Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015
Ran by Max (administrator) on SPELDATOR on 27-05-2015 16:43:32
Running from C:\Users\Max\Desktop
Loaded Profiles: Max (Available Profiles: Max & Guest)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(OpenVPN Technologies, Inc) C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe
(Ralink Technology, Corp.) D:\RaRegistry.exe
(OpenVPN Technologies, Inc) C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptcore.exe
(Ralink Technology, Corp.) D:\RaRegistry64.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTek COMPUTER INC.) D:\WlanMgr.exe
(MacPaw Inc.) F:\CleanMyPC\CleanMyPCService.exe
(MacPaw Inc.) F:\CleanMyPC\SecureEraseDropAgent.exe
(MacPaw Inc.) F:\CleanMyPC\CleanMyPCSystemInterop.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(MacPaw Inc.) F:\CleanMyPC\ReminderSystem.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Users\Max\AppData\Local\Temp\4932B4A7-B16B-4950-B95B-639CDF0AC90D\DismHost.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [5424128 2007-08-27] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKU\S-1-5-21-575746788-697084064-849044779-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-575746788-697084064-849044779-1001\...\Run: [Spotify Web Helper] => C:\Users\Max\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-05-02] (Spotify Ltd)
HKU\S-1-5-21-575746788-697084064-849044779-1001\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Max\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-575746788-697084064-849044779-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Max\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-575746788-697084064-849044779-1001\...\MountPoints2: {de7b896d-61a0-11e3-8254-00215a18ef9c} - "G:\SETUP.EXE" 
HKU\S-1-5-21-575746788-697084064-849044779-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [786432 2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk [2014-09-22]
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe (OpenVPN Technologies)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2014-01-31]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-12-15] ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1420013565&from=wpm12311&uid=ST380815AS_6RX3C40H
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1420013565&from=wpm12311&uid=ST380815AS_6RX3C40H
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1389883263&from=obw&uid=ST380815AS_6RX3C40H&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1389883263&from=obw&uid=ST380815AS_6RX3C40H&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1420013565&from=wpm12311&uid=ST380815AS_6RX3C40H
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1420013565&from=wpm12311&uid=ST380815AS_6RX3C40H
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1389883263&from=obw&uid=ST380815AS_6RX3C40H&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1389883263&from=obw&uid=ST380815AS_6RX3C40H&q={searchTerms}
HKU\S-1-5-21-575746788-697084064-849044779-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST380815AS_6RX3C40H&ts=1393409346&type=default&q={searchTerms}
HKU\S-1-5-21-575746788-697084064-849044779-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1420013565&from=wpm12311&uid=ST380815AS_6RX3C40H
HKU\S-1-5-21-575746788-697084064-849044779-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.se.msn.com/
HKU\S-1-5-21-575746788-697084064-849044779-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1420013565&from=wpm12311&uid=ST380815AS_6RX3C40H
HKU\S-1-5-21-575746788-697084064-849044779-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST380815AS_6RX3C40H&ts=1393409346&type=default&q={searchTerms}
HKU\S-1-5-21-575746788-697084064-849044779-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=sv-SE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fwww.youtube.com%2F&OSP=http%3A%2F%2Fstart.mysearchdial.com%2Fresults.php%3Ff%3D4%26q%3D%7BsearchTerms%7D%26a%3Dirmsd0202ch%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCyD0AtCzz0E0Fzy0CtDyD0ByCtN0D0Tzu0SyByByCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R%26cr%3D570889252%26ir%3D
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1389883263&from=obw&uid=ST380815AS_6RX3C40H&q={searchTerms}
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/web?type=ds&ts=1431410138&from=zzgbkk123&uid=st380815as_6rx3c40h&z=dfc79a881094238f314c754gbz7c8gazbg9e5g4caz&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1389883263&from=obw&uid=ST380815AS_6RX3C40H&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/web?type=ds&ts=1431410138&from=zzgbkk123&uid=st380815as_6rx3c40h&z=dfc79a881094238f314c754gbz7c8gazbg9e5g4caz&q={searchTerms}
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {15287178-3E82-4AE2-AC61-B9D2D89586E2} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-575746788-697084064-849044779-1001 -> {F82612A8-3B95-4DCA-BB38-A9BC18A3D1BC} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
Tcpip\Parameters: [DhcpNameServer] 193.150.193.150 83.255.245.11

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\g6f6twa5.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1428995620&from=ient04140&uid=ST380815AS_6RX3C40H
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2014-02-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-20] (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml [2015-03-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-06-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml [2015-03-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml [2015-03-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml [2015-03-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml [2015-03-21]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\g6f6twa5.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\g6f6twa5.default\extensions\shortcutff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\g6f6twa5.default\extensions\quick_searchff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\g6f6twa5.default\extensions\sweetsearch@gmail.com

