01:35 - 00000041 _____ () C:\Users\happycat\Desktop\imdisk.cmd
    2015-01-27 15:08 - 2013-06-24 23:45 - 00000000 ____D () C:\Users\happycat
    2015-01-26 15:50 - 2013-06-25 01:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-01-22 20:33 - 2014-05-13 16:23 - 00000000 ____D () C:\Users\happycat\Documents\My Recordings

    ==================== Files in the root of some directories =======

    2013-10-05 18:00 - 2013-11-23 21:08 - 0001064 _____ () C:\Users\happycat\AppData\Roaming\SpeedRunnersLog.txt
    2013-06-25 15:20 - 2013-06-25 15:20 - 0000096 _____ () C:\Users\happycat\AppData\Local\fusioncache.dat
    2014-11-01 12:16 - 2014-11-01 12:16 - 0000000 ___SH () C:\Users\happycat\AppData\Local\LumaEmu

    Some content of TEMP:
    ====================
    C:\Users\happycat\AppData\Local\Temp\dllnt_dump.dll
    C:\Users\happycat\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprergnl.dll
    C:\Users\happycat\AppData\Local\Temp\ose00000.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-03 19:20

    ==================== End Of Log ============================

    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2015-02-09 13:55:50
    -----------------------------
    13:55:50.272 OS Version: Windows x64 6.1.7601 Service Pack 1
    13:55:50.272 Number of processors: 4 586 0x2A07
    13:55:50.272 ComputerName: HAPPYCAT-PC UserName: happycat
    13:55:50.401 Initialize success
    13:55:50.425 VM: initialized successfully
    13:55:50.426 VM: Intel CPU BiosDisabled
    13:56:43.824 AVAST engine defs: 15020900
    13:56:57.610 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    13:56:57.611 Disk 0 Vendor: ST3160811AS 3.AAE Size: 152626MB BusType: 3
    13:56:57.614 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
    13:56:57.615 Disk 1 Vendor: M4-CT064M4SSD2 070H Size: 61057MB BusType: 3
    13:56:57.616 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-1
    13:56:57.617 Disk 2 Vendor: ST3160023AS 8.05 Size: 152626MB BusType: 3
    13:56:57.619 Disk 1 MBR read successfully
    13:56:57.621 Disk 1 MBR scan
    13:56:57.624 Disk 1 Windows 7 default MBR code
    13:56:57.625 Disk 1 Partition 1 00 07 HPFS/NTFS NTFS 61055 MB offset 2048
    13:56:57.630 Disk 1 scanning C:\Windows\system32\drivers
    13:56:59.697 Service scanning
    13:57:05.795 Modules scanning
    13:57:05.797 Disk 1 trace - called modules:
    13:57:05.801 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006e112c0]<<sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
    13:57:05.804 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800751a060]
    13:57:05.806 3 CLASSPNP.SYS[fffff8800141743f] -> nt!IofCallDriver -> [0xfffffa8007308520]
    13:57:05.809 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-4[0xfffffa8007304680]
    13:57:05.811 \Driver\atapi[0xfffffa8006f39af0] -> IRP_MJ_CREATE -> 0xfffffa8006e112c0
    13:57:05.962 AVAST engine scan C:\Windows
    13:57:06.322 AVAST engine scan C:\Windows\system32
    13:58:02.970 AVAST engine scan C:\Windows\system32\drivers
    13:58:05.735 AVAST engine scan C:\Users\happycat
    13:59:05.920 AVAST engine scan C:\ProgramData
    13:59:12.121 Disk 1 statistics 4949790/0/0 @ 44.70 MB/s
    13:59:12.125 Scan finished successfully
    13:59:43.588 Disk 1 MBR has been saved successfully to "C:\Users\happycat\Desktop\MBR.dat"
    13:59:43.590 The log file has been saved successfully to "C:\Users\happycat\Desktop\aswMBR.txt"
    Attached Files Attached Files
    Last edited by tashi; 2015-02-10 at 04:51. Reason: Removed Spybot "updates" log, copy pasted two logs into topic
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules