Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan.MSIL Removed or not? [Closed]


  • This topic is locked This topic is locked

#1
mafiso

mafiso

    New Member

  • Member
  • Pip
  • 8 posts
I was holding on to MSE AV and not regret it and now i'm infected because if not getting proper anti virus software. My all antiviruses were disabled which was MSE at the time. Tried to install AVAST but said access denied in log file. But could install any other softwares so i did install norton, hitman pro, combo fix,tds killer.
Scanned for rootkit about 4 times with malwarebytes anti rootkit which after 2nd scan all anti rootkits were removed. After scanning with all proven methods hitman pro, malwarebytes, super anti spyware, emisoft scanner, rogue killer. My computer runs smooth now.
But i now i when install specificly avast it say "Side By side configuration inccorect" Could that be malware? Also i get prompted every time when opening software that might change anything in my computer like example steam even though my UAC is turned down to not prompt me. When i do tasks like Change priority for like an example Antivirus it say "Acces denied" But for other softwares feels fine.
Right now i'm using comodo anti virus and super anti spyware as my real time protection aswell hitman for scans when loading desktop
  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Hi mafiso, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):

  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Privet Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

Note: Please, bare in mind that I am still a trainee and my replies need to be reviewed by my teachers before I post them to you which requires time as both teachers and helpers are volunteers here. Take it as a good thing because now you have two people examining your problem. I really hope that we will be able to send you home with a smile on your face. :)

 

  • Step #1 Scan with OTL
  • Please download OldTimer's Listit from one of the following locations and save it to your Desktop.
    Download Link 1
    Download Link 2
    Downlaod LInk 3
  • Copy and Paste the following code inside the Custom Scans/Fixes box;
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    dir "%systemdrive%\*" /S /A:L /C
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button;
  • After the scan two logs will be produced;
  • Copy and paste the content of the logs in your next reply

 

  • Step #2 Scan with Farbar Service Scanner
    • Please download Farbar Service Scanner by Farbar to your Desktop from the link below.
      Download Link
    • Right-click and choose Run as Administrator;
    • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

  • Step #3 Scan with Security Check
    • Download Security Check by screen317 to your Desktop from any of the following location;
    • Link 1
    • Link 2
  • Right click on the program and choose Run as Administrator;
  • After the checking a log will appear;
  • Copy and Paste the content of the log in your next reply.

 

  • Required Log(s):
    • OldTimer's ListIt Logs --
    • OTL.txt;
    • Extras.txt
  • Farbar Service Scanner Log;
  • Security Check Log

Regards,
Valinorum
  • 0

#3
mafiso

mafiso

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
otl

OTL logfile created on: 2014.01.22. 16:24:33 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matīss\Desktop\anti virus
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000426 | Country: Latvija | Language: LVI | Date Format: yyyy.MM.dd.

7.98 Gb Total Physical Memory | 5.16 Gb Available Physical Memory | 64.58% Memory free
15.97 Gb Paging File | 12.06 Gb Available in Paging File | 75.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 161.03 Gb Total Space | 59.99 Gb Free Space | 37.25% Space Free | Partition Type: NTFS
Drive E: | 304.63 Gb Total Space | 15.54 Gb Free Space | 5.10% Space Free | Partition Type: NTFS

Computer Name: MAFISO-PC | User Name: Matīss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.18 08:53:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matīss\Desktop\anti virus\OTL.exe
PRC - [2014.01.16 06:50:18 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
PRC - [2014.01.15 13:23:00 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
PRC - [2014.01.08 13:22:04 | 002,098,880 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2014.01.07 23:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- E:\Games\Steam\Steam.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.11.06 19:07:36 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.07.08 09:42:48 | 001,922,600 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
PRC - [2013.07.08 09:42:38 | 001,798,696 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
PRC - [2013.05.02 07:39:04 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.10.09 01:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012.04.04 06:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012.03.20 03:09:04 | 000,051,568 | ---- | M] (Gridspot) -- C:\Program Files (x86)\Gridspot\GridspotService.exe
PRC - [2010.04.22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.07 23:00:22 | 001,138,088 | ---- | M] () -- E:\Games\Steam\bin\chromehtml.dll
MOD - [2014.01.07 06:05:53 | 000,399,640 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppgooglenaclpluginchrome.dll
MOD - [2014.01.07 06:05:52 | 013,615,896 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll
MOD - [2014.01.07 06:05:49 | 004,055,320 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
MOD - [2014.01.07 06:04:47 | 000,715,544 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\libglesv2.dll
MOD - [2014.01.07 06:04:46 | 000,100,120 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\libegl.dll
MOD - [2014.01.07 06:04:42 | 001,634,584 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll
MOD - [2013.12.13 00:19:40 | 000,142,848 | ---- | M] () -- E:\Games\Steam\libavresample-1.dll
MOD - [2013.12.13 00:04:18 | 020,625,832 | ---- | M] () -- E:\Games\Steam\bin\libcef.dll
MOD - [2013.12.13 00:04:14 | 000,716,800 | ---- | M] () -- E:\Games\Steam\SDL2.dll
MOD - [2013.11.05 03:12:06 | 000,890,592 | ---- | M] () -- E:\Games\Steam\libavutil-52.dll
MOD - [2013.06.15 01:49:12 | 001,100,800 | ---- | M] () -- E:\Games\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 01:49:12 | 000,192,000 | ---- | M] () -- E:\Games\Steam\bin\avformat-53.dll
MOD - [2013.06.15 01:49:12 | 000,124,416 | ---- | M] () -- E:\Games\Steam\bin\avutil-51.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.01.12 13:46:35 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2013.12.17 03:17:18 | 000,627,992 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2013.11.26 11:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.10.20 01:23:22 | 006,254,152 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013.10.11 00:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2013.10.08 14:52:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.09.24 10:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.01.19 08:54:13 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.01.16 06:50:18 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2014.01.15 13:23:00 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2014.01.08 13:22:04 | 002,098,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.11 21:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.11.06 19:07:36 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.07.08 09:42:48 | 001,922,600 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe -- (PanService)
SRV - [2013.05.27 20:28:22 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2012.11.14 21:02:20 | 000,744,856 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.06.15 00:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.29 18:00:41 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.03.20 03:09:04 | 000,051,568 | ---- | M] (Gridspot) [Auto | Running] -- C:\Program Files (x86)\Gridspot\GridspotService.exe -- (GridspotService)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.01.12 07:49:11 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014.01.12 05:53:02 | 000,089,304 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2013.11.12 02:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013.11.12 02:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013.11.12 02:16:02 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013.10.08 15:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.10.08 14:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.10.07 07:17:38 | 000,014,888 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hmd.sys -- (HMD)
DRV:64bit: - [2013.09.24 10:54:12 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013.07.05 10:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.05.07 09:00:18 | 000,037,976 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\SysNative\drivers\CFRMD.sys -- (CFRMD)
DRV:64bit: - [2013.04.14 10:37:25 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.21 19:38:38 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.09.16 09:12:58 | 000,032,360 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.06.15 15:11:20 | 000,058,472 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011.06.15 15:11:20 | 000,058,472 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011.06.15 15:11:20 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.03.07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.13 13:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.21 09:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.01 15:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005.07.01 10:22:56 | 000,322,560 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt61.sys -- (RT61)
DRV - [2014.01.14 00:14:18 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Run\cleanhlp64.sys -- (cleanhlp)
DRV - [2014.01.12 09:38:33 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.01.23 14:05:51 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.01.21 19:09:57 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2011.11.04 22:37:00 | 000,224,048 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- C:\Program Files (x86)\Gridspot\VMRuntime\VBoxDrv.sys -- (GridspotVMDriver)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = lv
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F 2D B9 57 A7 B2 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://yandex.ru/yan...t={searchTerms}
IE - HKCU\..\SearchScopes\{771515D4-A6D6-499b-8BC0-8000253EE5D0}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{FD3472A9-58CA-4bcf-A8EF-338F22454C1B}: "URL" = http://search.yahoo....evm&type=IEBDSV
IE - HKCU\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/pe...ms}&submitted=1
IE - HKCU\..\SearchScopes\Yandex: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.9.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Matīss\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@rising.com.cn/nprising: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@rising.com.cn/nprising: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Matīss\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Matīss\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Matīss\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.10.06 20:59:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.01.18 12:11:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012.04.13 14:55:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Extensions
[2012.04.13 14:55:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014.01.12 10:25:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Firefox\Profiles\spopmmy6.default\extensions
[2012.06.16 01:12:46 | 001,335,949 | ---- | M] () (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Firefox\Profiles\spopmmy6.default\extensions\[email protected]
[2014.01.12 10:25:02 | 000,537,103 | ---- | M] () (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Firefox\Profiles\spopmmy6.default\extensions\[email protected]
[2013.02.27 12:25:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.24 21:30:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.08 22:54:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.11.26 07:48:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\MATÄ«SS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SPOPMMY6.DEFAULT\EXTENSIONS\[email protected]
[2012.06.15 00:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Chrome\Application\32.0.1700.72\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Torrent Search Engine = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehgmagepaihhjelilbkmpciljjachng\2012.2.4.45053_0\
CHR - Extension: YouTube = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: AdBlock = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Window Top It = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jheacplmldofkoakhdajanmdfephkbln\1.3.0_0\
CHR - Extension: Adam's Virtual Guitar = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmglhglajnejdnihkcngheghkgpfign\2.0_0\
CHR - Extension: DEPRECATED: Virtual Keyboard (by Google) = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\
CHR - Extension: Ask Scooby - The Friendly Home Fitness & Bodybuilding Forum - Index = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdnabimnnafoadoefkgaidaapibcmkk\2012.2.4.45056_0\
CHR - Extension: Google Wallet = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: draugiem.lv = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnchogakeidplncghlgnhifcchoikaal\2012.3.13.39348_0\

O1 HOSTS File: ([2013.09.03 17:19:52 | 000,000,833 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [PrivDogService] C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe (AdTrustMedia)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCOM Utilities.url ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9:64bit: - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5E0648E-4B37-421B-84C4-0AF621073A58}: DhcpNameServer = 195.122.12.241 80.232.230.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFC70417-750C-4980-80DB-99C84DBCA66F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFC70417-750C-4980-80DB-99C84DBCA66F}: NameServer = 156.154.70.22,156.154.71.22
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014.01.21 09:50:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2014.01.18 11:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.01.18 11:57:26 | 091,412,976 | ---- | C] (AVAST Software) -- C:\Users\Matīss\Desktop\avast_free_antivirus_setup.exe
[2014.01.18 08:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DATA
[2014.01.18 08:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\defs
[2014.01.18 08:55:43 | 000,380,456 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashWebSv.dll
[2014.01.18 08:55:43 | 000,179,648 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt64.dll
[2014.01.18 08:55:43 | 000,164,144 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt.dll
[2014.01.18 08:55:43 | 000,087,424 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashWsFtr.dll
[2014.01.18 08:55:43 | 000,033,856 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResWS2.dll
[2014.01.18 08:55:42 | 000,543,184 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\RegSvr64.exe
[2014.01.18 08:55:42 | 000,506,616 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\RegSvr32.exe
[2014.01.18 08:55:42 | 000,439,696 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\asOutExt64.dll
[2014.01.18 08:55:42 | 000,410,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashMaiSv.dll
[2014.01.18 08:55:42 | 000,409,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\asOutExt.dll
[2014.01.18 08:55:42 | 000,331,576 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\SetupInf64.exe
[2014.01.18 08:55:42 | 000,275,920 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResWS.dll
[2014.01.18 08:55:42 | 000,169,824 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhAScr.dll
[2014.01.18 08:55:42 | 000,153,856 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResStd.dll
[2014.01.18 08:55:42 | 000,121,408 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswRunDll.exe
[2014.01.18 08:55:42 | 000,060,680 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResMai.dll
[2014.01.18 08:55:40 | 000,448,936 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswStreamFilter.dll
[2014.01.18 08:55:40 | 000,332,576 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\snxhk64.dll
[2014.01.18 08:55:40 | 000,287,280 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashShA64.dll
[2014.01.18 08:55:40 | 000,272,800 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\snxhk.dll
[2014.01.18 08:55:40 | 000,269,312 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\ssleay32.dll
[2014.01.18 08:55:40 | 000,231,672 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswProperty64.dll
[2014.01.18 08:55:40 | 000,168,336 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AavmRpch64.dll
[2014.01.18 08:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\License
[2014.01.18 08:55:39 | 001,176,064 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\libeay32.dll
[2014.01.18 08:55:38 | 000,090,496 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\sched.exe
[2014.01.18 08:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\resources
[2014.01.18 08:55:33 | 006,289,024 | ---- | C] (The ICU Project) -- C:\Program Files (x86)\icudt.dll
[2014.01.18 08:55:33 | 001,080,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\dbghelp.dll
[2014.01.18 08:55:33 | 000,392,816 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\avastSS.dll
[2014.01.18 08:55:33 | 000,069,384 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\avastIP.dll
[2014.01.18 08:55:33 | 000,032,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswW8ntf.dll
[2014.01.18 08:55:33 | 000,022,544 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswVmm.dll
[2014.01.18 08:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\locales
[2014.01.18 08:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\flash
[2014.01.18 08:55:32 | 000,544,744 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswSqLt.dll
[2014.01.18 08:55:32 | 000,393,328 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswStrm.dll
[2014.01.18 08:55:32 | 000,241,936 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswLog.dll
[2014.01.18 08:55:32 | 000,211,536 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswProperty.dll
[2014.01.18 08:55:32 | 000,078,160 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswLSRun.dll
[2014.01.18 08:55:32 | 000,072,504 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswResourceLib.dll
[2014.01.18 08:55:32 | 000,044,664 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswRvrt.dll
[2014.01.18 08:55:32 | 000,044,152 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswUtil.dll
[2014.01.18 08:55:32 | 000,025,616 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswRemoteCache.dll
[2014.01.18 08:55:32 | 000,014,832 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswIdle.dll
[2014.01.18 08:55:31 | 000,944,920 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswAux.dll
[2014.01.18 08:55:31 | 000,403,640 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCommChannel.dll
[2014.01.18 08:55:31 | 000,361,416 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCmnBS.dll
[2014.01.18 08:55:31 | 000,323,312 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswData.dll
[2014.01.18 08:55:31 | 000,270,264 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCmnIS.dll
[2014.01.18 08:55:31 | 000,124,528 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCmnOS.dll
[2014.01.18 08:55:31 | 000,123,456 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswDld.dll
[2014.01.18 08:55:31 | 000,081,768 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswChLic.exe
[2014.01.18 08:55:31 | 000,062,728 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswEngLdr.dll
[2014.01.18 08:55:30 | 003,796,984 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\CommonRes.dll
[2014.01.18 08:55:30 | 000,630,264 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashBase.dll
[2014.01.18 08:55:30 | 000,335,648 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashTask.dll
[2014.01.18 08:55:30 | 000,330,528 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashServ.dll
[2014.01.18 08:55:30 | 000,259,464 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashShell.dll
[2014.01.18 08:55:30 | 000,230,576 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\VisthAux.exe
[2014.01.18 08:55:30 | 000,161,072 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashUpd.exe
[2014.01.18 08:55:30 | 000,104,416 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashQuick.exe
[2014.01.18 08:55:30 | 000,078,696 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashTaskEx.dll
[2014.01.18 08:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Certificates
[2014.01.18 08:55:29 | 003,764,024 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastUI.exe
[2014.01.18 08:55:29 | 001,453,776 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\Aavm4h.dll
[2014.01.18 08:55:29 | 000,765,176 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastEmUpdate.exe
[2014.01.18 08:55:29 | 000,168,776 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AavmRpch.dll
[2014.01.18 08:55:29 | 000,069,944 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvSSHook.dll
[2014.01.18 08:55:29 | 000,050,344 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastSvc.exe
[2014.01.18 08:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1033
[2014.01.18 08:55:28 | 001,372,864 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE64.dll
[2014.01.18 08:55:28 | 001,138,536 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE.dll
[2014.01.18 08:55:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebRep
[2014.01.18 08:55:02 | 001,376,496 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswPatchMgt.dll
[2014.01.18 08:55:02 | 000,027,080 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\asulaunch.exe
[2014.01.18 08:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenVPN
[2014.01.18 08:54:59 | 006,523,888 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswJSScan.dll
[2014.01.18 08:54:59 | 000,143,056 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastGUIProxy64.dll
[2014.01.18 08:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RescueDisk
[2014.01.18 08:54:54 | 001,972,848 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastBCL-Sfx.exe
[2014.01.18 08:54:54 | 000,071,992 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswAraSr.exe
[2014.01.18 08:54:53 | 001,440,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswAra.dll
[2014.01.18 08:54:47 | 001,093,216 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\avBugReport.exe
[2014.01.18 08:54:45 | 003,167,112 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\HTMLayout.dll
[2014.01.18 08:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\setup
[2014.01.14 17:39:33 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014.01.14 17:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\VS
[2014.01.14 17:19:49 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\cfxttgyj.sys
[2014.01.14 16:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\cerams palidzes Software
[2014.01.14 16:38:15 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Users\Matīss\Desktop\aswclear.exe
[2014.01.14 15:23:14 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\secrestore
[2014.01.14 15:17:12 | 000,370,256 | ---- | C] (Afterdawn.com) -- C:\Users\Matīss\Desktop\SecRes-0-3-2-322zip.exe
[2014.01.14 15:13:23 | 000,361,185 | ---- | C] (Farbar) -- C:\Users\Matīss\Desktop\FSS.exe
[2014.01.14 14:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.01.14 14:19:50 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.01.14 13:42:55 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014.01.14 13:42:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014.01.14 06:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Languages
[2014.01.14 06:36:45 | 001,593,776 | ---- | C] (Emsisoft GmbH) -- C:\Program Files (x86)\start.exe
[2014.01.14 06:36:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Run
[2014.01.14 06:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014.01.13 19:37:55 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys.bak
[2014.01.13 19:03:37 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\anti virus
[2014.01.13 19:03:29 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys
[2014.01.13 13:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014.01.13 10:38:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2014.01.12 15:17:13 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\RK_Quarantine
[2014.01.12 14:19:22 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2014.01.12 13:56:52 | 000,000,000 | -H-D | C] -- C:\VTRoot
[2014.01.12 13:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014.01.12 13:15:39 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\SUPERAntiSpyware.com
[2014.01.12 13:15:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014.01.12 13:14:54 | 000,023,168 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys.bak
[2014.01.12 13:14:53 | 000,037,976 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\CFRMD.sys.bak
[2014.01.12 13:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014.01.12 13:14:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014.01.12 13:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014.01.12 10:26:54 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2014.01.12 10:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\AdTrustMedia
[2014.01.12 10:24:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdTrustMedia
[2014.01.12 10:23:34 | 000,048,392 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2014.01.12 10:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2014.01.12 10:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2014.01.12 10:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2014.01.12 10:20:50 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\Comodo
[2014.01.12 10:20:49 | 000,000,000 | ---D | C] -- C:\first_launch
[2014.01.12 10:20:48 | 000,057,096 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2014.01.12 10:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2014.01.12 10:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2014.01.12 09:38:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.01.12 08:45:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.01.12 08:45:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.01.12 08:45:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.01.12 08:44:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.12 08:43:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.01.12 08:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.01.12 08:01:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.01.12 08:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.01.12 07:51:40 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\TuneUp Software
[2014.01.12 07:51:20 | 000,251,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2014.01.12 07:51:20 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2014.01.12 07:51:20 | 000,031,544 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2014.01.12 07:51:19 | 000,123,704 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2014.01.12 07:51:18 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
[2014.01.12 07:51:18 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2014.01.12 07:51:17 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
[2014.01.12 07:51:17 | 000,194,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
[2014.01.12 07:51:17 | 000,057,144 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys.bak
[2014.01.12 07:51:16 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
[2014.01.12 07:49:30 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014.01.12 06:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014.01.12 06:28:30 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys.bak
[2014.01.12 06:28:29 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys.bak
[2014.01.12 06:27:43 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys.bak
[2014.01.12 06:27:39 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2014.01.12 06:27:28 | 000,564,792 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2014.01.12 06:27:16 | 000,038,992 | ---- | C] (Screaming Bee LLC) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys.bak
[2014.01.12 06:27:12 | 000,058,472 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys.bak
[2014.01.12 06:27:12 | 000,032,360 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys.bak
[2014.01.12 06:27:11 | 000,027,136 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys.bak
[2014.01.12 06:27:05 | 000,413,800 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014.01.12 06:27:04 | 000,322,560 | ---- | C] (Ralink Technology Inc.) -- C:\Windows\SysNative\drivers\rt61.sys.bak
[2014.01.12 06:26:22 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2014.01.12 06:25:58 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys.bak
[2014.01.12 06:25:57 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys.bak
[2014.01.12 06:25:54 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.12 06:25:32 | 000,014,136 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys.bak
[2014.01.12 06:25:24 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.12 06:25:02 | 000,065,280 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys.bak
[2014.01.12 06:25:01 | 000,040,832 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys.bak
[2014.01.12 06:24:50 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014.01.12 06:23:45 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.12 03:59:04 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\rkill
[2014.01.12 03:47:08 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.01.12 03:41:59 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\MFAData
[2014.01.12 03:41:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014.01.12 03:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Heal PCTuner
[2014.01.12 03:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Heal
[2014.01.12 03:08:54 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.12 02:47:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.12 02:46:32 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.01.10 21:55:36 | 000,000,000 | ---D | C] -- C:\{$6591-1999-7731-3088$}
[2014.01.05 15:42:14 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\PDAppFlex
[2014.01.03 18:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REVisionEffects
[2014.01.03 15:21:58 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
[2014.01.03 15:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2014.01.03 15:21:50 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys
[2014.01.03 15:21:42 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys
[2014.01.03 15:21:42 | 000,014,136 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys
[2014.01.02 16:10:59 | 000,000,000 | ---D | C] -- C:\Users\Matīss\.thumbnails
[2014.01.02 01:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIX Networks
[2014.01.02 01:00:53 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\Play withSIX
[2014.01.02 01:00:53 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\Play withSIX
[2013.12.31 16:47:45 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\LeoCAD
[2013.12.31 16:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeoCAD
[2013.12.31 00:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SR 3D Builder
[2013.12.31 00:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SR 3D Builder
[2013.12.30 20:04:18 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDraw
[2013.12.30 19:57:25 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Documents\LDraw
[2013.12.30 19:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LDraw
[2013.12.30 19:56:38 | 000,000,000 | ---D | C] -- C:\Windows\LDraw
[2013.12.28 17:47:03 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\Rising
[2013.12.26 16:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rising Software Deployment System
[9 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.22 16:24:15 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2014.01.22 16:14:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.22 14:47:47 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.22 14:47:47 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.22 13:16:00 | 000,000,512 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 2e53fba8-f967-4d39-8463-42ce5b4a42d5.job
[2014.01.22 11:04:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.22 11:04:16 | 2134,302,719 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.21 18:00:05 | 000,000,512 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 9f4b6907-b40a-4e95-9271-a449d3baf0e1.job
[2014.01.21 09:50:13 | 000,001,981 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2014.01.21 09:50:13 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2014.01.20 17:01:06 | 004,122,965 | ---- | M] () -- C:\Users\Matīss\Desktop\Helium_Frog_2_06.zip
[2014.01.18 12:30:09 | 000,002,180 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.01.18 11:58:30 | 091,412,976 | ---- | M] (AVAST Software) -- C:\Users\Matīss\Desktop\avast_free_antivirus_setup.exe
[2014.01.18 11:52:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014.01.18 08:55:43 | 000,380,456 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashWebSv.dll
[2014.01.18 08:55:43 | 000,179,648 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt64.dll
[2014.01.18 08:55:43 | 000,164,144 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt.dll
[2014.01.18 08:55:43 | 000,087,424 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashWsFtr.dll
[2014.01.18 08:55:43 | 000,033,856 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResWS2.dll
[2014.01.18 08:55:42 | 000,543,184 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\RegSvr64.exe
[2014.01.18 08:55:42 | 000,506,616 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\RegSvr32.exe
[2014.01.18 08:55:42 | 000,439,696 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\asOutExt64.dll
[2014.01.18 08:55:42 | 000,410,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashMaiSv.dll
[2014.01.18 08:55:42 | 000,409,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\asOutExt.dll
[2014.01.18 08:55:42 | 000,331,576 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\SetupInf64.exe
[2014.01.18 08:55:42 | 000,275,920 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResWS.dll
[2014.01.18 08:55:42 | 000,169,824 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhAScr.dll
[2014.01.18 08:55:42 | 000,153,856 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResStd.dll
[2014.01.18 08:55:42 | 000,121,408 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswRunDll.exe
[2014.01.18 08:55:42 | 000,060,680 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResMai.dll
[2014.01.18 08:55:40 | 001,176,064 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\libeay32.dll
[2014.01.18 08:55:40 | 000,448,936 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswStreamFilter.dll
[2014.01.18 08:55:40 | 000,332,576 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\snxhk64.dll
[2014.01.18 08:55:40 | 000,287,280 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashShA64.dll
[2014.01.18 08:55:40 | 000,272,800 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\snxhk.dll
[2014.01.18 08:55:40 | 000,269,312 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\ssleay32.dll
[2014.01.18 08:55:40 | 000,231,672 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswProperty64.dll
[2014.01.18 08:55:40 | 000,168,336 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AavmRpch64.dll
[2014.01.18 08:55:39 | 000,055,512 | ---- | M] () -- C:\Program Files (x86)\CrtCheck32.dll
[2014.01.18 08:55:38 | 000,090,496 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\sched.exe
[2014.01.18 08:55:33 | 019,336,120 | ---- | M] () -- C:\Program Files (x86)\libcef.dll
[2014.01.18 08:55:33 | 006,289,024 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\icudt.dll
[2014.01.18 08:55:33 | 000,392,816 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\avastSS.dll
[2014.01.18 08:55:33 | 000,069,384 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\avastIP.dll
[2014.01.18 08:55:33 | 000,032,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswW8ntf.dll
[2014.01.18 08:55:33 | 000,022,544 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswVmm.dll
[2014.01.18 08:55:32 | 000,544,744 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswSqLt.dll
[2014.01.18 08:55:32 | 000,393,328 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswStrm.dll
[2014.01.18 08:55:32 | 000,241,936 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswLog.dll
[2014.01.18 08:55:32 | 000,211,536 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswProperty.dll
[2014.01.18 08:55:32 | 000,078,160 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswLSRun.dll
[2014.01.18 08:55:32 | 000,072,504 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswResourceLib.dll
[2014.01.18 08:55:32 | 000,062,728 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswEngLdr.dll
[2014.01.18 08:55:32 | 000,044,664 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswRvrt.dll
[2014.01.18 08:55:32 | 000,044,152 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswUtil.dll
[2014.01.18 08:55:32 | 000,025,616 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswRemoteCache.dll
[2014.01.18 08:55:32 | 000,014,832 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswIdle.dll
[2014.01.18 08:55:31 | 000,944,920 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswAux.dll
[2014.01.18 08:55:31 | 000,403,640 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCommChannel.dll
[2014.01.18 08:55:31 | 000,361,416 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCmnBS.dll
[2014.01.18 08:55:31 | 000,323,312 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswData.dll
[2014.01.18 08:55:31 | 000,270,264 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCmnIS.dll
[2014.01.18 08:55:31 | 000,124,528 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCmnOS.dll
[2014.01.18 08:55:31 | 000,123,456 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswDld.dll
[2014.01.18 08:55:31 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswChLic.exe
[2014.01.18 08:55:30 | 003,796,984 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\CommonRes.dll
[2014.01.18 08:55:30 | 000,630,264 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashBase.dll
[2014.01.18 08:55:30 | 000,335,648 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashTask.dll
[2014.01.18 08:55:30 | 000,330,528 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashServ.dll
[2014.01.18 08:55:30 | 000,259,464 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashShell.dll
[2014.01.18 08:55:30 | 000,230,576 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\VisthAux.exe
[2014.01.18 08:55:30 | 000,161,072 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashUpd.exe
[2014.01.18 08:55:30 | 000,104,416 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashQuick.exe
[2014.01.18 08:55:30 | 000,078,696 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashTaskEx.dll
[2014.01.18 08:55:29 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastUI.exe
[2014.01.18 08:55:29 | 001,453,776 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\Aavm4h.dll
[2014.01.18 08:55:29 | 000,765,176 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastEmUpdate.exe
[2014.01.18 08:55:29 | 000,168,776 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AavmRpch.dll
[2014.01.18 08:55:29 | 000,069,944 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvSSHook.dll
[2014.01.18 08:55:29 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastSvc.exe
[2014.01.18 08:55:28 | 001,372,864 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE64.dll
[2014.01.18 08:55:28 | 001,138,536 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE.dll
[2014.01.18 08:55:02 | 001,376,496 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswPatchMgt.dll
[2014.01.18 08:55:02 | 000,027,080 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\asulaunch.exe
[2014.01.18 08:54:59 | 006,523,888 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswJSScan.dll
[2014.01.18 08:54:59 | 000,143,056 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastGUIProxy64.dll
[2014.01.18 08:54:59 | 000,078,785 | ---- | M] () -- C:\Program Files (x86)\aswSidebar.gadget
[2014.01.18 08:54:54 | 001,972,848 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastBCL-Sfx.exe
[2014.01.18 08:54:54 | 001,440,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswAra.dll
[2014.01.18 08:54:54 | 000,071,992 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswAraSr.exe
[2014.01.18 08:54:54 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\screenhooks32.dll
[2014.01.18 08:50:57 | 003,167,112 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\HTMLayout.dll
[2014.01.18 08:50:55 | 001,093,216 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\avBugReport.exe
[2014.01.16 18:14:49 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.01.16 04:52:54 | 004,947,976 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.15 08:19:29 | 001,056,768 | ---- | M] () -- C:\Windows\SysNative\defltbase.sdb
[2014.01.14 17:42:42 | 000,779,620 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.01.14 17:42:42 | 000,663,022 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.14 17:42:42 | 000,126,152 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.14 17:42:25 | 000,779,620 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.14 17:19:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\cfxttgyj.sys
[2014.01.14 16:38:17 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Users\Matīss\Desktop\aswclear.exe
[2014.01.14 15:17:28 | 000,370,256 | ---- | M] (Afterdawn.com) -- C:\Users\Matīss\Desktop\SecRes-0-3-2-322zip.exe
[2014.01.14 15:13:27 | 000,361,185 | ---- | M] (Farbar) -- C:\Users\Matīss\Desktop\FSS.exe
[2014.01.14 15:09:52 | 000,628,779 | ---- | M] () -- C:\Users\Matīss\Desktop\GrantPerms64.zip
[2014.01.14 14:51:30 | 000,377,856 | ---- | M] () -- C:\Users\Matīss\Desktop\43pfhzoq.exe
[2014.01.14 13:43:02 | 000,002,171 | ---- | M] () -- C:\Users\Matīss\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2014.01.14 13:41:59 | 005,048,198 | ---- | M] () -- C:\Users\Matīss\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2014.01.14 00:14:34 | 000,000,060 | ---- | M] () -- C:\Program Files (x86)\CommandlineScanner.bat
[2014.01.14 00:14:26 | 001,593,776 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\start.exe
[2014.01.14 00:14:22 | 000,000,112 | ---- | M] () -- C:\Program Files (x86)\autorun.inf
[2014.01.14 00:14:16 | 000,000,056 | ---- | M] () -- C:\Program Files (x86)\EmergencyKitScanner.bat
[2014.01.13 19:38:21 | 000,090,424 | ---- | M] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys.bak
[2014.01.13 19:38:21 | 000,015,160 | ---- | M] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys.bak
[2014.01.13 19:38:13 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2014.01.13 19:38:13 | 000,031,232 | ---- | M] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys.bak
[2014.01.13 19:38:11 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2014.01.13 19:38:09 | 000,058,472 | ---- | M] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys.bak
[2014.01.13 19:38:09 | 000,038,992 | ---- | M] (Screaming Bee LLC) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys.bak
[2014.01.13 19:38:09 | 000,032,360 | ---- | M] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys.bak
[2014.01.13 19:38:09 | 000,027,136 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys.bak
[2014.01.13 19:38:08 | 000,413,800 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014.01.13 19:38:07 | 000,322,560 | ---- | M] (Ralink Technology Inc.) -- C:\Windows\SysNative\drivers\rt61.sys.bak
[2014.01.13 19:38:01 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2014.01.13 19:37:56 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys.bak
[2014.01.13 19:37:55 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys.bak
[2014.01.13 19:37:55 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys.bak
[2014.01.13 19:37:55 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014.01.13 19:37:54 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.13 19:37:51 | 000,014,888 | ---- | M] () -- C:\Windows\SysNative\drivers\hmd.sys.bak
[2014.01.13 19:37:51 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys.bak
[2014.01.13 19:37:50 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.13 19:37:48 | 000,065,280 | ---- | M] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys.bak
[2014.01.13 19:37:48 | 000,040,832 | ---- | M] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys.bak
[2014.01.13 19:37:46 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014.01.13 19:37:44 | 000,037,976 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\CFRMD.sys.bak
[2014.01.13 19:37:44 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys.bak
[2014.01.13 19:37:41 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2014.01.13 19:37:38 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.13 19:37:38 | 000,021,104 | ---- | M] () -- C:\Windows\SysNative\drivers\AppleCharger.sys.bak
[2014.01.13 19:03:29 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys
[2014.01.12 14:50:16 | 000,063,972 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2014.01.12 14:19:22 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2014.01.12 13:17:47 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.old
[2014.01.12 12:54:23 | 000,002,573 | ---- | M] () -- C:\Users\Matīss\Desktop\Google Chrome.lnk
[2014.01.12 10:23:34 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2014.01.12 10:23:34 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2014.01.12 07:59:26 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014.01.12 07:51:20 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2014.01.12 07:51:20 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2014.01.12 07:51:20 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2014.01.12 07:51:19 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
[2014.01.12 07:51:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2014.01.12 07:51:18 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
[2014.01.12 07:51:17 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
[2014.01.12 07:51:17 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
[2014.01.12 07:51:17 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys.bak
[2014.01.12 07:49:11 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014.01.12 05:53:02 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.01.12 03:21:11 | 000,000,053 | ---- | M] () -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCOM Utilities.url
[2014.01.03 18:37:49 | 000,016,245 | ---- | M] () -- C:\Users\Matīss\AppData\Local\recently-used.xbel
[2014.01.03 15:21:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
[2014.01.03 15:21:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf
[9 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.21 09:50:13 | 000,001,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2014.01.21 09:50:13 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2014.01.20 17:00:59 | 004,122,965 | ---- | C] () -- C:\Users\Matīss\Desktop\Helium_Frog_2_06.zip
[2014.01.18 12:01:32 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.01.18 08:55:39 | 000,055,512 | ---- | C] () -- C:\Program Files (x86)\CrtCheck32.dll
[2014.01.18 08:55:33 | 019,336,120 | ---- | C] () -- C:\Program Files (x86)\libcef.dll
[2014.01.18 08:54:59 | 000,078,785 | ---- | C] () -- C:\Program Files (x86)\aswSidebar.gadget
[2014.01.18 08:54:54 | 000,027,744 | ---- | C] () -- C:\Program Files (x86)\screenhooks32.dll
[2014.01.15 08:19:26 | 001,056,768 | ---- | C] () -- C:\Windows\SysNative\defltbase.sdb
[2014.01.14 15:09:46 | 000,628,779 | ---- | C] () -- C:\Users\Matīss\Desktop\GrantPerms64.zip
[2014.01.14 14:51:18 | 000,377,856 | ---- | C] () -- C:\Users\Matīss\Desktop\43pfhzoq.exe
[2014.01.14 13:43:02 | 000,002,171 | ---- | C] () -- C:\Users\Matīss\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2014.01.14 13:41:51 | 005,048,198 | ---- | C] () -- C:\Users\Matīss\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2014.01.14 06:36:44 | 000,000,112 | ---- | C] () -- C:\Program Files (x86)\autorun.inf
[2014.01.14 06:36:44 | 000,000,060 | ---- | C] () -- C:\Program Files (x86)\CommandlineScanner.bat
[2014.01.14 06:36:44 | 000,000,056 | ---- | C] () -- C:\Program Files (x86)\EmergencyKitScanner.bat
[2014.01.12 13:56:51 | 000,063,972 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2014.01.12 13:16:46 | 000,000,512 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 9f4b6907-b40a-4e95-9271-a449d3baf0e1.job
[2014.01.12 13:16:17 | 000,000,512 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 2e53fba8-f967-4d39-8463-42ce5b4a42d5.job
[2014.01.12 13:15:03 | 000,014,888 | ---- | C] () -- C:\Windows\SysNative\drivers\hmd.sys.bak
[2014.01.12 10:28:17 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2014.01.12 08:45:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.01.12 08:45:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.01.12 08:45:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.01.12 08:45:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.01.12 08:45:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.01.12 06:23:48 | 000,021,104 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys.bak
[2014.01.12 02:03:43 | 000,000,053 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCOM Utilities.url
[2014.01.06 17:09:56 | 000,001,200 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2014.01.06 17:05:03 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2014.01.05 15:32:10 | 000,001,319 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
[2014.01.05 15:30:49 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2014.01.05 15:30:17 | 000,001,531 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2014.01.05 15:30:09 | 000,001,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
[2014.01.05 15:28:22 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2014.01.03 18:37:49 | 000,016,245 | ---- | C] () -- C:\Users\Matīss\AppData\Local\recently-used.xbel
[2014.01.03 15:21:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
[2014.01.03 15:21:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf
[2013.12.31 16:45:11 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeoCAD.lnk
[2013.12.31 00:55:31 | 000,000,078 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SR 3D BuilderSR 3D Builder.url
[2013.11.06 14:53:46 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.10.08 09:45:08 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013.08.05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013.08.05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2013.06.25 18:42:30 | 000,000,662 | ---- | C] () -- C:\Windows\wininit.ini
[2013.06.09 15:28:08 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2013.06.09 15:28:08 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2013.06.05 00:51:06 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.06.05 00:51:06 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.06.05 00:03:28 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.06.05 00:03:28 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.05.29 23:45:06 | 000,001,141 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\BreakingPoint_Options.ini
[2013.02.26 15:24:01 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013.02.17 09:39:19 | 000,086,190 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\icarus-dxdiag.xml
[2013.01.16 20:59:47 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2013.01.15 15:43:09 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.01.15 15:43:09 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.01.15 15:43:09 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.01.15 15:43:08 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.01.15 15:43:03 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.01.13 12:43:07 | 000,001,045 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\gmic_sources.cimgz
[2012.12.28 23:04:22 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.12.02 22:58:01 | 000,000,044 | ---- | C] () -- C:\Windows\con_32825205.ini
[2012.10.30 21:51:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.10.18 14:16:44 | 000,007,609 | ---- | C] () -- C:\Users\Matīss\AppData\Local\Resmon.ResmonCfg
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.07.02 22:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll
[2012.06.16 00:37:34 | 000,000,000 | ---- | C] () -- C:\Users\Matīss\dekstop
[2012.06.11 14:06:45 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.06.01 12:50:36 | 000,002,426 | ---- | C] () -- C:\Users\Matīss\AppData\Local\Temppenciltemp.png
[2012.05.03 18:30:38 | 000,000,435 | ---- | C] () -- C:\Windows\SysWow64\settings.ini
[2012.04.29 15:59:52 | 000,779,620 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.04 08:42:33 | 000,000,153 | ---- | C] () -- C:\Users\Matīss\.gtkrc-2.0
[2012.02.15 15:29:51 | 000,122,044 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.02.09 17:12:06 | 000,000,132 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.02.08 18:32:04 | 000,000,132 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.02.04 21:58:43 | 000,000,023 | ---- | C] () -- C:\Windows\SWFDecompiler.INI
[2012.02.04 20:42:54 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012.02.03 05:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll
[2012.01.29 13:14:00 | 000,000,132 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.01.25 22:26:44 | 000,291,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.01.25 22:26:40 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.23 13:58:42 | 000,000,632 | RHS- | C] () -- C:\Users\Matīss\ntuser.pol

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.06.24 21:56:21 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\.minecraft
[2014.01.14 09:46:40 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ArmA II Launcher
[2014.01.19 19:30:52 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Audacity
[2014.01.10 21:56:07 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Awesomium
[2012.06.08 13:25:58 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\BANDISOFT
[2012.04.04 15:00:54 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Blender Foundation
[2013.12.08 23:27:21 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Build and Shoot
[2012.09.22 17:35:24 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.01.22 14:20:53 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.05.21 18:30:40 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1
[2013.12.14 22:40:37 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\DAEMON Tools Lite
[2012.01.21 19:23:14 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\DAEMON Tools Pro
[2013.02.23 02:40:55 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Dev-Cpp
[2012.03.18 22:53:49 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\DVDVideoSoft
[2013.08.22 18:35:51 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\eM Client
[2013.10.03 21:33:35 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\FlowStone
[2013.11.19 19:51:21 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\foobar2000
[2012.04.13 14:55:39 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Greyfirst
[2012.11.23 09:59:07 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\gtk-2.0
[2013.01.15 11:25:09 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\HandBrake
[2013.06.08 16:16:29 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\HoolappForAndroid
[2012.04.07 11:25:15 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Image-Line
[2013.09.14 16:51:18 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ImgBurn
[2013.07.24 23:28:06 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\L4D2AOI
[2013.11.22 02:36:09 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\library_dir
[2012.01.31 22:21:37 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\LolClient
[2012.05.26 00:21:53 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\LolClient2
[2013.11.26 22:27:25 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Mount&Blade Warband
[2012.05.31 20:32:47 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\MPEG Streamclip
[2013.06.04 21:47:26 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Mumble
[2013.01.13 17:05:59 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Notepad++
[2013.12.17 21:42:41 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\OBS
[2012.01.21 18:39:50 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Opera
[2013.11.06 00:07:42 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Origin
[2012.02.04 20:42:54 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\PACE Anti-Piracy
[2014.01.05 15:42:14 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\PDAppFlex
[2014.01.02 01:01:16 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Play withSIX
[2012.03.14 17:40:22 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Publish Providers
[2013.02.07 03:24:39 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\raidcall
[2014.01.10 21:56:08 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Raptr
[2012.12.12 04:52:32 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Screaming Bee
[2013.03.08 02:20:14 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SecondLife
[2013.10.03 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SIX Networks
[2013.09.28 18:11:18 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\six-updater
[2013.09.28 17:57:23 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\six-zsync
[2012.02.16 19:51:46 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Smith Micro
[2014.01.10 21:56:08 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Sony
[2012.06.06 00:09:15 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Sony Creative Software Inc
[2013.04.10 06:05:13 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Spirited Machine
[2012.05.26 22:58:44 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SYSTEMAX Software Development
[2013.04.15 15:48:01 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SystemRequirementsLab
[2012.03.29 18:00:48 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Toon Boom Animation
[2014.01.07 16:16:52 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\TS3Client
[2013.03.04 15:25:49 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ts3overlay
[2013.01.28 17:59:00 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ts3overlay_hook_win64
[2014.01.12 07:51:40 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\TuneUp Software
[2012.12.10 03:53:00 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Tunngle
[2013.11.25 19:54:45 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Unity
[2014.01.22 16:35:23 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\uTorrent
[2012.05.21 18:27:06 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Wacom
[2012.05.21 18:28:52 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013.08.31 15:08:20 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009.07.14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013.02.27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009.07.14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010.11.21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010.11.21 05:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009.07.14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009.07.14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010.11.21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010.11.21 05:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010.11.21 05:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011.03.03 08:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009.07.14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009.07.14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009.07.14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009.07.14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010.11.21 05:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009.07.14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009.07.14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009.07.14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009.07.14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009.07.14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012.10.03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009.07.14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011.05.24 13:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012.02.11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009.07.14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010.11.21 05:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010.11.21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010.11.21 05:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009.07.14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010.11.21 05:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010.11.21 05:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010.11.21 05:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010.11.21 05:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010.11.21 05:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010.11.21 05:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009.07.14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012.05.01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010.11.21 05:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010.11.21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010.11.21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010.11.21 05:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.11.21 05:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010.11.21 05:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010.11.21 05:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010.11.21 05:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010.11.21 05:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009.07.14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012.06.03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010.11.21 05:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009.07.14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010.11.21 05:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< dir "%systemdrive%\*" /S /A:L /C >
No captured output from command...

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012.06.08 01:19:10 | 000,004,608 | ---- | M] () MD5=181066E31AD20869CF049262A0DB0BC2 -- C:\Users\Matīss\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v049D98E1\Native\STUBEXE\@[email protected]\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES >
[2009.06.10 23:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012.09.23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013.12.21 08:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010.11.21 09:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010.11.21 09:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009.07.14 06:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009.07.14 06:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2013.09.07 12:55:38 | 000,000,763 | ---- | M] () MD5=34F6F076626C882382D9B176405ACE26 -- C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\FJTCFTF5\mochiads.com\services.mochiads.com.sol
[2013.10.05 12:40:50 | 000,000,665 | ---- | M] () MD5=8963B86D64E1BBB4C697E049FF7D949C -- C:\Users\Emīlija\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\267UX6PQ\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2009.06.10 22:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009.06.10 22:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010.11.21 09:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009.06.10 22:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010.11.21 09:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009.06.10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010.11.21 09:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009.06.10 22:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010.11.21 09:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009.06.10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2013.01.04 15:04:03 | 000,020,724 | ---- | M] () MD5=CF9EA8E138E67132315BB668C0434B06 -- C:\Program Files (x86)\MTA San Andreas 1.3\mods\deathmatch\resources\RPGpager\pagerpics\services.png

< MD5 for: SERVICES.PTXML >
[2009.07.13 22:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009.07.13 22:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.XCONFIG >
[2013.12.14 19:38:36 | 000,003,369 | ---- | M] () MD5=CA1FD2AF4BD182EDAE088B3EE0CDFED5 -- C:\Program Files (x86)\OBS\services.xconfig
[2013.12.14 19:38:36 | 000,003,369 | ---- | M] () MD5=CA1FD2AF4BD182EDAE088B3EE0CDFED5 -- C:\Program Files\OBS\services.xconfig

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

========== Files - Unicode (All) ==========
[2013.04.23 14:32:38 | 000,000,000 | ---D | M](C:\Users\Matīss\Mat?ss) -- C:\Users\Matīss\Matīss
[2013.04.23 14:32:38 | 000,000,000 | ---D | M](C:\Users\Matīss\Mat?ss) -- C:\Users\Matīss\Matīss
(C:\Users\Matīss\Mat?ss) -- C:\Users\Matīss\Matīss

========== Alternate Data Streams ==========

@Alternate Data Stream - 990 bytes -> C:\ProgramData\Microsoft:gKA5aiDZ2kaD8el0ougE
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:0C1EFF69
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:FB6A21E3
@Alternate Data Stream - 1171 bytes -> C:\ProgramData\Microsoft:OrparA2WSXg05F3e8Qtco
@Alternate Data Stream - 1050 bytes -> C:\Program Files\Common Files\System:UBQGcezZ0IChUtLyAJ

< End of report >
------------------------------------------------------------------------------------------
OTL EXTRAS
OTL Extras logfile created on: 2014.01.18. 9:09:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matīss\Desktop\anti virus
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000426 | Country: Latvija | Language: LVI | Date Format: yyyy.MM.dd.

7.98 Gb Total Physical Memory | 5.08 Gb Available Physical Memory | 63.63% Memory free
15.97 Gb Paging File | 12.45 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 161.03 Gb Total Space | 57.66 Gb Free Space | 35.81% Space Free | Partition Type: NTFS
Drive E: | 304.63 Gb Total Space | 16.55 Gb Free Space | 5.43% Space Free | Partition Type: NTFS

Computer Name: MAFISO-PC | User Name: Matīss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp[@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035293C7-2295-4E62-BC9A-5A752CED12F4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{07B17C7D-66AC-4255-AC7B-916C24BFC0B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1389B167-C801-4021-AFCA-8A172FB52BC2}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{209BD682-BC57-41BE-90FC-CD63164284C5}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{22C21916-3213-4830-B10A-8E0461479644}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe |
"{24469253-4906-41CC-A940-8531DBC92E71}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{275681FD-9AF8-45DE-8A0B-9E2D3F1B20BC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{279B239D-3A9A-4FEB-B3A3-E1FD594CD8C3}" = rport=139 | protocol=6 | dir=out | app=system |
"{2A6394E9-8CD4-4E73-A81F-16CB8E69525C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{4BD3A720-483D-49AB-BE81-F5BF9B238776}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C0E88EA-38F3-464B-BF64-9D099C522752}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{4F2BFFF4-A8C3-458F-B022-00704DD8EBC2}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{531C9F11-F2DB-42DB-B196-18C59DC4C659}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{559ACA21-79FC-4DA2-9584-A66625781B2E}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{64C29B83-BDC0-47BE-A410-28E3A65AA8DE}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{69CD2743-9A24-4EEE-8F0A-C7F1BBB2FB7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{6E09CBD3-ACF2-4564-9B8F-F1F6895D3FF1}" = lport=137 | protocol=17 | dir=in | app=system |
"{6FD417DA-266A-40EB-9C79-F637FD506DF0}" = rport=137 | protocol=17 | dir=out | app=system |
"{78F9AA2F-C88A-48D8-882D-35D13621B1AA}" = rport=138 | protocol=17 | dir=out | app=system |
"{7A525DF2-EBFF-412A-A0A6-A97C4ACB2D7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DDE7FD0-57C3-41B4-BF1D-20286A601AB2}" = lport=139 | protocol=6 | dir=in | app=system |
"{88201C9B-F8CC-4B68-971C-436D9C220BCB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8BBAABE9-EEFC-4C95-AEE7-D470876D62CC}" = lport=445 | protocol=6 | dir=in | app=system |
"{8FBB2258-5867-456D-BB3D-6F7A2FDCF75E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{96C5721C-B8CD-4770-A6F9-66C3D51CEAA2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B7A2BA7C-CDB1-4959-ACAD-28A737325523}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B940DB11-2050-4501-8D46-72065D41A062}" = lport=138 | protocol=17 | dir=in | app=system |
"{BC041658-9893-4050-9509-F07C72B45C4C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BEBC2615-3F37-4CF9-AB2E-294183C4673F}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{C8EB18FC-FDB6-413A-AB93-7AED112D4752}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{CB4814E7-4CC2-420E-9396-06189CE54143}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{CB9AC152-B516-4508-9210-105EFD3963F4}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{E289B0AE-9874-468A-9EB8-17E0F78BA889}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EA9DE7B5-DDAF-4E40-B0EA-EAC61F3C5D3D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EE243821-870C-4C38-A9F7-37D5C6B9E7E4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F4170BE7-E538-4853-8A99-1CA7A42157CB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{FB9F8D06-A744-4838-B199-501294B2846E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBD14F6C-DA0F-40F9-B085-F3184BC925F7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD3B900C-5E66-4F3E-9910-2A0AF7B4E720}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FF3DE843-FA16-48B2-A1CF-8A2534571BBA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0101D23A-4077-45A6-A9C6-E012F27A4F51}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{02396C56-CD11-4EE0-A1B9-8BEF5A4CE48E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{042AC687-B477-4FD5-BFCF-B11A54C4F07C}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{05AA3D26-8EC9-49DD-8A23-492D94AEFF00}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\garrysmod\hl2.exe |
"{0745B51E-06DD-4CFB-AF55-D2FA6AD1F6C2}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\source sdk base 2013 multiplayer\hl2.exe |
"{07AAC603-6AED-4D08-A9AD-51E84D5D2983}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{0897CEC3-9653-4D66-AA4F-28629C5D45E8}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{08D88F0D-94CF-416A-9B19-8D88992C1468}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{09324B31-B6EE-4926-85E2-0198EE0175BC}" = protocol=17 | dir=in | app=e:\games\new\battlefield bad company 2\bfbc2game.exe |
"{0C10A82B-2A72-46C8-840B-BDCFB75B2272}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C6B2E7E-DBF2-4CDA-8E97-697ECB26653F}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{0F6D43B5-A74C-4713-BA8E-B6273DA281A9}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\counter-strike source\hl2.exe |
"{118027DD-EDE4-4C67-8ECA-1BA91A538C4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1203BA34-89B0-407B-B4A0-D3A31AA18425}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{120C70D6-AA51-4A5C-AB89-8B6DC0F9DED0}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\aceofspades\aos.exe |
"{12A3CE4D-46AE-4C17-87DD-07B3507C4EC5}" = protocol=58 | dir=out | [email protected],-28546 |
"{13C62512-4CD4-4D00-AB5C-6A9D361EE55E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{144508C0-6735-4EBC-A504-7C2208774AA8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{157AB615-5E11-4F88-B07F-520F62EC0010}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{19C9D991-2258-4332-AFA3-97F0F8730632}" = protocol=58 | dir=in | [email protected],-28545 |
"{1A0C8A48-D071-491F-A6C4-CF24EBC8D795}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{1DC02C3C-5466-4E72-B4C4-A8E34AEC3552}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\team fortress 2\hl2.exe |
"{1ECF3192-73A4-4D34-9282-EC3BACC37786}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{1F0F47B6-A39C-4FE3-8B42-358012B4A726}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{2099257F-1A6D-46C9-8E60-C0BF7FDEB56C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20BA41C8-1D90-4974-A4D8-D5DFD7EAB44B}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe |
"{247EAC01-2ED3-41F1-934A-AF9219586531}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{2543510B-7D6C-4843-AB0B-7D96251A4749}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{256C9496-1A9F-489D-B92F-15555A2F7078}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{2603F773-C13E-468C-97C3-01C3DAA29045}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{27212D46-F73B-415B-88B6-4E4DB310F48F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{2752EFB9-F43F-4313-A299-2B3B639B05A4}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{277C931A-8807-43D6-83B2-090CF6EA0D03}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{284B252D-EB71-40D0-9666-F703F7353397}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{28B9E060-C17C-4CA1-B4C5-975C49DE576E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{292BFD49-043F-408C-BB89-21EF41837B4D}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\garrysmod\hl2.exe |
"{2A8F2DE0-3882-481D-8935-F0EC1388F63B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2B3E1922-4436-4E08-A48C-2C4621390236}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{2BA65EB1-BBF6-4F61-BB97-6D79271FC0FB}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2D0124E6-B473-417F-8DAF-1B9362510366}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{2FE65879-6FA5-4853-8DE2-38EE0090F35B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{30343D47-6432-418E-8D1C-D4F32BC958AA}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\garrysmod\hl2.exe |
"{30B613C0-6D69-4659-981F-E0928DF71CF7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{32AE55F1-5F50-44C5-8D9A-53DA9F3FE6E5}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{32C8EB37-FD5C-4A37-A928-1200194AEA11}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{33F35F7B-B635-4FAC-AEEF-F8F5165A9EAA}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{35D54F86-B304-4351-BE8D-A81033157A0F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe |
"{379DEA8E-0713-4C26-BF43-33268FED2B32}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\aceofspades\aos.exe |
"{37BD1625-7597-4EBF-9CDA-EAEAEE152A34}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{38349EEA-9988-4B61-87F3-949B9A8F2F57}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{3C2EE4B8-92B0-432D-8161-9F142BABC6DD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{3E92D962-C23D-46B1-B648-7A70A883B736}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4131CFF1-0FF4-407E-9491-62A3B76ECFD3}" = protocol=17 | dir=in | app=c:\program files (x86)\gridspot\vmruntime\gridspotvm.exe |
"{4138C332-4936-42B6-91A3-02690DEBEC56}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{41DCEF6E-62D5-4144-AE2A-591075309066}" = protocol=1 | dir=out | [email protected],-28544 |
"{429AB6F7-437F-42B3-A541-4F6C0FCF634B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\304stoffe\counter-strike\hl.exe |
"{43596B04-0D9F-4DA3-BD0B-ECCD25C11B90}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{43CE4BDC-45E3-4727-8756-4AFA2951EB98}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{44A1CE1C-8E1F-4AFF-9D75-CE62B51E12DE}" = dir=out | app=c:\users\matīss\desktop\breakingpoint.exe |
"{44B068DD-8475-4502-B89B-222CE2F0625F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{44F5C96D-E500-492C-A863-EEADA9A3B9FF}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{4841A955-3F2C-48D0-AFD3-E99398825372}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{48623C53-F7ED-43EC-921B-72B8522B8EDF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48ACCDFA-0F73-4EAA-8995-0E3BC67E7552}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{48B6F973-821F-4596-B259-5124A225D14C}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe |
"{48C6CA0C-9729-4576-8B66-C10F696BFFD0}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{4AE53936-71E8-4FD2-9D34-7E4FEFDCF796}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe |
"{4C1094A9-E164-4073-BCAD-AB9A218B94ED}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{4C115BF3-E2B7-4A48-9CE6-EB98F6A9104B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{4C8D450A-CC02-4A4A-AC3D-5E0F0E3BC46D}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{4E474C9D-FC9C-4853-9930-1AA0D0B449BD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{4F5C22D6-DFC7-4E84-8D9A-19F08BB83849}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4F87CCBA-9E75-4162-9F31-A63B3A59748D}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{513931B9-6E8F-436F-B2B1-750B240877C3}" = dir=out | app=%programfiles% (x86)\sony\vegas pro 10.0\vegas100.exe |
"{5220CD11-3C21-439E-BE4E-32A1DE13A0A6}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{53417AA1-0079-4144-924C-5BC9ED063F13}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{53BAB9F8-FFE0-47B3-BEAE-9CEACDDB1C90}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{53E79CF0-FA9B-4ED4-AF96-3B937140574C}" = dir=in | app=c:\users\matīss\downloads\breakingpoint.exe |
"{55C0AFB3-C627-4D34-B996-6960C7150D51}" = protocol=1 | dir=in | [email protected],-28543 |
"{566A6488-EA3B-48CC-ABF6-68FC848CF73B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{582ABB4B-58C3-4BAE-85E9-7A6213B22DB5}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{59AC1145-FF28-4937-BE7F-51170F1366BC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{5A08025D-134C-456A-A789-9B2E2C52D5BD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{5BE3421B-3312-4B29-9C96-44FF7CF2E941}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{5F615989-0656-4BB0-A865-12BB2EEF5725}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{60EB664B-718B-4BEE-9F9B-5304D37B5B55}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{63929ADA-0E84-4133-BC14-B55C6BD7C654}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{639A733F-E9DC-4D92-82F3-B1E848347F21}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{63DC9425-DB64-4083-9658-ABA37BD2D6AB}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{64710A42-2424-4459-9E20-6B3A34223E6F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{66736C3A-CD4B-403E-9F78-5C8978887FB0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6809BFA8-6BEA-42D7-88AB-9EE312CC5219}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{6AA5CBC1-EA64-4997-97A6-E006F85F369A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\garrysmod\hl2.exe |
"{6AF57F76-7CBD-4BCF-A354-6B75CEE83536}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{6B671401-DC02-4A20-AB23-572F10AB153F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6BCB05E3-A2D8-4DF8-9DFB-0710506B01E5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6C4EC666-2F02-4A64-BFAD-DCF3F6508D1E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\304stoffe\counter-strike\hl.exe |
"{6C83F719-D69A-48F2-9692-044358FB3C96}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{6D3F57EB-E1A8-49B3-8F67-0F2C9AC4E619}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{6F006168-D052-45DF-9EBB-B962508BAEBA}" = protocol=6 | dir=in | app=e:\games\new\league of legends\lol.launcher.admin.exe |
"{6FCF8D9B-B681-4766-97F5-D817482393B1}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{72A4BF4A-B3A3-4B26-89F4-837EE8CCA82B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{72B32BB1-13C6-4067-8772-A7428E230CCA}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{7379E1D0-A0D3-481B-9220-87F3C2092C9E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{75BDEF19-7001-47AE-B014-A183EA98B39E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{75CC6D0C-6A57-4D27-A526-3564FEFB0603}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\raceroom racing experience\rrrelauncher.exe |
"{7646626C-12F4-4FF3-90D4-DFD298386B1A}" = protocol=6 | dir=out | app=system |
"{78126330-9DA1-44A0-B675-F4B293CDFA52}" = protocol=6 | dir=in | app=e:\games\new\battlefield bad company 2\bfbc2game.exe |
"{7B1DE900-07E8-4338-B64A-40B3523DF223}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B264565-C43B-4617-A52E-1C3D71C2DC34}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\304stoffe\counter-strike\hl.exe |
"{7B63B779-D97C-49E7-8182-7F5C5DC317BD}" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezlauncherui.exe |
"{7E478E43-A67D-4767-BCAD-74DBFDDF53CC}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{7FD51AE3-1826-4C51-8E83-0D2A2107396F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{810388B0-154A-413E-9FC5-1EB79730D426}" = protocol=17 | dir=in | app=e:\games\new\league of legends\lol.launcher.exe |
"{820920EF-273C-4A43-8F81-F0C867416E3F}" = protocol=17 | dir=in | app=c:\program files (x86)\gridspot\vmruntime\gridspotvm.exe |
"{8529A626-86D7-4653-89AD-A4F3AA72754A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{85590AC4-D338-417B-AC83-5871A2E536F8}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagionds.exe |
"{8561EB8B-5C57-4C62-83E5-DB61122C9839}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8684E5BF-340D-45D1-A6E5-21548FD0EBEB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{87A75A7F-4AF9-42EA-B761-C78DB46EA4B3}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{87ACAAB2-C84D-42E1-940F-2F7616C08133}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{8823A10D-2B16-49C3-9CBE-D2959E7A459A}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{88A91DC1-68CE-47C8-A96D-49EF4D58E451}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{88B4FA89-009D-42CD-B3CA-1640049A5AF4}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{8928D889-FBB6-45AA-85F6-E88593CEC4A2}" = dir=in | app=e:\games\new\infestation survivor stories\infestation.exe |
"{89906D53-04C5-4FCE-B716-9A1BC3FDF24D}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{8BAA1C8D-C87E-489F-A97F-B2AB7984C2E7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{8C305816-1F85-4470-9233-0B6FC2F64632}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{8DC77D7E-2585-4458-98D0-42AD053351FA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{8E98BDBC-9D19-480A-A470-1DEE279710D9}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe |
"{8F4A6792-9081-4172-9A5B-122DE4AD8336}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{904E6C56-5F7C-439A-9ED2-CF0FA0E2FD0A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{90C275BB-12AD-403B-A84C-6D4F932B8BF1}" = protocol=6 | dir=in | app=c:\program files (x86)\gridspot\vmruntime\gridspotvm.exe |
"{925844AE-C196-4C1D-9F42-77178FA2A357}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{92A4F0B9-A9F7-4E59-A87B-5307EDB02A12}" = protocol=17 | dir=in | app=c:\program files (x86)\spirited machine\arma ii launcher\arma2 launcher.exe |
"{9482F3C3-BD6D-4698-B682-77FF0BA77E22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9564EAFA-8DF0-44AE-BADD-259AF6C73956}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{9569145A-FF90-46A5-AD2E-2941F9569457}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{95C6933D-0708-4EE5-93EA-AEDB7B767938}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{97757756-666D-4F9B-A23D-059AC893B4FE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{97DA73D4-D214-41FF-9753-847EA68613A0}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{97E8059E-49F0-4E81-A8C4-07F1FCD65D7D}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{985ABAB9-E4B6-4230-AC4A-41ADED58B13B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\half-life 2 deathmatch\hl2.exe |
"{98945C6C-D803-47B5-B498-7E66F33385C4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{98E7ED47-5FB4-47B0-B306-5AA94F371D89}" = protocol=17 | dir=in | app=e:\games\new\league of legends\lol.launcher.admin.exe |
"{99D2FB25-7A49-4082-8F98-39F9AE7AA0CB}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{9A12D536-932C-4B42-85DB-C2134728028F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9A8C21EE-E4DB-4762-88E5-C562DA53EDB0}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{9AC7A285-D152-441E-B2B7-437A7885C132}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{9BF15066-2A1C-4171-9491-5CEC1EFC3E60}" = dir=out | app=c:\users\matīss\downloads\breakingpoint.exe |
"{A19F66FF-EC75-438A-9F51-008EA5995978}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{A1B89472-1CDB-4102-BE06-B021F7EF9368}" = protocol=6 | dir=in | app=c:\program files (x86)\spirited machine\arma ii launcher\arma2 launcher.exe |
"{A352E3F1-E47E-4E3B-8F76-B0936FE31884}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{A4D2B9D4-5110-4EBE-8B42-E5F30FDF5B30}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{A669BF8B-EDBA-4D9E-850C-48E07F38B676}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{A76FBCA9-CCF2-4BB9-9065-418A1FAB80B0}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{A7724072-D91D-4447-8955-881576994E1E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{A864E10B-91EC-4079-B850-0ECB4ED2A017}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{A90CF428-1A6E-4DE6-9103-C15871F50F90}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{A9435BE8-F088-41AF-93D1-C30C58AC3846}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{AA5DA69D-42E3-4FC3-AF2B-F9BCE7FE578B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{AB6E49D8-36D2-4C00-BF7D-0C187320EA4B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{AC5A7791-59DB-4A70-B538-268B060BD2E6}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"{AC5ED69D-88CB-4E31-AD3A-3402238AE3D4}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{AE122B80-04D5-47E7-9271-4C09D52DB726}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\counter-strike source\hl2.exe |
"{AE6BD8A9-8864-4605-AC8D-C47FD83E4FFF}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{B0E5DE52-6AFF-40BA-88D9-A9BCE2307FA8}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe |
"{B13F2A32-625C-4E59-9ECF-3002AFAABA01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2857120-1AD4-4033-8B46-238A1B59573F}" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezlauncherui.exe |
"{B4551CB6-0819-40E9-96AA-76035E2A55AB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B4C560E8-E2D4-4172-94FC-665119D810E5}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{B581D6CD-363B-479B-B486-E2109983392E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{B6281AE2-0A2B-46F6-800E-5E838DAAA507}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{B7000763-6B2C-40E4-89BF-B5634BAAF575}" = dir=in | app=c:\program files (x86)\brick-force\bflauncher.exe |
"{B705F926-631A-4409-963C-8AAA89B62874}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\raceroom racing experience\rrrelauncher.exe |
"{B737FE06-1B8E-4391-B4DA-071DA3C4FCDD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{B821DC4A-CFA4-43DF-B4BD-EEA6802BE079}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{B858C586-BA64-47FE-89D3-F485AE765024}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\304stoffe\counter-strike\hl.exe |
"{B869CE5B-3B32-4339-8049-BE10F2872C85}" = dir=in | app=c:\program files (x86)\brick-force\brickforce.exe |
"{B9562E3B-3790-493F-BB63-A48AC0746C84}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{BADFE2CC-6F72-4BD0-ABE5-FA144CB05150}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\half-life 2 deathmatch\hl2.exe |
"{BBE0EFCC-A367-4F32-A577-A6652F898C84}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{BD3639A8-0FEE-4AF9-B1D2-107E1CD5CE3D}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{BF269BF1-8643-408F-85AA-A3A52D9F735F}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{C3CE9B38-FB7A-46D6-BB93-466D8D922601}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4F66D34-2FE2-4311-8756-AEDCA5C7889E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{C57F6542-078F-4333-8931-AB6845B668A3}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{C6B1F28A-BE39-45A2-A173-1888C28D0E3B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{C85B04B4-A1AE-4BA8-B408-170E2E9D7AF3}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{C8E7FA46-E3CF-435F-B1D9-75E87FC880CF}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{C91F1F6C-8F87-4996-AC7E-221DCF0AC268}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{C9BB2A47-5269-4D54-8748-EF7DC0591100}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{CA4E18C2-2390-4CDF-871C-D9A7F96D6569}" = protocol=6 | dir=in | app=e:\games\new\battlefield 2 complete collection\bf2.exe |
"{CC0D559E-E427-4CD9-AD5F-5A4A23BBF829}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{CDB59DFA-BCB4-4272-A2CE-D5AFF8126A29}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{CF8D2871-2629-4FCD-B34E-4D4F1B681A93}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{CFE54ED7-D0A8-4985-AE4C-595ABE33F1F1}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{D04AC97C-1999-401C-A655-B5070B806832}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{D170E43D-0E71-4A53-AB36-5169B17996C7}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{D3E5167D-992B-4FF9-BFEF-3C7BEA84E5D2}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{D3E92908-A651-4725-93F5-0CF1419DBB5C}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{D4F4F965-DDCA-4B86-A372-A7BFEB78B17A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{D5665336-2B4D-4A65-8E3F-6EE1DFBCA47D}" = protocol=6 | dir=in | app=c:\program files (x86)\gridspot\vmruntime\gridspotvm.exe |
"{D66AE65D-2F96-44B5-A5CD-7EED8611CB02}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{D6BAF649-49A6-48D4-ADB8-F18B426EDC95}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{D93D2273-FECA-4346-9B2A-152288CC0426}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{D9DD1618-CEF3-41D6-AF30-CC81C3D758D2}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{D9F81829-608E-409D-B5D1-69CE58C821C0}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{DC4EF418-FAA9-4D1E-B679-993D18C1D53B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{DD62BB9A-EBD0-491E-8656-A08795D95B57}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{DE23CB7F-1062-4B9E-BC37-66B51C969DAD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{DE5C6995-BA91-4189-95FD-E08DD6BBDDAE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{DEF562E2-1A1B-4241-AD5D-2FF116A31721}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{E0A12FB1-DA92-45A5-837A-93FAAAC1173A}" = protocol=6 | dir=in | app=e:\games\new\league of legends\lol.launcher.exe |
"{E3AAC3AA-7B1A-44FE-8418-9E57736BE214}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E4CAF517-E49E-4DD3-A594-CA2FDCC26672}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"{E8189999-BE00-43F5-A659-14A46CD3BBED}" = protocol=17 | dir=in | app=e:\games\new\battlefield 2 complete collection\bf2.exe |
"{E91B5228-22E6-4F47-99F4-78C877178B62}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\garrysmod\hl2.exe |
"{E92B9D7B-2EE0-4BFA-BA2D-799CFE8DAE68}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{E9617CE4-8E9A-47E2-AA7D-C015ABBDB86B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagionds.exe |
"{E9FFC640-0344-421C-9E69-DE06A29061AE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{EA03CB57-E9CD-4793-8282-9AA79E7B2BC2}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{EB0A3EFD-42D1-4C6C-BB3E-7CD907563C7B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{EB41837A-8739-4D89-95F9-5AF47C558ED8}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{EBD7E0DC-AC3F-48DD-844A-597941686C7A}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{F0FEFCAB-35C8-4C56-A94D-1331A25414E4}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{F2023801-F161-4127-A411-3B7CF5CB6E51}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{F2F116CC-C8A3-49B0-86DA-F4BF792E940A}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{F370D662-BEF5-4B07-A004-A70CFA94CEB6}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{F3A5379B-CD63-4C5B-90B0-E105085A6107}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\team fortress 2\hl2.exe |
"{F3D2B653-83F7-428D-99F8-F12D5B1BFD07}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\just cause 2\justcause2.exe |
"{F498043F-C2B2-43B6-A9F0-E0BF7DA168CA}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{F7D9E5B0-341F-4014-8AB8-CC3951E02B53}" = dir=in | app=c:\users\matīss\desktop\breakingpoint.exe |
"{F8B68A74-BCFA-4E4F-84FD-7AA3DC26F7CE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\source sdk base 2013 multiplayer\hl2.exe |
"{F908733B-16D6-4348-8B86-BA502C548654}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{FAE62EC5-48AF-4DD2-B63F-DE8A97A9E8D5}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\garrysmod\hl2.exe |
"{FAF16140-E55F-4DC8-B977-943418DB64AA}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{FBDF5B99-4712-4373-8C2D-74BF0FF1DAA9}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{FCC7FA55-32C0-4039-BCE9-E02A01A2CC15}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rust\rust.exe |
"{FF5D85E7-EF6F-4089-851D-B0A6C69AE3FE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"TCP Query User{0627AB79-6210-49A4-99AF-2341CEE3F460}C:\program files (x86)\zombies.nu\dayzero launcher\dayzerolauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\zombies.nu\dayzero launcher\dayzerolauncher.exe |
"TCP Query User{0850B307-E43B-4477-92E7-67E202F203BA}E:\games\old\gta san andreas\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=e:\games\old\gta san andreas\gta san andreas\gta_sa.exe |
"TCP Query User{08ACB9B6-E826-4E0B-BB6D-86BB937E73ED}C:\users\matīss\documents\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\matīss\documents\arma 2\expansion\beta\arma2oa.exe |
"TCP Query User{08C9CBCB-2C2C-406C-BE63-AB3C61068CEB}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"TCP Query User{199C116D-721B-4228-BB27-53D2A2770556}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{1F73EAA9-72DA-458F-B7D3-3B83E1F3FBBA}E:\games\steam\steamapps\304stoffe\source sdk base\hl2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\304stoffe\source sdk base\hl2.exe |
"TCP Query User{255CB88D-1AE1-4F14-A267-59687D96B7BD}C:\users\matīss\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=6 | dir=in | app=c:\users\matīss\appdata\local\play withsix\tools\mingw\bin\rsync.exe |
"TCP Query User{2844FBEF-B05F-486B-B176-86B718423008}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{28937CF2-4EB8-4D99-9AA3-B8CFF5E448D3}E:\games\steam\steamapps\common\arma 2 operation arrowhead\beta_oa\arma2oa.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\beta_oa\arma2oa.exe |
"TCP Query User{35D70A71-81F4-4FF4-9F2C-5965EFCB7328}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{3C68C5C9-B5C7-44AF-820B-6DD9FC232133}E:\games\new\arma iii alpha\arma3.exe" = protocol=6 | dir=in | app=e:\games\new\arma iii alpha\arma3.exe |
"TCP Query User{3F014AF5-726C-4020-BB52-0F8227D49512}E:\games\new\7 days to die cracked\7daystodie.exe" = protocol=6 | dir=in | app=e:\games\new\7 days to die cracked\7daystodie.exe |
"TCP Query User{3FDA6DF9-414D-46F9-9FB4-3C277E062A1D}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{4AF76878-DA06-47E2-917F-719CE344F9E2}C:\users\matīss\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\matīss\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{4DC4066B-5906-4CEE-9B3A-BC105AB80D77}C:\users\matīss\appdata\local\iw4m\iw4m.dat" = protocol=6 | dir=in | app=c:\users\matīss\appdata\local\iw4m\iw4m.dat |
"TCP Query User{55AB3B86-19A0-4E83-B178-93E1504972FD}E:\games\steam\steamapps\common\panzar\bin64\pnzcl.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\panzar\bin64\pnzcl.exe |
"TCP Query User{5FEF0884-9D76-4376-B222-88F08AB5C205}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{664C1C68-D51C-4286-A65E-BC6B8368C981}E:\games\old\gta san andreas\gta san andreas\proxy_sa.exe" = protocol=6 | dir=in | app=e:\games\old\gta san andreas\gta san andreas\proxy_sa.exe |
"TCP Query User{66F94300-900B-4EC1-9182-EEA2EBDAC239}E:\games\new\arma iii alpha\arma3.exe" = protocol=6 | dir=in | app=e:\games\new\arma iii alpha\arma3.exe |
"TCP Query User{6776AD63-43F9-483E-8ECA-108950164E59}E:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"TCP Query User{6D5260C9-3377-44A6-AC39-0709F7E5B508}E:\games\new\arma 3\arma3.exe" = protocol=6 | dir=in | app=e:\games\new\arma 3\arma3.exe |
"TCP Query User{79CA0566-BFF7-4C50-A7C5-EDA1CAFCC36B}C:\users\matīss\documents\arma 2\beta_oa\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\matīss\documents\arma 2\beta_oa\arma2oa.exe |
"TCP Query User{81488A44-A48C-4775-B6A3-A5DAADAF2A2E}E:\games\new\face of mankind\fom_client.exe" = protocol=6 | dir=in | app=e:\games\new\face of mankind\fom_client.exe |
"TCP Query User{82347B69-3384-4B2B-BEF0-DB82A9B97904}C:\users\matīss\downloads\breakingpoint.exe" = protocol=6 | dir=in | app=c:\users\matīss\downloads\breakingpoint.exe |
"TCP Query User{87C9D347-AD67-4802-A82A-046FBDDA7AA5}E:\games\old\face of mankind\fom_client.exe" = protocol=6 | dir=in | app=e:\games\old\face of mankind\fom_client.exe |
"TCP Query User{889B327E-60E8-4C05-A60B-8A950FF35F60}E:\games\steam\steamapps\common\contagionbeta\contagion.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"TCP Query User{9E3A0396-DB82-49FE-9786-11BEC1D553AE}C:\users\matīss\appdata\local\temp\rar$exa0.117\a2tm1.0.4694.39799\tushino_manager.exe" = protocol=6 | dir=in | app=c:\users\matīss\appdata\local\temp\rar$exa0.117\a2tm1.0.4694.39799\tushino_manager.exe |
"TCP Query User{BBE588ED-1389-4009-A06D-8495C2B83BDA}C:\users\matīss\desktop\breakingpoint.exe" = protocol=6 | dir=in | app=c:\users\matīss\desktop\breakingpoint.exe |
"TCP Query User{CB1320D6-F2F3-492B-A9E0-1872202DDF81}E:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{D3DE69E0-BCEF-41E1-885A-F54D05FC15F9}E:\games\steam\steamapps\common\arma 2\arma2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe |
"TCP Query User{DE741707-18E2-467E-B302-01DC8F40DB86}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{E06A156C-3396-42B4-9F3A-B38FA37451B2}E:\games\old\face of mankind\fom_client.exe" = protocol=6 | dir=in | app=e:\games\old\face of mankind\fom_client.exe |
"TCP Query User{E5CF7562-B6A3-4118-867D-1EF5BF7FB0F5}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{E7A1BEE3-AC9E-464F-B77D-9A23D95272FE}E:\games\steam\steam.exe" = protocol=6 | dir=in | app=e:\games\steam\steam.exe |
"TCP Query User{EA77BF25-4C1B-47CE-91B7-A99C54EDE220}E:\games\steam\steamapps\304stoffe\source sdk base 2007\hl2.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\304stoffe\source sdk base 2007\hl2.exe |
"TCP Query User{F7D40EA0-6C18-4D11-863A-FA21BE97A985}E:\games\steam\steamapps\common\blockland\blockland.exe" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"UDP Query User{0139C464-D206-4047-9044-A1D6ECEEDA64}E:\games\old\face of mankind\fom_client.exe" = protocol=17 | dir=in | app=e:\games\old\face of mankind\fom_client.exe |
"UDP Query User{0566B88C-3E78-43B7-B6AA-0135F2FB7236}E:\games\new\7 days to die cracked\7daystodie.exe" = protocol=17 | dir=in | app=e:\games\new\7 days to die cracked\7daystodie.exe |
"UDP Query User{0606EAC5-5597-4497-9DA3-47EB5293EC3D}E:\games\new\arma iii alpha\arma3.exe" = protocol=17 | dir=in | app=e:\games\new\arma iii alpha\arma3.exe |
"UDP Query User{1EFEEBFE-8459-4E2F-A794-CCFC68C8CFBB}E:\games\steam\steamapps\common\contagionbeta\contagion.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\contagionbeta\contagion.exe |
"UDP Query User{25FF117E-691A-41E5-AE9C-1E70FE72BAB5}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"UDP Query User{278C2BC0-C338-43D9-A13A-4C7BFDDC75A2}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{29391A98-706D-4242-A7B2-EF1CBFB4930B}E:\games\steam\steamapps\304stoffe\source sdk base\hl2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\304stoffe\source sdk base\hl2.exe |
"UDP Query User{2F1D9429-8EEE-4B0E-866C-626B3F66A412}E:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{30EBF41F-95AB-4F64-B786-111D156DCE86}C:\users\matīss\documents\arma 2\beta_oa\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\matīss\documents\arma 2\beta_oa\arma2oa.exe |
"UDP Query User{317568C8-6F7F-485A-8449-B95E1D662E3E}C:\users\matīss\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=17 | dir=in | app=c:\users\matīss\appdata\local\play withsix\tools\mingw\bin\rsync.exe |
"UDP Query User{3FC36610-15A4-427F-98D3-952E2862A046}E:\games\old\face of mankind\fom_client.exe" = protocol=17 | dir=in | app=e:\games\old\face of mankind\fom_client.exe |
"UDP Query User{44C8C52E-8DCC-4E3F-9629-A4D34F1CF3A0}C:\users\matīss\appdata\local\temp\rar$exa0.117\a2tm1.0.4694.39799\tushino_manager.exe" = protocol=17 | dir=in | app=c:\users\matīss\appdata\local\temp\rar$exa0.117\a2tm1.0.4694.39799\tushino_manager.exe |
"UDP Query User{48F29270-725E-4701-BC5F-A7C17A3DBB72}E:\games\new\arma 3\arma3.exe" = protocol=17 | dir=in | app=e:\games\new\arma 3\arma3.exe |
"UDP Query User{4BA930AA-C13F-4613-AFA5-497090268C48}E:\games\new\arma iii alpha\arma3.exe" = protocol=17 | dir=in | app=e:\games\new\arma iii alpha\arma3.exe |
"UDP Query User{4EB19DFC-1C04-4624-8C1B-A8B34A20D7AD}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{58ADE397-9144-4F78-9FA2-DA3C016D0D7A}E:\games\steam\steamapps\common\arma 2\arma2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2\arma2.exe |
"UDP Query User{67A49A3B-C062-4945-99E5-F62204180FD7}E:\games\old\gta san andreas\gta san andreas\proxy_sa.exe" = protocol=17 | dir=in | app=e:\games\old\gta san andreas\gta san andreas\proxy_sa.exe |
"UDP Query User{83F9D820-9A53-44A2-B804-74E821CFAC9C}C:\users\matīss\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\matīss\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{8B283444-9F92-43C4-9812-60F65A34B95B}C:\program files (x86)\zombies.nu\dayzero launcher\dayzerolauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\zombies.nu\dayzero launcher\dayzerolauncher.exe |
"UDP Query User{A22660DA-AD36-43EF-897D-8D151F403689}E:\games\old\gta san andreas\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=e:\games\old\gta san andreas\gta san andreas\gta_sa.exe |
"UDP Query User{ABD9864A-F51F-4917-90D8-2BC4C75BEAFB}C:\users\matīss\documents\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\matīss\documents\arma 2\expansion\beta\arma2oa.exe |
"UDP Query User{ACBD0562-6A47-43A9-952F-40881C6AADD5}E:\games\new\face of mankind\fom_client.exe" = protocol=17 | dir=in | app=e:\games\new\face of mankind\fom_client.exe |
"UDP Query User{AD2FBFE4-5604-43CD-A4CE-39B9DA817363}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{B0D8CCB5-E386-4D3A-8F58-5FDAC3125320}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{B8098B1E-7B12-4617-9CEC-07FEE68360C1}C:\users\matīss\desktop\breakingpoint.exe" = protocol=17 | dir=in | app=c:\users\matīss\desktop\breakingpoint.exe |
"UDP Query User{C2292F41-0806-4D55-BF8D-1D1BCD13CA4D}E:\games\steam\steamapps\common\panzar\bin64\pnzcl.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\panzar\bin64\pnzcl.exe |
"UDP Query User{D7CDD4A8-17D9-42B7-8338-35A084AA425C}C:\users\matīss\appdata\local\iw4m\iw4m.dat" = protocol=17 | dir=in | app=c:\users\matīss\appdata\local\iw4m\iw4m.dat |
"UDP Query User{D8AD04B4-7FEB-4560-8155-C87C3E4F56B6}C:\users\matīss\downloads\breakingpoint.exe" = protocol=17 | dir=in | app=c:\users\matīss\downloads\breakingpoint.exe |
"UDP Query User{DC41DDE8-F0FC-43AD-A4D8-5220D06A9EA2}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{DCD59292-1A8A-481B-AD93-3FC9A474FA66}E:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"UDP Query User{DD249266-1203-421F-977B-4C0B939390EF}E:\games\steam\steamapps\304stoffe\source sdk base 2007\hl2.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\304stoffe\source sdk base 2007\hl2.exe |
"UDP Query User{DFBDE560-4DB7-4DED-B011-D5E08273748C}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{E68C7A1D-429C-45C4-A61F-B7F653D796B4}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{ED0996E5-6080-402C-841C-AE655B55CCD7}E:\games\steam\steam.exe" = protocol=17 | dir=in | app=e:\games\steam\steam.exe |
"UDP Query User{F75F9C79-913D-4449-997E-EE69199B61D8}E:\games\steam\steamapps\common\blockland\blockland.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\blockland\blockland.exe |
"UDP Query User{FF6DAD49-7A6E-498A-B3F3-E660F77A5D43}E:\games\steam\steamapps\common\arma 2 operation arrowhead\beta_oa\arma2oa.exe" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\arma 2 operation arrowhead\beta_oa\arma2oa.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}" = AMD Catalyst Install Manager
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7D2019DF-713F-B6ED-8C87-14363B081FB2}" = AMD Drag and Drop Transcoding
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{901D1D88-408D-48E5-80DD-CC3145BD8456}" = COMODO Antivirus
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AAB8D5E4-22C4-4670-9457-5AD361D71C84}" = Latvian (Apostrofs v0.3; punkts)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADCB5F9E-EF88-6D61-EE2F-99F51DF1B6EF}" = AMD Media Foundation Decoders
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0331524-B619-4EB7-9536-0F1A0163B67C}" = Quick Heal PCTuner
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{E57289A3-B314-F00A-F0D0-7CB63E588CFF}" = AMD Accelerated Video Transcoding
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC4E385C-4B7D-4FDD-9F0C-C91B116AD243}" = GeekBuddy
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F65A4306-D971-407B-0A8F-D8E3F200971E}" = AMD Wireless Display v3.0
"{FEB22B7A-7B05-4A49-3BA3-D24815D37FAE}" = ccc-utility64
"Blender" = Blender
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"HitmanPro37" = HitmanPro 3.7
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Pen Tablet Driver" = Wacom
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 4.10 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.4.2
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{121CAAD8-0CD7-48CC-A3E1-A1AB8C0B1086}" = DayZero Launcher
"{170236F2-1F88-A116-DA64-3FEED17B9387}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2178EDD8-A3A6-50E3-407B-6629EA8E6ECE}" = AMD Catalyst Control Center
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{32957F2B-A371-151F-9DA1-7BCA54BA2C71}" = CCC Help Danish
"{398004A7-6198-B8AB-443A-D250FFA57446}" = CCC Help Greek
"{3A29665B-2304-A9F7-601D-86340BD29D57}" = CCC Help Korean
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3F92C742-08BE-9C7A-DF0C-3E1CD06C46C2}" = Sumo Paint Bamboo 2.2
"{4310E447-8AF3-020C-06D0-CB317D1BC92B}" = CCC Help Spanish
"{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1" = Xfire 2.0
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DF0CAAC-F479-1673-EE92-03FFB9A05C1A}" = CCC Help English
"{4E3AA543-09D7-401E-9DF2-2591D24C7C49}" = Addon Sync 2009
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6670AE0A-83FD-C514-C4EC-51618BEDCF04}" = Catalyst Control Center InstallProxy
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{6DD76706-759A-1D77-9D1B-39FFFEC203BE}" = CCC Help Hungarian
"{6DF3C5B5-AEA5-198E-289C-CAADC4A17C04}" = CCC Help Dutch
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{6F9B3984-08EB-19EE-5E93-E79FD0854596}" = CCC Help Czech
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{805A7890-3138-44E4-8DAA-480C55516989}" = MainConcept MJPEG Codec Demo
"{82DA3D5E-0041-D8F7-6ACD-53A06C863FD4}" = CCC Help Swedish
"{84D04D4F-2201-4AED-BE9A-FFA62069CA19}_is1" = reFX Nexus 1.0.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E63AD00-6BEB-9E98-739E-C8EE42CF0419}" = CCC Help Norwegian
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_WORD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_WORD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_WORD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_WORD_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_WORD_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_WORD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9584BE1B-2FBE-4F45-13EA-6567F3E2D9A2}" = CCC Help Chinese Traditional
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{993609E5-B0A7-0270-BA78-385016D5A4FA}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C50B767-48BA-A567-0CFE-31620AE8FC97}" = CCC Help German
"{9CAB2330-F2E2-454C-9374-F78DF92C30F4}" = Ut Video Codec Suite (x86)
"{9E94C6F8-2B4E-D900-E73C-E7BCC7653188}" = CCC Help Japanese
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A8DBF55D-73C0-4E37-A10E-365BFBB14119}" = Battlefield 2
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = Infestation Survivor Stories version 1.0
"{BEFD4139-C684-DBF8-33F2-7963161E2F10}" = CCC Help Russian
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CFBC3C9F-C781-4A0A-4AC9-BEBDE9850C16}" = CCC Help Turkish
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17BE572-CBFB-2AA4-759B-E21F04093001}" = CCC Help Thai
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3C44AE6-7A77-6CB3-0708-C970C53E8136}" = Catalyst Control Center Localization All
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D6285577-D036-4E6D-AD5E-DCE6040EA66F}" = DayZ Commander
"{D7F3EEAD-183C-47DE-BDC5-593539573F97}" = Play withSIX
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E9E87CFE-894C-8FFB-31C2-61C6B640F2B2}" = CCC Help Finnish
"{E9F63F5F-00EF-516C-C7F6-ABD3DC174B5E}" = CCC Help Polish
"{EA3960CB-883C-5B18-FA85-7C36C320E4BC}" = Catalyst Control Center Graphics Previews Common
"{EACFCDA4-3286-4DEB-92D8-53006239F347}" = ArmA II Launcher
"{ED62231A-B71D-C39A-7CE0-B2C8388A67C2}" = CCC Help French
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F015C84A-A7FA-4DFC-A266-1754CC536056}" = Accusoft PICVideo Motion JPEG 4
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F7D1BEE1-8CD0-4156-AA60-653109B4ECD7}" = Left 4 Dead 2 Add-On Installer
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FBC9A8BD-C74D-86B3-7818-D584C9174F48}" = CCC Help Portuguese
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = KMP Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Afterburner" = MSI Afterburner 2.3.1
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avast" = avast! Free Antivirus
"Bamboo Dock" = Bamboo Dock
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BattlEye for OA" = BattlEye for OA Uninstall
"Build and Shoot Launcher" = Build and Shoot Launcher 1.2
"Celtx (2.9.1)" = Celtx (2.9.1)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1" = Sumo Paint Bamboo 2.2
"Comodo Dragon" = Comodo Dragon
"Crescendo" = Crescendo Music Notation Editor
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Dxtory2.0_is1" = Dxtory version 2.0.122
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.4" = ESN Sonar
"Face of Mankind" = Face of Mankind
"FBX Plugin 2006.08 for Max 9.0" = FBX Plugin 2006.08 for Max 9.0
"FL Studio 10" = FL Studio 10
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"foobar2000" = foobar2000 v1.2.6
"Free Studio_is1" = Free Studio version 5.3.5
"G'MIC for GIMP_is1" = G'MIC for GIMP version 1.5.3.0
"Gridspot" = Gridspot
"HandBrake" = HandBrake 0.9.6
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"ImgBurn" = ImgBurn
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"InstallShield_{805A7890-3138-44E4-8DAA-480C55516989}" = MainConcept MJPEG Codec Demo
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"InstallShield_{F015C84A-A7FA-4DFC-A266-1754CC536056}" = Accusoft PICVideo Motion JPEG 4
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.0
"LDraw2013-01" = LDraw All-In-One-Installer 2013-01
"LeoCAD" = LeoCAD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MCMJPG" = MainConcept MJPG software codec (Remove Only)
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"mIRC" = mIRC
"MixPad" = MixPad
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3
"N360" = Norton 360
"Notepad++" = Notepad++
"Open Broadcaster Software" = Open Broadcaster Software
"OpenAL" = OpenAL
"Opera 11.62.1347" = Opera 11.62
"Origin" = Origin
"PrivDog" = PrivDog
"PunkBusterSvc" = PunkBuster Services
"RaidCall" = RaidCall
"Raptr" = Raptr
"reFX Nexus 1.0.9_is1" = reFX Nexus 1.0.9
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"SecondLifeViewer" = SecondLifeViewer (remove only)
"SR 3D Builder 0.9.2.7" = SR 3D Builder
"Steam App 209080" = Guns of Icarus Online
"Steam App 218" = Source SDK Base 2007
"Steam App 219540" = ARMA 2: Operation Arrowhead Beta
"Steam App 224540" = Ace of Spades
"Steam App 238430" = Contagion
"Steam App 243750" = Source SDK Base 2013 Multiplayer
"Steam App 250340" = Blockland
"Steam App 252490" = Rust
"Steam App 259080" = Just Cause 2: Multiplayer Mod
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 4000" = Garry's Mod
"Steam App 48700" = Mount & Blade: Warband
"Steam App 550" = Left 4 Dead 2
"Steam App 8190" = Just Cause 2
"The KMPlayer" = The KMPlayer (remove only)
"Tunngle beta_is1" = Tunngle beta
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WORD" = Microsoft Office Word 2007
"XfireCodec" = Xfire Codec (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2014.01.17. 10:43:22 | Computer Name = MAFISO-PC | Source = VSS | ID = 8194
Description =

Error - 2014.01.18. 0:38:03 | Computer Name = MAFISO-PC | Source = KMPService.exe | ID = 0
Description =

Error - 2014.01.18. 0:39:35 | Computer Name = MAFISO-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014.01.18. 0:51:12 | Computer Name = MAFISO-PC | Source = Application Error | ID = 1000
Description = Faulting application name: unit.exe, version: 4.0.0.0, time stamp:
0x52aae7b7 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp:
0x521eaf24 Exception code: 0xc0000374 Fault offset: 0x00000000000c4102 Faulting process
id: 0x13c4 Faulting application start time: 0x01cf1408dfc2c274 Faulting application
path: C:\Program Files\COMODO\GeekBuddy\unit.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 2714d596-7ffc-11e3-93e3-001f1f018bb4

Error - 2014.01.18. 2:52:40 | Computer Name = MAFISO-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image
of binary oajjsegy. System Error: The system cannot find the file specified. .

Error - 2014.01.18. 2:56:28 | Computer Name = MAFISO-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\AvastGUIProxy64.dll".
Dependent
Assembly Avast.VC110.CRT,processorArchitecture="amd64",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2014.01.18. 2:56:30 | Computer Name = MAFISO-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\aswWebRepIE64.dll".
Dependent
Assembly Avast.VC110.CRT,processorArchitecture="amd64",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2014.01.18. 2:56:31 | Computer Name = MAFISO-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\asOutExt64.dll".
Dependent
Assembly Avast.VC110.CRT,processorArchitecture="amd64",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 2014.01.18. 3:01:31 | Computer Name = MAFISO-PC | Source = KMPService.exe | ID = 0
Description =

Error - 2014.01.18. 3:02:27 | Computer Name = MAFISO-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2014.01.14. 11:06:25 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7001
Description = The Workstation service depends on the Network Store Interface Service
service which failed to start because of the following error: %%1068

Error - 2014.01.14. 11:06:26 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7001
Description = The IP Helper service depends on the Network Store Interface Service
service which failed to start because of the following error: %%1068

Error - 2014.01.14. 11:06:26 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7001
Description = The SMB MiniRedirector Wrapper and Engine service depends on the Redirected
Buffering Sub Sysytem service which failed to start because of the following error:
%%31

Error - 2014.01.14. 11:06:26 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7001
Description = The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector
Wrapper and Engine service which failed to start because of the following error:
%%1068

Error - 2014.01.14. 11:06:26 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7001
Description = The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector
Wrapper and Engine service which failed to start because of the following error:
%%1068

Error - 2014.01.14. 11:06:26 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7001
Description = The Network Connections service depends on the Network Store Interface
Service service which failed to start because of the following error: %%1068

Error - 2014.01.14. 11:06:26 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness service depends on the Network Store
Interface Service service which failed to start because of the following error:
%%1068

Error - 2014.01.14. 11:06:29 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AppleCharger CFRMD cmdGuard CSC DfsC discache HMD NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV
SASKUTIL
spldr
tdx
Wanarpv6
WfpLwf
ws2ifsl

Error - 2014.01.16. 13:18:36 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Adobe
SwitchBoard service to connect.

Error - 2014.01.16. 13:18:36 | Computer Name = MAFISO-PC | Source = Service Control Manager | ID = 7000
Description = The Adobe SwitchBoard service failed to start due to the following
error: %%1053


< End of report >




-----------------------------------------------------------
Farbar

Farbar Service Scanner Version: 08-01-2014
Ran by Matīss (administrator) on 22-01-2014 at 17:08:05
Running from "C:\Users\Matīss\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

-----------------------------------

Security check

Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
COMODO Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 12.0.0.43 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox (for.)
Google Chrome 31.0.1650.63
Google Chrome 32.0.1700.72
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````

-------------------------------------------------------------
  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Hi mafiso, :)

PunkBuster Advice:

There are some issues with infections in relation to PunkBuster...

Your computer has installed gaming tools. Some of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle.
In the process, they take control of much of your PC, and they actually meet the definition of spyware/malware.
They are sometimes designed to prevent orderly removal or modification, and they have only limited respect for retaining the overall security and integrity of your machine.

My advice would be to download the removal tool from here. Use this to uninstall PunkBuster Services. Then when I give the all clear use it again to reinstall PunkBuster Services if you so wish.

 

I see you have the following anti-virus(es) in your system --
  • COMODO Antivirus;
  • avast! Free Antivirus;
  • Norton 360

If you want to keep avast! Free Antivirus as stated in the original post, use the following tools to remove the other anti-virus software.

Download and run Norton Removal Tool to remove Norton.

To remove COMODO anti-virus:

1. Create a System Restore Point

2. Go to the Control Panel->Add/Remove Programs, and launch the uninstall applications for Comodo Internet Security

3. Reboot

4. Run the CIS Clean-up Tool

5. Reboot

6. Run the CIS Clean-up Tool again, to make sure that files previously locked by the system are removed

All remaining files and registry entries for Comodo Internet Security should now be gone!

 

Download Uninstall Utility to your Desktop.
Download the correct version of Avast
Avast Free
Disconnect from the net
Uninstall Avast via control panel

  • Run aswClear
  • It will offer to reboot to safe mode .. Accept that
    Posted Image
  • Once it has rebooted to safe mode
  • In the Select Product to Uninstall dropdown choose the version of Avast that is on your system.
  • Press Uninstall
  • Once complete reboot your system to Normal Mode
  • Reinstall Avast

Regards,
Valinorum
  • 0

#5
mafiso

mafiso

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Now i have avast fully working. But still i get prompted to softwares like steam " Are you sure you wan't this software to allow to change your system". Also when changing priority on task manager for certain softwares it shows "access denied!"
  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Hi mafiso, :)

But still i get prompted to softwares like steam " Are you sure you wan't this software to allow to change your system". Also when changing priority on task manager for certain softwares it shows "access denied!"

Roger.
I will address them after removing some lines which need adressing.

  • Step #3 P2P Warning
    **IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
  • µTorrent
I shall provide you with a few reference links, please read them up to know the risks of having a P2P program.

Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P file-sharing as a major conduit to spread their wares.

My recommendation is that you uninstall the programs listed above.

If you choose not to remove them, please do not use them until this computer is clean.
 

  • Step #4 Fix with OTL
  • Re-run OTL by right clicking and choosing Run as administrator;
  • Under the Custom Scans/Fixes Box copy and paste the following contents inside the quote box. (Do not include the word 'quote').

    :Commands
    [createrestorepoint]

    :OTL
    SRV:64bit: - [2013.10.20 01:23:22 | 006,254,152 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
    SRV:64bit: - [2013.09.24 10:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
    SRV - [2014.01.16 06:50:18 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
    SRV - [2014.01.15 13:23:00 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
    SRV - [2013.11.06 19:07:36 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    DRV:64bit: - [2014.01.12 07:49:11 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    DRV:64bit: - [2013.10.07 07:17:38 | 000,014,888 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hmd.sys -- (HMD)
    DRV:64bit: - [2013.09.24 10:54:12 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://yandex.ru/yan...t={searchTerms}
    IE - HKCU\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/pe...ms}&submitted=1
    IE - HKCU\..\SearchScopes\Yandex: "URL" = http://www.bing.com/...Box&FORM=IE11SR
    FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
    FF - user.js - File not found
    FF - HKLM\Software\MozillaPlugins\@rising.com.cn/nprising: File not found
    FF - HKCU\Software\MozillaPlugins\@rising.com.cn/nprising: File not found
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    CHR - Extension: Torrent Search Engine = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehgmagepaihhjelilbkmpciljjachng\2012.2.4.45053_0\
    O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
    O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
    O4 - HKLM..\Run: [PrivDogService] C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe (AdTrustMedia)
    O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
    O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
    O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
    O9:64bit: - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
    O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia)
    [2014.01.21 09:50:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
    [2014.01.13 10:38:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
    [2014.01.12 13:14:54 | 000,023,168 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys.bak
    [2014.01.12 10:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\AdTrustMedia
    [2014.01.12 10:24:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdTrustMedia
    [2014.01.12 10:23:34 | 000,048,392 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
    [2014.01.12 10:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
    [2014.01.12 10:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
    [2014.01.12 10:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
    [2014.01.12 10:20:50 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\Comodo
    [2014.01.12 10:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
    [2014.01.12 10:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
    [2014.01.12 07:51:20 | 000,251,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
    [2014.01.12 07:51:20 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
    [2014.01.12 07:51:20 | 000,031,544 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
    [2014.01.12 07:51:19 | 000,123,704 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
    [2014.01.12 07:51:18 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
    [2014.01.12 07:51:18 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
    [2014.01.12 07:51:17 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
    [2014.01.12 07:51:17 | 000,194,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
    [2014.01.12 07:51:17 | 000,057,144 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys.bak
    [2014.01.12 07:51:16 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
    [2014.01.12 07:49:30 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2014.01.13 19:37:44 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys.bak
    [2014.01.13 19:37:41 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
    [2014.01.12 10:23:34 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
    [2014.01.12 10:23:34 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
    [2014.01.12 07:51:20 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
    [2014.01.12 07:51:20 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
    [2014.01.12 07:51:20 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
    [2014.01.12 07:51:19 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
    [2014.01.12 07:51:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
    [2014.01.12 07:51:18 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
    [2014.01.12 07:51:17 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
    [2014.01.12 07:51:17 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
    [2014.01.12 07:51:17 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys.bak
    [2014.01.12 07:49:11 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2014.01.12 05:53:02 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
    [2014.01.14 14:51:18 | 000,377,856 | ---- | C] () -- C:\Users\Matīss\Desktop\43pfhzoq.exe
    [2013.11.06 14:53:46 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
    @Alternate Data Stream - 990 bytes -> C:\ProgramData\Microsoft:gKA5aiDZ2kaD8el0ougE
    @Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:0C1EFF69
    @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:FB6A21E3
    @Alternate Data Stream - 1171 bytes -> C:\ProgramData\Microsoft:OrparA2WSXg05F3e8Qtco
    @Alternate Data Stream - 1050 bytes -> C:\Program Files\Common Files\System:UBQGcezZ0IChUtLyAJ

    :Commands
    [emptytemp]

  • Click on "Run Fix" and let the program run unhindered;
  • Your PC will reboot automatically and a log will be opened;
  • Please post it in your next reply.
  • Re-run OTL and click Quick Scan and post the log as well.

 

Do you have this log: C:\Combofix.txt. If you do, please, post it.

 

  • Required Log(s):
    • OldTimer's ListIt Log(s) --
    • OTL Fix Log;
    • OTL.txt
  • Combofix.txt

Regards,
Valinorum
  • 0

#7
mafiso

mafiso

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OTL FIX LOG
---------------------------------------
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named cmdAgent was found to stop!
Service\Driver key cmdAgent not found.
File C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe not found.
Error: No service named cmdvirth was found to stop!
Service\Driver key cmdvirth not found.
File C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe not found.
Service CLPSLauncher stopped successfully!
Service CLPSLauncher deleted successfully!
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe moved successfully.
Service GeekBuddyRSP stopped successfully!
Service GeekBuddyRSP deleted successfully!
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe moved successfully.
Error: No service named PnkBstrA was found to stop!
Service\Driver key PnkBstrA not found.
File C:\Windows\SysWOW64\PnkBstrA.exe not found.
Service avgtp stopped successfully!
Service avgtp deleted successfully!
C:\Windows\SysNative\drivers\avgtpx64.sys moved successfully.
Error: Unable to stop service HMD!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HMD deleted successfully.
C:\Windows\SysNative\drivers\hmd.sys moved successfully.
Error: No service named cmderd was found to stop!
Service\Driver key cmderd not found.
File C:\Windows\SysNative\drivers\cmderd.sys not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\HKCU\..\SearchScopes\Moikrug: "URL" = http://moikrug.ru/pe...ms}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ deleted successfully.
Prefs.js: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37 removed from extensions.enabledAddons
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@rising.com.cn/nprising\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@rising.com.cn/nprising\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected] deleted successfully.
File C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird not found.
C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehgmagepaihhjelilbkmpciljjachng\2012.2.4.45053_0\icons folder moved successfully.
C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehgmagepaihhjelilbkmpciljjachng\2012.2.4.45053_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}\ deleted successfully.
C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\COMODO Internet Security not found.
File C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PrivDogService deleted successfully.
C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tvncontrol deleted successfully.
File C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube Download\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube to MP3 Converter\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube Download\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube to MP3 Converter\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2F5C139F-79BD-4C84-A95A-E7140525BC55}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F5C139F-79BD-4C84-A95A-E7140525BC55}\ not found.
C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2F5C139F-79BD-4C84-A95A-E7140525BC55}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F5C139F-79BD-4C84-A95A-E7140525BC55}\ not found.
File C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll not found.
C:\Program Files (x86)\Common Files\COMODO folder moved successfully.
C:\Windows\SysWow64\N360_BACKUP folder moved successfully.
C:\Windows\SysNative\drivers\cmderd.sys.bak moved successfully.
C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15 folder moved successfully.
C:\Program Files\AdTrustMedia\PrivDog folder moved successfully.
C:\Program Files\AdTrustMedia folder moved successfully.
C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15 folder moved successfully.
C:\Program Files (x86)\AdTrustMedia\PrivDog folder moved successfully.
C:\Program Files (x86)\AdTrustMedia folder moved successfully.
File C:\Windows\SysWow64\certsentry.dll not found.
C:\ProgramData\COMODO\lps4\temp\updates folder moved successfully.
C:\ProgramData\COMODO\lps4\temp folder moved successfully.
Folder move failed. C:\ProgramData\COMODO\lps4\lps-ca scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\COMODO\lps4 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\COMODO scheduled to be moved on reboot.
C:\Program Files\COMODO\GeekBuddy\update\Matīss folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\update\emilija folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\update folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\temp\Matīss folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\temp\emilija folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\temp folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\settings\Matīss folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\settings\emilija folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\settings folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\resources\res folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\resources folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-vt\components\plugin folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-vt\components\core\component-100 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-vt\components\core folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-vt\components folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-vt folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\plugin\component-2051 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\plugin\component-2048 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\plugin\component-2041 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\plugin\component-2040 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\plugin\component-2037 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\plugin folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-8 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-7 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-6 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-5 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-3 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-2054 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-2045 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-2042 folder moved successfully.
Folder move failed. C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-2 scheduled to be moved on reboot.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-17 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-13 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-10 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-0 folder moved successfully.
Folder move failed. C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core scheduled to be moved on reboot.
Folder move failed. C:\Program Files\COMODO\GeekBuddy\lps-cspm\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files\COMODO\GeekBuddy\lps-cspm scheduled to be moved on reboot.
C:\Program Files\COMODO\GeekBuddy\lps-ca\components\plugin folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-ca\components\core\component-203 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-ca\components\core\component-202 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-ca\components\core\component-200 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-ca\components\core folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-ca\components folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-ca folder moved successfully.
Folder move failed. C:\Program Files\COMODO\GeekBuddy\logs\Matīss scheduled to be moved on reboot.
C:\Program Files\COMODO\GeekBuddy\logs\emilija folder moved successfully.
Folder move failed. C:\Program Files\COMODO\GeekBuddy\logs scheduled to be moved on reboot.
C:\Program Files\COMODO\GeekBuddy\imageformats folder moved successfully.
Folder move failed. C:\Program Files\COMODO\GeekBuddy scheduled to be moved on reboot.
Folder move failed. C:\Program Files\COMODO scheduled to be moved on reboot.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\GeekBuddy folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\User StyleSheets folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\JumpListIconsOld folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\JumpListIcons folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\GPUCache folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\Temp folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\vi folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\uk folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\tr folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\th folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sv folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sr folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sl folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sk folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ru folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ro folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pl folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nl folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nb folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lv folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lt folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ko folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ja folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\it folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\id folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hu folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hr folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hi folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fr folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fil folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fi folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\et folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es_419 folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en_GB folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\el folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\de folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\da folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\cs folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ca folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\bg folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\html folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\css folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\_locales\uk folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\_locales\ru folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\_locales\en folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\_locales folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\js folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\icons\default_services folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\icons folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0\css folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf\0.1_0 folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\privdog\ui folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\privdog folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\js\schemas folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\js\models folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\js\frameworks folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\js folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\images folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\html\templates folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\html folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\css folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0\config folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.18_0 folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\privdog\ui folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\privdog folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\js\schemas folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\js\models folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\js\frameworks folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\js folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\images folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\html\templates folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\html folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\css folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0\config folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.8.0.15_0 folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn\0.3_0\_locales\uk folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn\0.3_0\_locales\ru folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn\0.3_0\_locales\en folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn\0.3_0\_locales folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn\0.3_0 folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0\_locales\en folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0\_locales folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0\style folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0\scripts\content folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0\scripts folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0\images folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0\html folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo\1.0_0 folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extensions folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extension State folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Extension Rules folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default\Cache folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data\Default folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon\User Data folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo\Dragon folder moved successfully.
C:\Users\Matīss\AppData\Local\Comodo folder moved successfully.
C:\Program Files (x86)\Comodo folder moved successfully.
Folder C:\ProgramData\Comodo Downloader\ not found.
C:\Windows\SysNative\drivers\avgtdia.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgtpx64.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgrkx64.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgmfx64.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgloga.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgldx64.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgidsha.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgfwd6a.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgdiska.sys.bak moved successfully.
File C:\Windows\SysNative\drivers\avgtpx64.sys not found.
File C:\Windows\SysNative\drivers\cmderd.sys.bak not found.
File C:\Windows\SysNative\drivers\avgtpx64.sys.bak not found.
File C:\Windows\SysNative\certsentry.dll not found.
File C:\Windows\SysWow64\certsentry.dll not found.
File C:\Windows\SysNative\drivers\avgtdia.sys.bak not found.
File C:\Windows\SysNative\drivers\avgmfx64.sys.bak not found.
File C:\Windows\SysNative\drivers\avgrkx64.sys.bak not found.
File C:\Windows\SysNative\drivers\avgloga.sys.bak not found.
File C:\Windows\SysNative\drivers\avgldx64.sys.bak not found.
File C:\Windows\SysNative\drivers\avgidsha.sys.bak not found.
File C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak not found.
File C:\Windows\SysNative\drivers\avgdiska.sys.bak not found.
File C:\Windows\SysNative\drivers\avgfwd6a.sys.bak not found.
File C:\Windows\SysNative\drivers\avgtpx64.sys not found.
C:\Windows\SysNative\drivers\mbamchameleon.sys moved successfully.
C:\Users\Matīss\Desktop\43pfhzoq.exe moved successfully.
C:\Windows\SysWOW64\pbsvc.exe moved successfully.
ADS C:\ProgramData\Microsoft:gKA5aiDZ2kaD8el0ougE deleted successfully.
ADS C:\ProgramData\TEMP:0C1EFF69 deleted successfully.
ADS C:\ProgramData\TEMP:FB6A21E3 deleted successfully.
ADS C:\ProgramData\Microsoft:OrparA2WSXg05F3e8Qtco deleted successfully.
ADS C:\Program Files\Common Files\System:UBQGcezZ0IChUtLyAJ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56478 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: emilija
->Temp folder emptied: 37097 bytes
->Temporary Internet Files folder emptied: 195 bytes
->FireFox cache emptied: 231651867 bytes
->Flash cache emptied: 64782 bytes

User: Emīlija
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 819864957 bytes
->Opera cache emptied: 128836 bytes
->Flash cache emptied: 94212 bytes

User: Krišjānis
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 804 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 499603347 bytes
->Opera cache emptied: 21225887 bytes
->Flash cache emptied: 62128 bytes

User: Matiss
->Temp folder emptied: 0 bytes

User: Matss
->Temp folder emptied: 0 bytes

User: Mat_ss
->Temp folder emptied: 0 bytes

User: MatŒss
->Temp folder emptied: 0 bytes

User: Matīss
->Temp folder emptied: 0 bytes

User: Matīss
->Temp folder emptied: 36059274 bytes
->Temporary Internet Files folder emptied: 2631824 bytes
->Java cache emptied: 34235979 bytes
->FireFox cache emptied: 22160804 bytes
->Google Chrome cache emptied: 350264732 bytes
->Opera cache emptied: 7834 bytes
->Flash cache emptied: 58073 bytes

User: Mat
->Temp folder emptied: 0 bytes

User: Mat○ss
->Temp folder emptied: 0 bytes

User: Mat�ss
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: test
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 388368 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 383554 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42339404 bytes
RecycleBin emptied: 615860572 bytes

Total Files Cleaned = 2 553.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01272014_145932

Files\Folders moved on Reboot...
C:\ProgramData\COMODO\lps4\lps-ca folder moved successfully.
C:\ProgramData\COMODO\lps4 folder moved successfully.
C:\ProgramData\COMODO folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core\component-2 folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components\core folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm\components folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\lps-cspm folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\logs\Matīss folder moved successfully.
C:\Program Files\COMODO\GeekBuddy\logs folder moved successfully.
C:\Program Files\COMODO\GeekBuddy folder moved successfully.
C:\Program Files\COMODO folder moved successfully.
C:\Users\Matīss\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Matīss\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


------------------------------------------------------------------------------------
COMBO FIX


ComboFix 14-01-08.03 - Matīss 014.01.12. 9:28.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1257.371.1033.18.8175.5908 [GMT 2:00]
Running from: c:\users\Matīss\Desktop\ComboFix.exe
AV: AVG Premium Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: AVG Premium Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: AVG Premium Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\PFRO.log
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\logs
c:\windows\SysWow64\logs\Game - R3d Logs\2012-03-26_22-52-37_r3dlog.txt
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\tmp23F4.tmp
c:\windows\SysWow64\tmp23F5.tmp
c:\windows\SysWow64\tmp849F.tmp
c:\windows\SysWow64\tmp84C0.tmp
c:\windows\SysWow64\wpcap.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
-------\Service_Uvnc_service
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Files Created from 2013-12-12 to 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 07:36 . 2014-01-12 07:36 -------- d-----w- c:\users\test\AppData\Local\temp
2014-01-12 07:36 . 2014-01-12 07:36 -------- d-----w- c:\users\Krišjānis\AppData\Local\temp
2014-01-12 06:18 . 2014-01-12 06:18 -------- d-----w- c:\users\Matīss\AppData\Local\AVG Nation toolbar
2014-01-12 06:01 . 2014-01-12 06:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-12 06:01 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-12 05:53 . 2014-01-12 05:53 -------- d-----w- c:\users\Matīss\AppData\Roaming\AVG2014
2014-01-12 05:51 . 2014-01-12 05:51 -------- d-----w- c:\users\Matīss\AppData\Roaming\TuneUp Software
2014-01-12 05:51 . 2014-01-12 05:51 31544 ----a-w- c:\windows\system32\drivers\avgrkx64.sys.bak
2014-01-12 05:51 . 2014-01-12 05:51 251192 ----a-w- c:\windows\system32\drivers\avgtdia.sys.bak
2014-01-12 05:51 . 2014-01-12 05:51 123704 ----a-w- c:\windows\system32\drivers\avgmfx64.sys.bak
2014-01-12 05:51 . 2014-01-12 05:51 294712 ----a-w- c:\windows\system32\drivers\avgloga.sys.bak
2014-01-12 04:33 . 2014-01-12 04:35 -------- d-----w- c:\programdata\HitmanPro
2014-01-12 04:27 . 2014-01-12 05:52 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-12 04:26 . 2014-01-12 05:52 8192 ----a-w- c:\windows\system32\drivers\RDPREFMP.sys.bak
2014-01-12 04:25 . 2014-01-12 05:51 35392 ----a-w- c:\windows\system32\drivers\megasas.sys.bak
2014-01-12 04:24 . 2014-01-12 05:51 530496 ----a-w- c:\windows\system32\drivers\elxstor.sys.bak
2014-01-12 04:23 . 2014-01-12 05:51 12534784 ----a-w- c:\windows\system32\drivers\atikmdag.sys.bak
2014-01-12 04:03 . 2014-01-12 05:53 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2014-01-12 04:03 . 2014-01-12 04:03 -------- d-----w- c:\program files\Symantec
2014-01-12 04:03 . 2014-01-12 04:03 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-01-12 04:02 . 2014-01-12 06:12 -------- d-----w- c:\windows\system32\drivers\N360x64
2014-01-12 04:02 . 2014-01-12 04:02 -------- d-----w- c:\program files (x86)\Norton 360
2014-01-12 03:12 . 2014-01-12 03:12 -------- d-----w- c:\program files (x86)\NortonInstaller
2014-01-12 01:47 . 2014-01-12 03:53 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-12 01:41 . 2014-01-12 06:35 -------- d-----w- c:\programdata\MFAData
2014-01-12 01:41 . 2014-01-12 05:53 -------- d-----w- c:\users\Matīss\AppData\Local\Avg2014
2014-01-12 01:41 . 2014-01-12 01:41 -------- d-----w- c:\users\Matīss\AppData\Local\MFAData
2014-01-12 01:34 . 2014-01-12 01:34 -------- d-----w- c:\program files\Quick Heal
2014-01-12 01:08 . 2014-01-12 01:08 -------- d-----w- C:\FRST
2014-01-12 00:47 . 2014-01-12 00:55 -------- d-----w- C:\AdwCleaner
2014-01-12 00:46 . 2014-01-12 00:46 -------- d-----w- c:\windows\ERUNT
2014-01-10 19:55 . 2014-01-12 03:50 -------- d-----w- C:\{$6591-1999-7731-3088$}
2014-01-05 13:42 . 2014-01-05 13:42 -------- d-----w- c:\users\Matīss\AppData\Roaming\PDAppFlex
2014-01-03 16:45 . 2014-01-03 16:45 -------- d-----w- c:\program files (x86)\REVisionEffects
2014-01-03 13:21 . 2014-01-03 13:22 -------- d-----w- c:\program files\TabletPlugins
2014-01-03 13:21 . 2013-11-12 00:16 15160 ----a-w- c:\windows\system32\drivers\wacomrouterfilter.sys
2014-01-03 13:21 . 2013-11-12 00:16 90424 ----a-w- c:\windows\system32\drivers\wachidrouter.sys
2014-01-03 13:21 . 2013-11-12 00:16 14136 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2014-01-03 13:21 . 2012-04-11 22:34 1721576 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2014-01-03 13:21 . 2012-04-11 22:34 1721576 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01009.dll
2014-01-02 14:10 . 2014-01-02 14:10 -------- d-----w- c:\users\Matīss\.thumbnails
2014-01-01 23:00 . 2014-01-01 23:19 -------- d-----w- c:\users\Matīss\AppData\Local\Play withSIX
2014-01-01 23:00 . 2014-01-01 23:01 -------- d-----w- c:\users\Matīss\AppData\Roaming\Play withSIX
2013-12-31 14:47 . 2013-12-31 14:54 -------- d-----w- c:\users\Matīss\AppData\Local\LeoCAD
2013-12-31 14:45 . 2013-12-31 14:45 -------- d-----w- c:\program files (x86)\LeoCAD
2013-12-30 22:55 . 2013-12-30 23:04 -------- d-----w- c:\program files (x86)\SR 3D Builder
2013-12-30 17:57 . 2013-12-30 23:04 -------- d-----w- c:\program files (x86)\LDraw
2013-12-30 17:56 . 2013-12-30 17:57 -------- d-----w- c:\windows\LDraw
2013-12-28 15:47 . 2013-12-28 15:47 -------- d-----w- c:\users\Matīss\AppData\Local\Rising
2013-12-21 16:41 . 2013-12-21 16:41 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-12-21 16:41 . 2013-12-21 16:41 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-12-19 14:39 . 2013-12-21 18:56 -------- d-----w- c:\users\Matīss\AppData\Roaming\mIRC
2013-12-19 14:39 . 2013-12-21 18:30 -------- d-----w- c:\program files (x86)\mIRC
2013-12-17 19:42 . 2013-12-17 19:42 -------- d-----w- c:\users\Matīss\AppData\Roaming\OBS
2013-12-17 19:41 . 2013-12-17 19:41 -------- d-----w- c:\program files\OBS
2013-12-17 19:41 . 2013-12-18 13:51 -------- d-----w- c:\program files (x86)\OBS
2013-12-16 14:40 . 2013-12-16 14:40 -------- d-----w- c:\program files (x86)\Spirited Machine
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 07:38 . 2013-06-04 00:22 25640 ----a-w- c:\windows\gdrv.sys
2013-12-17 01:17 . 2012-05-21 16:24 1778968 ----a-w- c:\windows\system32\Wintab32.dll
2013-12-17 01:17 . 2012-05-21 16:24 1906968 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2013-12-17 01:17 . 2012-05-21 16:24 1913624 ----a-w- c:\windows\system32\Pen_Tablet.dll
2013-12-17 01:17 . 2012-05-21 16:24 1780504 ----a-w- c:\windows\system32\WacomMT.dll
2013-12-17 01:17 . 2012-05-21 16:24 1544472 ----a-w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
2013-12-17 01:17 . 2012-05-21 16:24 1432344 ----a-w- c:\windows\SysWow64\WacomMT.dll
2013-12-17 01:17 . 2012-05-21 16:24 1551640 ----a-w- c:\windows\SysWow64\Pen_Tablet.dll
2013-12-17 01:17 . 2012-05-21 16:24 1428248 ----a-w- c:\windows\SysWow64\Wintab32.dll
2013-12-16 01:00 . 2013-02-20 17:36 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 20:14 . 2012-04-04 12:01 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-10 20:14 . 2012-01-22 08:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-08 14:44 . 2012-01-25 20:30 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-12-08 14:44 . 2012-01-25 20:26 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-11-28 19:18 . 2012-01-25 20:26 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-11-26 22:30 . 2013-11-26 22:30 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 22:30 . 2013-11-26 22:30 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 22:30 . 2013-11-26 22:30 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 22:30 . 2013-11-26 22:30 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 22:30 . 2013-11-26 22:30 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 22:30 . 2013-11-26 22:30 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 22:30 . 2013-11-26 22:30 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 22:30 . 2013-11-26 22:30 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 22:30 . 2013-11-26 22:30 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 22:30 . 2013-11-26 22:30 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 22:30 . 2013-11-26 22:30 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 22:30 . 2013-11-26 22:30 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 22:30 . 2013-11-26 22:30 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 22:30 . 2013-11-26 22:30 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 22:30 . 2013-11-26 22:30 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 22:30 . 2013-11-26 22:30 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 22:30 . 2013-11-26 22:30 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 22:30 . 2013-11-26 22:30 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 22:30 . 2013-11-26 22:30 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 22:30 . 2013-11-26 22:30 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 22:30 . 2013-11-26 22:30 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 22:30 . 2013-11-26 22:30 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 22:30 . 2013-11-26 22:30 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 22:30 . 2013-11-26 22:30 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 22:30 . 2013-11-26 22:30 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 22:30 . 2013-11-26 22:30 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 22:30 . 2013-11-26 22:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 22:30 . 2013-11-26 22:30 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 22:30 . 2013-11-26 22:30 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 22:30 . 2013-11-26 22:30 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 22:30 . 2013-11-26 22:30 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 22:30 . 2013-11-26 22:30 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 22:30 . 2013-11-26 22:30 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-26 22:30 . 2013-11-26 22:30 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 22:30 . 2013-11-26 22:30 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 22:30 . 2013-11-26 22:30 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-26 22:30 . 2013-11-26 22:30 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 22:30 . 2013-11-26 22:30 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-26 22:30 . 2013-11-26 22:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 22:30 . 2013-11-26 22:30 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 22:30 . 2013-11-26 22:30 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 22:30 . 2013-11-26 22:30 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 22:30 . 2013-11-26 22:30 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 22:30 . 2013-11-26 22:30 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 22:30 . 2013-11-26 22:30 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 22:30 . 2013-11-26 22:30 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 22:30 . 2013-11-26 22:30 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 22:30 . 2013-11-26 22:30 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-26 22:30 . 2013-11-26 22:30 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-26 22:30 . 2013-11-26 22:30 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-26 22:30 . 2013-11-26 22:30 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 22:30 . 2013-11-26 22:30 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-26 22:30 . 2013-11-26 22:30 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-26 22:30 . 2013-11-26 22:30 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-26 22:30 . 2013-11-26 22:30 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-26 22:30 . 2013-11-26 22:30 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-26 22:30 . 2013-11-26 22:30 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-26 22:30 . 2013-11-26 22:30 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-26 22:30 . 2013-11-26 22:30 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:54 . 2013-12-11 21:51 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 21:51 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 21:51 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 21:51 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 21:51 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 21:51 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-11 21:51 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-11 21:51 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-11 21:51 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-11 21:51 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-11 21:51 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-11 21:51 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-11 21:51 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-11 21:51 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-11 21:50 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-11 21:51 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-11 21:51 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-11 21:51 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-11 21:51 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-11 21:51 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-11 21:51 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-11 21:51 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-11 21:51 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-11 21:51 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 14:47 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 14:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
"vProt"="c:\program files (x86)\AVG Nation toolbar\vprot.exe" [2014-01-12 2403144]
.
c:\users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DCOM Utilities.url [2014-1-12 53]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2014\avgfws.exe;c:\program files (x86)\AVG\AVG2014\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 GridspotService;GridspotService;c:\program files (x86)\Gridspot\GridspotService.exe;c:\program files (x86)\Gridspot\GridspotService.exe [x]
S2 GridspotVMDriver;GridspotVMDriver;c:\program files (x86)\Gridspot\VMRuntime\VBoxDrv.sys;c:\program files (x86)\Gridspot\VMRuntime\VBoxDrv.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [x]
S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20131218.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [x]
S3 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20140110.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20140110.001\IDSvia64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 20:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
[HKEY_CLASSES_ROOT\tGBandObj.tGBandObjClass]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2011-03-30 2552320]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Matīss\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
FF - ProfilePath - c:\users\Matīss\AppData\Roaming\Mozilla\Firefox\Profiles\spopmmy6.default\
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Wow6432Node-HKLM-Run-AvastUI.exe - c:\program files\AVAST Software\Avast\AvastUI.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\AVAST Software\Avast\ashShA64.dll
AddRemove-Crescendo - c:\program files (x86)\NCH Software\Crescendo\crescendo.exe
AddRemove-MixPad - c:\program files (x86)\NCH Software\MixPad\mixpad.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:23,ef,d9,88,66,18,c1,b8,80,59,e1,54,fe,7c,29,76,23,77,80,f8,75,
f0,ae,1e,cd,84,65,9f,46,37,bc,67,08,32,8b,d7,cd,1b,45,99,21,10,82,81,28,9f,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
c:\program files\Tablet\Pen\WacomHost.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Completion time: 2014-01-12 09:44:28 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-12 07:44
.
Pre-Run: 64 358 363 136 bytes free
Post-Run: 63 688 138 752 bytes free
.
- - End Of File - - 9FA265CB2EE5B1FB46344310F5EC6F54
A36C5E4F47E84449FF07ED3517B43A31
-----------------------------------------------------------------------------------------------------
OTL QUICK SCAN

OTL logfile created on: 2014.01.27. 15:07:22 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matīss\Desktop\anti virus
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000426 | Country: Latvija | Language: LVI | Date Format: yyyy.MM.dd.