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchKeyword: Profile 1 -> AAE07FAA4777C0F7EAD8A7D22FB256EC65321CA5952B7CE1769524A1A4F46902
CHR DefaultSearchURL: Profile 1 -> A7F6D0136C15D929862E5D5893AA62E89A21852D054A1F7A03DD630129BDAFD4
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DealsmarkeT) - C:\ProgramData\kebgjggpldecnedfdpbkciddegfbnnac\ []
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-17]
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-17]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-17]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-17]
CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-17]
CHR Extension: (Google Sheets) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-17]
CHR Extension: (Lightning Newtab) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2015-01-17]
CHR Extension: (Skype Click to Call) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-17]
CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-17]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [782208 2015-01-16] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CleanMyPCService; F:\CleanMyPC\CleanMyPCService.exe [90352 2014-08-11] (MacPaw Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-04-10] (XTab system)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-03] (Elex do Brasil Participações Ltda)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 ptservice; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe [13888 2014-08-29] (OpenVPN Technologies, Inc)
R2 RalinkRegistryWriter; D:\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; D:\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology, Corp.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [426160 2015-05-04] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
S2 SplashtopRemoteService; "C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-10] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-03-03] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-03-03] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-03-03] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-03-03] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-03-03] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-02-15] (Elex do Brasil Participações Ltda)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [27136 2014-08-29] (The OpenVPN Project)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\system32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
R3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2014-10-22] (Splashtop Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64; C:\Windows\System32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [61112 2014-06-18] (StdLib)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 16:43 - 2015-05-27 16:44 - 00030068 _____ () C:\Users\Max\Desktop\FRST.txt
2015-05-27 16:43 - 2015-05-27 16:43 - 00000000 ____D () C:\FRST
2015-05-27 16:42 - 2015-05-27 16:42 - 02108928 _____ (Farbar) C:\Users\Max\Desktop\FRST64.exe
2015-05-27 16:22 - 2015-05-27 16:22 - 00000000 ____D () C:\Users\Max\AppData\Roaming\CleanMyPC
2015-05-27 16:15 - 2015-05-27 16:15 - 00000563 _____ () C:\Users\Public\Desktop\CleanMyPC.lnk
2015-05-27 16:15 - 2015-05-27 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanMyPC
2015-05-27 16:14 - 2015-05-27 16:14 - 09812096 _____ (MacPaw, Inc. ) C:\Users\Max\Desktop\CleanMyPCSetup.exe
2015-05-27 16:08 - 2015-05-27 16:08 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\Steam
2015-05-27 16:06 - 2015-05-27 16:11 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\TSVNCache
2015-05-27 16:01 - 2015-05-27 16:06 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\Packages
2015-05-27 16:01 - 2015-05-27 16:02 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\NVIDIA Corporation
2015-05-27 16:01 - 2015-05-27 16:01 - 00001438 _____ () C:\Users\Guest.Speldator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-27 16:01 - 2015-05-27 16:01 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Roaming\Adobe
2015-05-27 16:01 - 2015-05-27 16:01 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\NVIDIA
2015-05-27 16:00 - 2015-05-27 16:07 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\LogMeIn Hamachi
2015-05-27 16:00 - 2015-05-27 16:00 - 00002267 _____ () C:\Users\Guest.Speldator\Desktop\Google Chrome.lnk
2015-05-27 16:00 - 2015-05-27 16:00 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Roaming\Subversion
2015-05-27 16:00 - 2015-05-27 16:00 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\VirtualStore
2015-05-27 16:00 - 2015-05-27 16:00 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\LogMeIn
2015-05-27 16:00 - 2015-05-27 16:00 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\Google
2015-05-27 16:00 - 2015-05-27 16:00 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-05-27 15:59 - 2015-05-27 15:59 - 00000020 ___SH () C:\Users\Guest.Speldator\ntuser.ini
2015-05-27 15:59 - 2015-05-27 15:59 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Roaming\Elex-tech
2015-05-27 15:58 - 2015-05-27 16:01 - 00000000 ____D () C:\Users\Guest.Speldator
2015-05-27 15:58 - 2015-03-13 00:25 - 00000000 ___RD () C:\Users\Guest.Speldator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-27 15:58 - 2014-10-04 15:38 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Roaming\Macromedia
2015-05-27 15:58 - 2014-09-16 21:13 - 00000000 ___RD () C:\Users\Guest.Speldator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-27 15:58 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Guest.Speldator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-27 15:58 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Guest.Speldator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-27 15:58 - 2013-12-10 16:30 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Local\Microsoft Help
2015-05-27 15:58 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Guest.Speldator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-27 15:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Guest.Speldator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-26 14:58 - 2015-05-26 14:58 - 00000000 ____D () C:\Users\Max\SupTab
2015-05-20 19:40 - 2015-05-20 19:40 - 00000199 _____ () C:\Users\Max\Desktop\Counter-Strike Global Offensive.url
2015-05-17 22:15 - 2015-05-17 22:15 - 00000000 ____D () C:\Users\Max\AppData\Local\SCE
2015-05-16 18:11 - 2015-05-16 18:11 - 00000672 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2015-05-13 15:35 - 2015-03-13 02:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-13 15:33 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:33 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:33 - 2014-10-29 04:45 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:33 - 2014-10-29 04:44 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:33 - 2014-10-29 04:00 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:33 - 2014-10-29 04:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-12 18:31 - 2015-05-12 18:31 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{19DB6CFD-1B6C-4BE8-A999-864ECD4EF64C}
2015-05-12 07:46 - 2015-05-12 07:46 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Elex-tech
2015-05-12 07:45 - 2015-05-13 11:40 - 00000000 ____D () C:\Users\TEMP
2015-05-12 07:44 - 2015-05-27 15:59 - 00018475 _____ () C:\Windows\setupact.log
2015-05-12 07:44 - 2015-05-12 07:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-11 15:57 - 2015-05-11 16:00 - 00000000 ____D () C:\Users\Max\Desktop\hivbi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 16:40 - 2013-12-10 13:56 - 01377519 _____ () C:\Windows\WindowsUpdate.log
2015-05-27 16:29 - 2015-03-20 11:32 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-05-27 16:24 - 2014-12-31 01:52 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-05-27 16:16 - 2013-12-10 14:06 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-575746788-697084064-849044779-1001
2015-05-27 16:12 - 2014-01-16 16:41 - 00000000 ____D () C:\Users\Max\AppData\Roaming\newnext.me
2015-05-27 16:11 - 2015-03-27 15:33 - 00000000 ___RD () C:\Users\Max\OneDrive
2015-05-27 16:11 - 2014-09-30 23:55 - 00000000 ____D () C:\Users\Max\AppData\Local\TSVNCache
2015-05-27 16:11 - 2013-12-10 14:42 - 00001018 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-27 16:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-27 16:09 - 2013-12-10 14:42 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-27 16:06 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-27 16:01 - 2014-02-26 12:09 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2015-05-27 15:58 - 2013-12-10 14:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-27 15:58 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-27 15:41 - 2014-10-10 22:53 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2015-05-27 15:36 - 2013-12-10 19:56 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2015-05-27 15:29 - 2014-10-04 15:37 - 00000000 ____D () C:\Users\Max\AppData\Local\Adobe
2015-05-27 00:31 - 2013-12-10 14:08 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4F4FDDB-204B-425E-B40F-AE11F1AA6BA9}
2015-05-27 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-26 16:20 - 2013-12-10 19:00 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2015-05-26 15:21 - 2013-12-10 18:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2015-05-26 15:16 - 2013-12-10 15:52 - 00119824 _____ () C:\Windows\DirectX.log
2015-05-26 14:58 - 2013-12-10 14:01 - 00000000 ____D () C:\Users\Max
2015-05-24 23:14 - 2014-01-21 18:18 - 00000000 ____D () C:\Users\Max\AppData\Local\Battle.net
2015-05-24 01:03 - 2014-02-08 00:21 - 00000000 ____D () C:\Users\Max\Documents\Diablo III
2015-05-22 14:25 - 2013-12-10 14:01 - 00000000 ____D () C:\Users\Max\AppData\Local\Packages
2015-05-20 19:40 - 2014-01-12 14:50 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-17 11:41 - 2013-09-30 06:02 - 00051556 _____ () C:\Windows\PFRO.log
2015-05-14 02:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-14 01:25 - 2014-08-30 22:01 - 00000000 ____D () C:\Users\Max\Desktop\Everything
2015-05-13 11:45 - 2015-02-01 22:32 - 00000000 ____D () C:\Users\Max\AppData\Local\LogMeIn Hamachi
2015-05-02 03:10 - 2014-05-28 18:52 - 00000000 ____D () C:\Program Files (x86)\Razer

==================== Files in the root of some directories =======

2014-08-30 21:34 - 2014-12-20 18:55 - 0000004 _____ () C:\Users\Max\AppData\Roaming\appdataFr2.bin
2014-02-14 19:36 - 2014-02-14 19:36 - 0000049 _____ () C:\Users\Max\AppData\Roaming\Camdata.ini
2014-02-14 19:36 - 2014-02-14 19:36 - 0000408 _____ () C:\Users\Max\AppData\Roaming\CamLayout.ini
2014-02-14 19:36 - 2014-02-14 19:36 - 0000408 _____ () C:\Users\Max\AppData\Roaming\CamShapes.ini
2014-02-14 19:36 - 2014-02-14 19:36 - 0004538 _____ () C:\Users\Max\AppData\Roaming\CamStudio.cfg
2014-02-14 18:02 - 2014-02-14 18:02 - 0000096 _____ () C:\Users\Max\AppData\Roaming\version2.xml
2014-02-14 18:02 - 2014-03-31 21:01 - 0000083 _____ () C:\Users\Max\AppData\Roaming\WB.CFG
2014-10-04 16:35 - 2014-10-04 16:35 - 0000620 _____ () C:\ProgramData\StreamingMediaTechnologyLog.txt

Some files in TEMP:
====================
C:\Users\Max\AppData\Local\Temp\Firefox Setup Stub 38.0.1.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-06 23:09

==================== End of log ============================