7.98 Gb Total Physical Memory | 5.94 Gb Available Physical Memory | 74.38% Memory free
15.97 Gb Paging File | 13.56 Gb Available in Paging File | 84.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 161.03 Gb Total Space | 61.77 Gb Free Space | 38.36% Space Free | Partition Type: NTFS
Drive E: | 304.63 Gb Total Space | 8.12 Gb Free Space | 2.67% Space Free | Partition Type: NTFS

Computer Name: MAFISO-PC | User Name: Matīss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.25 12:49:51 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.01.25 12:49:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.01.18 08:53:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matīss\Desktop\anti virus\OTL.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.07.08 09:42:48 | 001,922,600 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
PRC - [2013.07.08 09:42:38 | 001,798,696 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
PRC - [2012.10.09 01:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012.03.20 03:09:04 | 000,051,568 | ---- | M] (Gridspot) -- C:\Program Files (x86)\Gridspot\GridspotService.exe
PRC - [2010.04.22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2007.01.30 12:02:00 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.25 12:49:51 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.01.07 06:05:53 | 000,399,640 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppgooglenaclpluginchrome.dll
MOD - [2014.01.07 06:05:52 | 013,615,896 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll
MOD - [2014.01.07 06:05:49 | 004,055,320 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
MOD - [2014.01.07 06:04:47 | 000,715,544 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\libglesv2.dll
MOD - [2014.01.07 06:04:46 | 000,100,120 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\libegl.dll
MOD - [2014.01.07 06:04:42 | 001,634,584 | ---- | M] () -- C:\Users\Matīss\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll
MOD - [2007.02.16 20:01:00 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\FinePixViewer\wia_register_event.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.01.25 12:49:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014.01.12 13:46:35 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2013.12.17 03:17:18 | 000,627,992 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2013.11.26 11:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.10.08 14:52:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.01.19 08:54:13 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.01.07 23:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.07.08 09:42:48 | 001,922,600 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe -- (PanService)
SRV - [2013.05.27 20:28:22 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2012.11.14 21:02:20 | 000,744,856 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.06.15 00:20:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.29 18:00:41 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.03.20 03:09:04 | 000,051,568 | ---- | M] (Gridspot) [Auto | Running] -- C:\Program Files (x86)\Gridspot\GridspotService.exe -- (GridspotService)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.01.27 15:06:48 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV:64bit: - [2014.01.26 10:25:13 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.01.25 12:49:53 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.01.25 12:49:53 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.01.25 12:49:53 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.01.25 12:49:53 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.01.25 12:49:53 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.25 12:49:53 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.11.12 02:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013.11.12 02:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013.11.12 02:16:02 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013.10.08 15:58:42 | 012,534,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.10.08 14:27:46 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.07.05 10:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.05.07 09:00:18 | 000,037,976 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\SysNative\drivers\CFRMD.sys -- (CFRMD)
DRV:64bit: - [2013.04.14 10:37:25 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.21 19:38:38 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.09.16 09:12:58 | 000,032,360 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011.06.15 15:11:20 | 000,058,472 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011.06.15 15:11:20 | 000,058,472 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011.06.15 15:11:20 | 000,027,136 | ---- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.03.07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.13 13:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.21 09:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.01 15:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005.07.01 10:22:56 | 000,322,560 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt61.sys -- (RT61)
DRV - [2014.01.14 00:14:18 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Run\cleanhlp64.sys -- (cleanhlp)
DRV - [2014.01.12 09:38:33 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.01.23 14:05:51 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.01.21 19:09:57 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2011.11.04 22:37:00 | 000,224,048 | ---- | M] (Oracle Corporation) [Kernel | Auto | Running] -- C:\Program Files (x86)\Gridspot\VMRuntime\VBoxDrv.sys -- (GridspotVMDriver)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = lv
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F 2D B9 57 A7 B2 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.9.2
FF - prefs.js..extensions.enabledAddons:
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Matīss\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Matīss\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Matīss\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Matīss\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.01.25 12:55:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.10.06 20:59:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.01.18 12:11:05 | 000,000,000 | ---D | M]

[2012.04.13 14:55:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Extensions
[2012.04.13 14:55:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014.01.12 10:25:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Firefox\Profiles\spopmmy6.default\extensions
[2012.06.16 01:12:46 | 001,335,949 | ---- | M] () (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Firefox\Profiles\spopmmy6.default\extensions\[email protected]
[2014.01.12 10:25:02 | 000,537,103 | ---- | M] () (No name found) -- C:\Users\Matīss\AppData\Roaming\Mozilla\Firefox\Profiles\spopmmy6.default\extensions\[email protected]
[2013.02.27 12:25:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.24 21:30:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.08 22:54:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.11.26 07:48:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\MATÄ«SS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SPOPMMY6.DEFAULT\EXTENSIONS\[email protected]
[2012.06.15 00:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Chrome\Application\32.0.1700.72\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Mat\u012Bss\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: AdBlock = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: avast! Online Security = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Window Top It = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jheacplmldofkoakhdajanmdfephkbln\1.3.0_0\
CHR - Extension: Adam's Virtual Guitar = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmglhglajnejdnihkcngheghkgpfign\2.0_0\
CHR - Extension: DEPRECATED: Virtual Keyboard (by Google) = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\
CHR - Extension: Ask Scooby - The Friendly Home Fitness & Bodybuilding Forum - Index = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdnabimnnafoadoefkgaidaapibcmkk\2012.2.4.45056_0\
CHR - Extension: Google Wallet = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: draugiem.lv = C:\Users\Matīss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnchogakeidplncghlgnhifcchoikaal\2012.3.13.39348_0\

O1 HOSTS File: ([2013.09.03 17:19:52 | 000,000,833 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKLM..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\897e3f35-6ab1-4719-bae9-195af9ca1526.exe (AVAST Software)
O4 - Startup: C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCOM Utilities.url ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5E0648E-4B37-421B-84C4-0AF621073A58}: DhcpNameServer = 195.122.12.241 80.232.230.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFC70417-750C-4980-80DB-99C84DBCA66F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.01.27 14:59:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2014.01.27 14:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2014.01.27 14:05:47 | 000,233,472 | ---- | C] (FUJIFILM Corporation) -- C:\Windows\SysWow64\RFCLauncher.exe
[2014.01.27 14:05:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RAF
[2014.01.27 14:05:19 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\FUJIFILM
[2014.01.27 14:04:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJIFILM
[2014.01.27 14:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\FUJIFILM
[2014.01.27 14:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FUJIFILM
[2014.01.27 12:25:32 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\FUJIFILM
[2014.01.27 12:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinePixViewer
[2014.01.27 12:25:02 | 000,274,432 | ---- | C] (FUJI PHOTO FILM CO., LTD.) -- C:\Windows\SysWow64\FFTIFF16.dll
[2014.01.27 12:25:02 | 000,208,896 | ---- | C] (FUJI PHOTO FILM CO., LTD.) -- C:\Windows\SysWow64\FFRafShellEx.dll
[2014.01.27 12:25:02 | 000,155,648 | ---- | C] (FUJI PHOTO FILM CO., LTD.) -- C:\Windows\SysWow64\FFRAFLIB.DLL
[2014.01.27 12:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinePixViewer
[2014.01.25 12:58:16 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\AVAST Software
[2014.01.25 12:51:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014.01.25 12:50:12 | 000,082,744 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys.1390724713
[2014.01.25 12:50:12 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.01.25 12:50:10 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.01.25 12:50:10 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.01.25 12:50:08 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.01.25 12:50:07 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.01.25 12:50:03 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.01.25 12:49:53 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.01.18 11:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.01.18 11:57:26 | 091,412,976 | ---- | C] (AVAST Software) -- C:\Users\Matīss\Desktop\avast_free_antivirus_setup.exe
[2014.01.18 08:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DATA
[2014.01.18 08:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\defs
[2014.01.18 08:55:43 | 000,380,456 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashWebSv.dll
[2014.01.18 08:55:43 | 000,179,648 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt64.dll
[2014.01.18 08:55:43 | 000,164,144 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt.dll
[2014.01.18 08:55:43 | 000,087,424 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashWsFtr.dll
[2014.01.18 08:55:43 | 000,033,856 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResWS2.dll
[2014.01.18 08:55:42 | 000,543,184 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\RegSvr64.exe
[2014.01.18 08:55:42 | 000,506,616 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\RegSvr32.exe
[2014.01.18 08:55:42 | 000,439,696 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\asOutExt64.dll
[2014.01.18 08:55:42 | 000,410,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashMaiSv.dll
[2014.01.18 08:55:42 | 000,409,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\asOutExt.dll
[2014.01.18 08:55:42 | 000,331,576 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\SetupInf64.exe
[2014.01.18 08:55:42 | 000,275,920 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResWS.dll
[2014.01.18 08:55:42 | 000,169,824 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhAScr.dll
[2014.01.18 08:55:42 | 000,153,856 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResStd.dll
[2014.01.18 08:55:42 | 000,121,408 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswRunDll.exe
[2014.01.18 08:55:42 | 000,060,680 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AhResMai.dll
[2014.01.18 08:55:40 | 000,448,936 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswStreamFilter.dll
[2014.01.18 08:55:40 | 000,332,576 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\snxhk64.dll
[2014.01.18 08:55:40 | 000,287,280 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashShA64.dll
[2014.01.18 08:55:40 | 000,272,800 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\snxhk.dll
[2014.01.18 08:55:40 | 000,269,312 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\ssleay32.dll
[2014.01.18 08:55:40 | 000,231,672 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswProperty64.dll
[2014.01.18 08:55:40 | 000,168,336 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AavmRpch64.dll
[2014.01.18 08:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\License
[2014.01.18 08:55:39 | 001,176,064 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\libeay32.dll
[2014.01.18 08:55:38 | 000,090,496 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\sched.exe
[2014.01.18 08:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\resources
[2014.01.18 08:55:33 | 006,289,024 | ---- | C] (The ICU Project) -- C:\Program Files (x86)\icudt.dll
[2014.01.18 08:55:33 | 001,080,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\dbghelp.dll
[2014.01.18 08:55:33 | 000,392,816 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\avastSS.dll
[2014.01.18 08:55:33 | 000,069,384 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\avastIP.dll
[2014.01.18 08:55:33 | 000,032,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswW8ntf.dll
[2014.01.18 08:55:33 | 000,022,544 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswVmm.dll
[2014.01.18 08:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\locales
[2014.01.18 08:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\flash
[2014.01.18 08:55:32 | 000,544,744 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswSqLt.dll
[2014.01.18 08:55:32 | 000,393,328 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswStrm.dll
[2014.01.18 08:55:32 | 000,241,936 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswLog.dll
[2014.01.18 08:55:32 | 000,211,536 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswProperty.dll
[2014.01.18 08:55:32 | 000,078,160 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswLSRun.dll
[2014.01.18 08:55:32 | 000,072,504 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswResourceLib.dll
[2014.01.18 08:55:32 | 000,044,664 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswRvrt.dll
[2014.01.18 08:55:32 | 000,044,152 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswUtil.dll
[2014.01.18 08:55:32 | 000,025,616 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswRemoteCache.dll
[2014.01.18 08:55:32 | 000,014,832 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswIdle.dll
[2014.01.18 08:55:31 | 000,944,920 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswAux.dll
[2014.01.18 08:55:31 | 000,403,640 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCommChannel.dll
[2014.01.18 08:55:31 | 000,361,416 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCmnBS.dll
[2014.01.18 08:55:31 | 000,323,312 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswData.dll
[2014.01.18 08:55:31 | 000,270,264 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCmnIS.dll
[2014.01.18 08:55:31 | 000,124,528 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswCmnOS.dll
[2014.01.18 08:55:31 | 000,123,456 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswDld.dll
[2014.01.18 08:55:31 | 000,081,768 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswChLic.exe
[2014.01.18 08:55:31 | 000,062,728 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswEngLdr.dll
[2014.01.18 08:55:30 | 003,796,984 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\CommonRes.dll
[2014.01.18 08:55:30 | 000,630,264 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashBase.dll
[2014.01.18 08:55:30 | 000,335,648 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashTask.dll
[2014.01.18 08:55:30 | 000,330,528 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashServ.dll
[2014.01.18 08:55:30 | 000,259,464 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashShell.dll
[2014.01.18 08:55:30 | 000,230,576 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\VisthAux.exe
[2014.01.18 08:55:30 | 000,161,072 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashUpd.exe
[2014.01.18 08:55:30 | 000,104,416 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashQuick.exe
[2014.01.18 08:55:30 | 000,078,696 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\ashTaskEx.dll
[2014.01.18 08:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Certificates
[2014.01.18 08:55:29 | 003,764,024 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastUI.exe
[2014.01.18 08:55:29 | 001,453,776 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\Aavm4h.dll
[2014.01.18 08:55:29 | 000,765,176 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastEmUpdate.exe
[2014.01.18 08:55:29 | 000,168,776 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AavmRpch.dll
[2014.01.18 08:55:29 | 000,069,944 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvSSHook.dll
[2014.01.18 08:55:29 | 000,050,344 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastSvc.exe
[2014.01.18 08:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1033
[2014.01.18 08:55:28 | 001,372,864 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE64.dll
[2014.01.18 08:55:28 | 001,138,536 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE.dll
[2014.01.18 08:55:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebRep
[2014.01.18 08:55:02 | 001,376,496 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswPatchMgt.dll
[2014.01.18 08:55:02 | 000,027,080 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\asulaunch.exe
[2014.01.18 08:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenVPN
[2014.01.18 08:54:59 | 006,523,888 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswJSScan.dll
[2014.01.18 08:54:59 | 000,143,056 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastGUIProxy64.dll
[2014.01.18 08:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RescueDisk
[2014.01.18 08:54:54 | 001,972,848 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\AvastBCL-Sfx.exe
[2014.01.18 08:54:54 | 000,071,992 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswAraSr.exe
[2014.01.18 08:54:53 | 001,440,320 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\aswAra.dll
[2014.01.18 08:54:47 | 001,093,216 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\avBugReport.exe
[2014.01.18 08:54:45 | 003,167,112 | ---- | C] (AVAST Software) -- C:\Program Files (x86)\HTMLayout.dll
[2014.01.18 08:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\setup
[2014.01.14 17:39:33 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014.01.14 17:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\VS
[2014.01.14 17:19:49 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\cfxttgyj.sys
[2014.01.14 16:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\cerams palidzes Software
[2014.01.14 16:38:15 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Users\Matīss\Desktop\aswclear.exe
[2014.01.14 15:23:14 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\secrestore
[2014.01.14 15:17:12 | 000,370,256 | ---- | C] (Afterdawn.com) -- C:\Users\Matīss\Desktop\SecRes-0-3-2-322zip.exe
[2014.01.14 15:13:23 | 000,361,185 | ---- | C] (Farbar) -- C:\Users\Matīss\Desktop\FSS.exe
[2014.01.14 14:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.01.14 14:19:50 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.01.14 13:42:55 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014.01.14 13:42:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014.01.14 06:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Languages
[2014.01.14 06:36:45 | 001,593,776 | ---- | C] (Emsisoft GmbH) -- C:\Program Files (x86)\start.exe
[2014.01.14 06:36:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Run
[2014.01.14 06:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014.01.13 19:37:55 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys.bak
[2014.01.13 19:03:37 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\anti virus
[2014.01.13 19:03:29 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys
[2014.01.13 13:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014.01.12 15:17:13 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\RK_Quarantine
[2014.01.12 14:19:22 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2014.01.12 13:46:34 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014.01.12 13:15:39 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\SUPERAntiSpyware.com
[2014.01.12 13:15:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014.01.12 13:14:53 | 000,037,976 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\CFRMD.sys.bak
[2014.01.12 10:20:49 | 000,000,000 | ---D | C] -- C:\first_launch
[2014.01.12 09:38:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.01.12 08:45:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.01.12 08:45:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.01.12 08:45:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.01.12 08:44:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.12 08:43:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.01.12 08:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.01.12 08:01:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.01.12 08:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.01.12 07:51:40 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\TuneUp Software
[2014.01.12 06:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014.01.12 06:28:30 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys.bak
[2014.01.12 06:28:29 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys.bak
[2014.01.12 06:27:43 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys.bak
[2014.01.12 06:27:39 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2014.01.12 06:27:28 | 000,564,792 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2014.01.12 06:27:16 | 000,038,992 | ---- | C] (Screaming Bee LLC) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys.bak
[2014.01.12 06:27:12 | 000,058,472 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys.bak
[2014.01.12 06:27:12 | 000,032,360 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys.bak
[2014.01.12 06:27:11 | 000,027,136 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys.bak
[2014.01.12 06:27:05 | 000,413,800 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014.01.12 06:27:04 | 000,322,560 | ---- | C] (Ralink Technology Inc.) -- C:\Windows\SysNative\drivers\rt61.sys.bak
[2014.01.12 06:26:22 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2014.01.12 06:25:58 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys.bak
[2014.01.12 06:25:57 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys.bak
[2014.01.12 06:25:54 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.12 06:25:32 | 000,014,136 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys.bak
[2014.01.12 06:25:24 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.12 06:25:02 | 000,065,280 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys.bak
[2014.01.12 06:25:01 | 000,040,832 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys.bak
[2014.01.12 06:24:50 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014.01.12 06:23:45 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.12 03:59:04 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Desktop\rkill
[2014.01.12 03:41:59 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\MFAData
[2014.01.12 03:41:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014.01.12 03:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Heal PCTuner
[2014.01.12 03:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Heal
[2014.01.12 03:08:54 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.12 02:47:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.12 02:46:32 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.01.10 21:55:36 | 000,000,000 | ---D | C] -- C:\{$6591-1999-7731-3088$}
[2014.01.05 15:42:14 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\PDAppFlex
[2014.01.03 18:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REVisionEffects
[2014.01.03 15:21:58 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
[2014.01.03 15:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2014.01.03 15:21:50 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys
[2014.01.03 15:21:42 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys
[2014.01.03 15:21:42 | 000,014,136 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys
[2014.01.02 16:10:59 | 000,000,000 | ---D | C] -- C:\Users\Matīss\.thumbnails
[2014.01.02 01:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIX Networks
[2014.01.02 01:00:53 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\Play withSIX
[2014.01.02 01:00:53 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\Play withSIX
[2013.12.31 16:47:45 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\LeoCAD
[2013.12.31 16:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeoCAD
[2013.12.31 00:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SR 3D Builder
[2013.12.31 00:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SR 3D Builder
[2013.12.30 20:04:18 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDraw
[2013.12.30 19:57:25 | 000,000,000 | ---D | C] -- C:\Users\Matīss\Documents\LDraw
[2013.12.30 19:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LDraw
[2013.12.30 19:56:38 | 000,000,000 | ---D | C] -- C:\Windows\LDraw
[2013.12.28 17:47:03 | 000,000,000 | ---D | C] -- C:\Users\Matīss\AppData\Local\Rising

========== Files - Modified Within 30 Days ==========

[2014.01.27 15:11:29 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.27 15:11:29 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.27 15:04:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.27 15:03:44 | 2134,302,719 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.27 14:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.27 14:04:10 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\MyFinePix Studio.lnk
[2014.01.27 12:25:58 | 000,002,407 | ---- | M] () -- C:\Users\Public\Desktop\Movie Upload for YouTube.lnk
[2014.01.27 12:25:36 | 000,002,393 | ---- | M] () -- C:\Users\Public\Desktop\User's Guide.lnk
[2014.01.27 12:25:36 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Introduction of Picture The Future.lnk
[2014.01.27 12:25:12 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\FinePixViewer.lnk
[2014.01.27 12:25:12 | 000,001,967 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
[2014.01.26 10:25:13 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.01.26 10:22:16 | 004,947,976 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.25 12:56:09 | 000,001,934 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.01.25 12:49:53 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.01.25 12:49:53 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.01.25 12:49:53 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.01.25 12:49:53 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.01.25 12:49:53 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.01.25 12:49:53 | 000,082,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys.1390724713
[2014.01.25 12:49:53 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.01.25 12:49:53 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.01.25 12:49:53 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.01.25 12:44:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014.01.25 12:18:47 | 000,000,208 | ---- | M] () -- C:\Users\Matīss\Desktop\Sanctum 2.url
[2014.01.25 12:14:39 | 338,042,650 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014.01.23 15:25:56 | 000,001,981 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2014.01.23 15:25:56 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2014.01.20 17:01:06 | 004,122,965 | ---- | M] () -- C:\Users\Matīss\Desktop\Helium_Frog_2_06.zip
[2014.01.18 11:58:30 | 091,412,976 | ---- | M] (AVAST Software) -- C:\Users\Matīss\Desktop\avast_free_antivirus_setup.exe
[2014.01.18 08:55:43 | 000,380,456 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashWebSv.dll
[2014.01.18 08:55:43 | 000,179,648 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt64.dll
[2014.01.18 08:55:43 | 000,164,144 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswJsFlt.dll
[2014.01.18 08:55:43 | 000,087,424 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashWsFtr.dll
[2014.01.18 08:55:43 | 000,033,856 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResWS2.dll
[2014.01.18 08:55:42 | 000,543,184 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\RegSvr64.exe
[2014.01.18 08:55:42 | 000,506,616 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\RegSvr32.exe
[2014.01.18 08:55:42 | 000,439,696 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\asOutExt64.dll
[2014.01.18 08:55:42 | 000,410,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashMaiSv.dll
[2014.01.18 08:55:42 | 000,409,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\asOutExt.dll
[2014.01.18 08:55:42 | 000,331,576 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\SetupInf64.exe
[2014.01.18 08:55:42 | 000,275,920 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResWS.dll
[2014.01.18 08:55:42 | 000,169,824 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhAScr.dll
[2014.01.18 08:55:42 | 000,153,856 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResStd.dll
[2014.01.18 08:55:42 | 000,121,408 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswRunDll.exe
[2014.01.18 08:55:42 | 000,060,680 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AhResMai.dll
[2014.01.18 08:55:40 | 001,176,064 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\libeay32.dll
[2014.01.18 08:55:40 | 000,448,936 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswStreamFilter.dll
[2014.01.18 08:55:40 | 000,332,576 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\snxhk64.dll
[2014.01.18 08:55:40 | 000,287,280 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashShA64.dll
[2014.01.18 08:55:40 | 000,272,800 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\snxhk.dll
[2014.01.18 08:55:40 | 000,269,312 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\ssleay32.dll
[2014.01.18 08:55:40 | 000,231,672 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswProperty64.dll
[2014.01.18 08:55:40 | 000,168,336 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AavmRpch64.dll
[2014.01.18 08:55:39 | 000,055,512 | ---- | M] () -- C:\Program Files (x86)\CrtCheck32.dll
[2014.01.18 08:55:38 | 000,090,496 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\sched.exe
[2014.01.18 08:55:33 | 019,336,120 | ---- | M] () -- C:\Program Files (x86)\libcef.dll
[2014.01.18 08:55:33 | 006,289,024 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\icudt.dll
[2014.01.18 08:55:33 | 000,392,816 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\avastSS.dll
[2014.01.18 08:55:33 | 000,069,384 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\avastIP.dll
[2014.01.18 08:55:33 | 000,032,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswW8ntf.dll
[2014.01.18 08:55:33 | 000,022,544 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswVmm.dll
[2014.01.18 08:55:32 | 000,544,744 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswSqLt.dll
[2014.01.18 08:55:32 | 000,393,328 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswStrm.dll
[2014.01.18 08:55:32 | 000,241,936 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswLog.dll
[2014.01.18 08:55:32 | 000,211,536 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswProperty.dll
[2014.01.18 08:55:32 | 000,078,160 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswLSRun.dll
[2014.01.18 08:55:32 | 000,072,504 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswResourceLib.dll
[2014.01.18 08:55:32 | 000,062,728 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswEngLdr.dll
[2014.01.18 08:55:32 | 000,044,664 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswRvrt.dll
[2014.01.18 08:55:32 | 000,044,152 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswUtil.dll
[2014.01.18 08:55:32 | 000,025,616 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswRemoteCache.dll
[2014.01.18 08:55:32 | 000,014,832 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswIdle.dll
[2014.01.18 08:55:31 | 000,944,920 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswAux.dll
[2014.01.18 08:55:31 | 000,403,640 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCommChannel.dll
[2014.01.18 08:55:31 | 000,361,416 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCmnBS.dll
[2014.01.18 08:55:31 | 000,323,312 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswData.dll
[2014.01.18 08:55:31 | 000,270,264 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCmnIS.dll
[2014.01.18 08:55:31 | 000,124,528 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswCmnOS.dll
[2014.01.18 08:55:31 | 000,123,456 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswDld.dll
[2014.01.18 08:55:31 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswChLic.exe
[2014.01.18 08:55:30 | 003,796,984 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\CommonRes.dll
[2014.01.18 08:55:30 | 000,630,264 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashBase.dll
[2014.01.18 08:55:30 | 000,335,648 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashTask.dll
[2014.01.18 08:55:30 | 000,330,528 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashServ.dll
[2014.01.18 08:55:30 | 000,259,464 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashShell.dll
[2014.01.18 08:55:30 | 000,230,576 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\VisthAux.exe
[2014.01.18 08:55:30 | 000,161,072 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashUpd.exe
[2014.01.18 08:55:30 | 000,104,416 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashQuick.exe
[2014.01.18 08:55:30 | 000,078,696 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\ashTaskEx.dll
[2014.01.18 08:55:29 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastUI.exe
[2014.01.18 08:55:29 | 001,453,776 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\Aavm4h.dll
[2014.01.18 08:55:29 | 000,765,176 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastEmUpdate.exe
[2014.01.18 08:55:29 | 000,168,776 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AavmRpch.dll
[2014.01.18 08:55:29 | 000,069,944 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvSSHook.dll
[2014.01.18 08:55:29 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastSvc.exe
[2014.01.18 08:55:28 | 001,372,864 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE64.dll
[2014.01.18 08:55:28 | 001,138,536 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswWebRepIE.dll
[2014.01.18 08:55:02 | 001,376,496 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswPatchMgt.dll
[2014.01.18 08:55:02 | 000,027,080 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\asulaunch.exe
[2014.01.18 08:54:59 | 006,523,888 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswJSScan.dll
[2014.01.18 08:54:59 | 000,143,056 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastGUIProxy64.dll
[2014.01.18 08:54:59 | 000,078,785 | ---- | M] () -- C:\Program Files (x86)\aswSidebar.gadget
[2014.01.18 08:54:54 | 001,972,848 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AvastBCL-Sfx.exe
[2014.01.18 08:54:54 | 001,440,320 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswAra.dll
[2014.01.18 08:54:54 | 000,071,992 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\aswAraSr.exe
[2014.01.18 08:54:54 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\screenhooks32.dll
[2014.01.18 08:50:57 | 003,167,112 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\HTMLayout.dll
[2014.01.18 08:50:55 | 001,093,216 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\avBugReport.exe
[2014.01.16 18:14:49 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.01.15 08:19:29 | 001,056,768 | ---- | M] () -- C:\Windows\SysNative\defltbase.sdb
[2014.01.14 17:42:42 | 000,779,620 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.01.14 17:42:42 | 000,663,022 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.14 17:42:42 | 000,126,152 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.14 17:42:25 | 000,779,620 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.14 17:19:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\cfxttgyj.sys
[2014.01.14 16:38:17 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Users\Matīss\Desktop\aswclear.exe
[2014.01.14 15:17:28 | 000,370,256 | ---- | M] (Afterdawn.com) -- C:\Users\Matīss\Desktop\SecRes-0-3-2-322zip.exe
[2014.01.14 15:13:27 | 000,361,185 | ---- | M] (Farbar) -- C:\Users\Matīss\Desktop\FSS.exe
[2014.01.14 15:09:52 | 000,628,779 | ---- | M] () -- C:\Users\Matīss\Desktop\GrantPerms64.zip
[2014.01.14 13:43:02 | 000,002,171 | ---- | M] () -- C:\Users\Matīss\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2014.01.14 13:41:59 | 005,048,198 | ---- | M] () -- C:\Users\Matīss\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2014.01.14 00:14:34 | 000,000,060 | ---- | M] () -- C:\Program Files (x86)\CommandlineScanner.bat
[2014.01.14 00:14:26 | 001,593,776 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\start.exe
[2014.01.14 00:14:22 | 000,000,112 | ---- | M] () -- C:\Program Files (x86)\autorun.inf
[2014.01.14 00:14:16 | 000,000,056 | ---- | M] () -- C:\Program Files (x86)\EmergencyKitScanner.bat
[2014.01.13 19:38:21 | 000,090,424 | ---- | M] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys.bak
[2014.01.13 19:38:21 | 000,015,160 | ---- | M] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys.bak
[2014.01.13 19:38:13 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2014.01.13 19:38:13 | 000,031,232 | ---- | M] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys.bak
[2014.01.13 19:38:11 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2014.01.13 19:38:09 | 000,058,472 | ---- | M] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys.bak
[2014.01.13 19:38:09 | 000,038,992 | ---- | M] (Screaming Bee LLC) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys.bak
[2014.01.13 19:38:09 | 000,032,360 | ---- | M] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys.bak
[2014.01.13 19:38:09 | 000,027,136 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys.bak
[2014.01.13 19:38:08 | 000,413,800 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014.01.13 19:38:07 | 000,322,560 | ---- | M] (Ralink Technology Inc.) -- C:\Windows\SysNative\drivers\rt61.sys.bak
[2014.01.13 19:38:01 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2014.01.13 19:37:56 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys.bak
[2014.01.13 19:37:55 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys.bak
[2014.01.13 19:37:55 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys.bak
[2014.01.13 19:37:55 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014.01.13 19:37:54 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.13 19:37:51 | 000,014,888 | ---- | M] () -- C:\Windows\SysNative\drivers\hmd.sys.bak
[2014.01.13 19:37:51 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys.bak
[2014.01.13 19:37:50 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.13 19:37:48 | 000,065,280 | ---- | M] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys.bak
[2014.01.13 19:37:48 | 000,040,832 | ---- | M] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys.bak
[2014.01.13 19:37:46 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014.01.13 19:37:44 | 000,037,976 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\CFRMD.sys.bak
[2014.01.13 19:37:38 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.13 19:37:38 | 000,021,104 | ---- | M] () -- C:\Windows\SysNative\drivers\AppleCharger.sys.bak
[2014.01.13 19:03:29 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\lxxsnywm.sys
[2014.01.12 14:19:22 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2014.01.12 13:17:47 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.old
[2014.01.12 12:54:23 | 000,002,573 | ---- | M] () -- C:\Users\Matīss\Desktop\Google Chrome.lnk
[2014.01.12 07:59:26 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014.01.12 03:21:11 | 000,000,053 | ---- | M] () -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCOM Utilities.url
[2014.01.03 18:37:49 | 000,016,245 | ---- | M] () -- C:\Users\Matīss\AppData\Local\recently-used.xbel
[2014.01.03 15:21:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
[2014.01.03 15:21:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf

========== Files Created - No Company Name ==========

[2014.01.27 14:04:10 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\MyFinePix Studio.lnk
[2014.01.27 12:25:58 | 000,002,407 | ---- | C] () -- C:\Users\Public\Desktop\Movie Upload for YouTube.lnk
[2014.01.27 12:25:36 | 000,002,393 | ---- | C] () -- C:\Users\Public\Desktop\User's Guide.lnk
[2014.01.27 12:25:36 | 000,002,342 | ---- | C] () -- C:\Users\Public\Desktop\Introduction of Picture The Future.lnk
[2014.01.27 12:25:12 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\FinePixViewer.lnk
[2014.01.27 12:25:12 | 000,001,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
[2014.01.25 15:11:57 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
[2014.01.25 14:55:34 | 000,001,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
[2014.01.25 12:51:04 | 000,001,934 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.01.25 12:50:12 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.01.25 12:50:11 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.01.25 12:18:47 | 000,000,208 | ---- | C] () -- C:\Users\Matīss\Desktop\Sanctum 2.url
[2014.01.25 12:14:39 | 338,042,650 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014.01.21 09:50:13 | 000,001,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2014.01.21 09:50:13 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2014.01.20 17:00:59 | 004,122,965 | ---- | C] () -- C:\Users\Matīss\Desktop\Helium_Frog_2_06.zip
[2014.01.18 08:55:39 | 000,055,512 | ---- | C] () -- C:\Program Files (x86)\CrtCheck32.dll
[2014.01.18 08:55:33 | 019,336,120 | ---- | C] () -- C:\Program Files (x86)\libcef.dll
[2014.01.18 08:54:59 | 000,078,785 | ---- | C] () -- C:\Program Files (x86)\aswSidebar.gadget
[2014.01.18 08:54:54 | 000,027,744 | ---- | C] () -- C:\Program Files (x86)\screenhooks32.dll
[2014.01.15 08:19:26 | 001,056,768 | ---- | C] () -- C:\Windows\SysNative\defltbase.sdb
[2014.01.14 15:09:46 | 000,628,779 | ---- | C] () -- C:\Users\Matīss\Desktop\GrantPerms64.zip
[2014.01.14 13:43:02 | 000,002,171 | ---- | C] () -- C:\Users\Matīss\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2014.01.14 13:41:51 | 005,048,198 | ---- | C] () -- C:\Users\Matīss\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2014.01.14 06:36:44 | 000,000,112 | ---- | C] () -- C:\Program Files (x86)\autorun.inf
[2014.01.14 06:36:44 | 000,000,060 | ---- | C] () -- C:\Program Files (x86)\CommandlineScanner.bat
[2014.01.14 06:36:44 | 000,000,056 | ---- | C] () -- C:\Program Files (x86)\EmergencyKitScanner.bat
[2014.01.12 13:15:03 | 000,014,888 | ---- | C] () -- C:\Windows\SysNative\drivers\hmd.sys.bak
[2014.01.12 08:45:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.01.12 08:45:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.01.12 08:45:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.01.12 08:45:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.01.12 08:45:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.01.12 06:23:48 | 000,021,104 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys.bak
[2014.01.12 02:03:43 | 000,000,053 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DCOM Utilities.url
[2014.01.06 17:09:56 | 000,001,200 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2014.01.06 17:05:03 | 000,001,365 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2014.01.05 15:30:49 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2014.01.05 15:30:17 | 000,001,531 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2014.01.05 15:28:22 | 000,001,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2014.01.03 18:37:49 | 000,016,245 | ---- | C] () -- C:\Users\Matīss\AppData\Local\recently-used.xbel
[2014.01.03 15:21:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
[2014.01.03 15:21:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf
[2013.12.31 16:45:11 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeoCAD.lnk
[2013.12.31 00:55:31 | 000,000,078 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SR 3D BuilderSR 3D Builder.url
[2013.10.08 09:45:08 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013.08.05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013.08.05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2013.06.25 18:42:30 | 000,000,662 | ---- | C] () -- C:\Windows\wininit.ini
[2013.06.09 15:28:08 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2013.06.09 15:28:08 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2013.06.05 00:51:06 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.06.05 00:51:06 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.06.05 00:03:28 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.06.05 00:03:28 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.05.29 23:45:06 | 000,001,141 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\BreakingPoint_Options.ini
[2013.02.26 15:24:01 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013.02.17 09:39:19 | 000,086,190 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\icarus-dxdiag.xml
[2013.01.16 20:59:47 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2013.01.15 15:43:09 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.01.15 15:43:09 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.01.15 15:43:09 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.01.15 15:43:08 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.01.15 15:43:03 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.01.13 12:43:07 | 000,001,045 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\gmic_sources.cimgz
[2012.12.28 23:04:22 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.12.02 22:58:01 | 000,000,044 | ---- | C] () -- C:\Windows\con_32825205.ini
[2012.10.30 21:51:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.10.18 14:16:44 | 000,007,609 | ---- | C] () -- C:\Users\Matīss\AppData\Local\Resmon.ResmonCfg
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.07.02 22:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll
[2012.06.16 00:37:34 | 000,000,000 | ---- | C] () -- C:\Users\Matīss\dekstop
[2012.06.11 14:06:45 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.06.01 12:50:36 | 000,002,426 | ---- | C] () -- C:\Users\Matīss\AppData\Local\Temppenciltemp.png
[2012.05.03 18:30:38 | 000,000,435 | ---- | C] () -- C:\Windows\SysWow64\settings.ini
[2012.04.29 15:59:52 | 000,779,620 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.04 08:42:33 | 000,000,153 | ---- | C] () -- C:\Users\Matīss\.gtkrc-2.0
[2012.02.15 15:29:51 | 000,122,044 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.02.09 17:12:06 | 000,000,132 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.02.08 18:32:04 | 000,000,132 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.02.04 21:58:43 | 000,000,023 | ---- | C] () -- C:\Windows\SWFDecompiler.INI
[2012.02.04 20:42:54 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012.02.03 05:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll
[2012.01.29 13:14:00 | 000,000,132 | ---- | C] () -- C:\Users\Matīss\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.01.23 13:58:42 | 000,000,632 | RHS- | C] () -- C:\Users\Matīss\ntuser.pol

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.06.24 21:56:21 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\.minecraft
[2014.01.14 09:46:40 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ArmA II Launcher
[2014.01.24 12:02:36 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Audacity
[2014.01.25 12:58:16 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\AVAST Software
[2014.01.10 21:56:07 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Awesomium
[2012.06.08 13:25:58 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\BANDISOFT
[2012.04.04 15:00:54 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Blender Foundation
[2013.12.08 23:27:21 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Build and Shoot
[2012.09.22 17:35:24 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.01.22 14:20:53 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.05.21 18:30:40 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1
[2013.12.14 22:40:37 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\DAEMON Tools Lite
[2012.01.21 19:23:14 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\DAEMON Tools Pro
[2013.02.23 02:40:55 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Dev-Cpp
[2012.03.18 22:53:49 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\DVDVideoSoft
[2013.08.22 18:35:51 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\eM Client
[2013.10.03 21:33:35 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\FlowStone
[2013.11.19 19:51:21 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\foobar2000
[2014.01.27 12:29:05 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\FUJIFILM
[2012.04.13 14:55:39 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Greyfirst
[2012.11.23 09:59:07 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\gtk-2.0
[2013.01.15 11:25:09 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\HandBrake
[2013.06.08 16:16:29 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\HoolappForAndroid
[2012.04.07 11:25:15 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Image-Line
[2013.09.14 16:51:18 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ImgBurn
[2013.07.24 23:28:06 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\L4D2AOI
[2013.11.22 02:36:09 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\library_dir
[2012.01.31 22:21:37 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\LolClient
[2012.05.26 00:21:53 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\LolClient2
[2013.11.26 22:27:25 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Mount&Blade Warband
[2012.05.31 20:32:47 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\MPEG Streamclip
[2013.06.04 21:47:26 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Mumble
[2013.01.13 17:05:59 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Notepad++
[2013.12.17 21:42:41 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\OBS
[2012.01.21 18:39:50 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Opera
[2013.11.06 00:07:42 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Origin
[2012.02.04 20:42:54 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\PACE Anti-Piracy
[2014.01.05 15:42:14 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\PDAppFlex
[2014.01.02 01:01:16 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Play withSIX
[2012.03.14 17:40:22 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Publish Providers
[2013.02.07 03:24:39 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\raidcall
[2014.01.10 21:56:08 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Raptr
[2012.12.12 04:52:32 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Screaming Bee
[2013.03.08 02:20:14 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SecondLife
[2013.10.03 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SIX Networks
[2013.09.28 18:11:18 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\six-updater
[2013.09.28 17:57:23 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\six-zsync
[2012.02.16 19:51:46 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Smith Micro
[2014.01.10 21:56:08 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Sony
[2012.06.06 00:09:15 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Sony Creative Software Inc
[2013.04.10 06:05:13 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Spirited Machine
[2012.05.26 22:58:44 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SYSTEMAX Software Development
[2013.04.15 15:48:01 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\SystemRequirementsLab
[2012.03.29 18:00:48 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Toon Boom Animation
[2014.01.07 16:16:52 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\TS3Client
[2013.03.04 15:25:49 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ts3overlay
[2013.01.28 17:59:00 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\ts3overlay_hook_win64
[2014.01.12 07:51:40 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\TuneUp Software
[2012.12.10 03:53:00 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Tunngle
[2013.11.25 19:54:45 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Unity
[2014.01.27 14:57:29 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\uTorrent
[2012.05.21 18:27:06 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Wacom
[2012.05.21 18:28:52 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013.08.31 15:08:20 | 000,000,000 | ---D | M] -- C:\Users\Matīss\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013.04.23 14:32:38 | 000,000,000 | ---D | M](C:\Users\Matīss\Mat?ss) -- C:\Users\Matīss\Matīss
[2013.04.23 14:32:38 | 000,000,000 | ---D | M](C:\Users\Matīss\Mat?ss) -- C:\Users\Matīss\Matīss
(C:\Users\Matīss\Mat?ss) -- C:\Users\Matīss\Matīss

========== Alternate Data Streams ==========

@Alternate Data Stream - 40 bytes -> C:\ProgramData\MTA San Andreas All:NT
@Alternate Data Stream - 40 bytes -> C:\ProgramData:NT

< End of report >
  • 0

#8
mafiso

mafiso

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Also a note : All my other usernames names are were gone had to make new emilija username for my little brothers daughter. But why does krisjanis username still appears in logs? even though i dont see it anymore
  • 0

#9
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts

Also a note : All my other usernames names are were gone had to make new emilija username for my little brothers daughter. But why does krisjanis username still appears in logs? even though i dont see it anymore


It may be the remnants of older user accounts. How many names you see in C:\Users?

P.S. I will be out of town till Sunday. I implore your forbearance till then. If you are in a hurry, please send a privet message to Essexboy and you will be assisted.
  • 0

#10
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
I am back. Do you still require assistance?
  • 0

Advertisements


#11
mafiso

mafiso

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Also a note : All my other usernames names are were gone had to make new emilija username for my little brothers daughter. But why does krisjanis username still appears in logs? even though i dont see it anymore


It may be the remnants of older user accounts. How many names you see in C:\Users?

P.S. I will be out of town till Sunday. I implore your forbearance till then. If you are in a hurry, please send a privet message to Essexboy and you will be assisted.


Heres pictures of all accounts i have there

Edited by mafiso, 02 February 2014 - 01:55 PM.

  • 0

#12
mafiso

mafiso

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I am back. Do you still require assistance?

Yes i still have permission issues
  • 0

#13
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts

Also a note : All my other usernames names are were gone had to make new emilija username for my little brothers daughter. But why does krisjanis username still appears in logs? even though i dont see it anymore


It may be the remnants of older user accounts. How many names you see in C:\Users?

P.S. I will be out of town till Sunday. I implore your forbearance till then. If you are in a hurry, please send a privet message to Essexboy and you will be assisted.


Heres pictures of all accounts i have there


I cannot see the pictures. Can you list the names located inside C:\Users?

Also, click on start orb and in the search box type User Account Control Setting and click on the UAC program that comes up. Check the current setting and report to me.

Edited by Valinorum, 03 February 2014 - 07:02 AM.

  • 0

#14
mafiso

mafiso

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
it's on "Notify only when programs try to make changes to my computer" don't notify when i make changes to computer

Usernames :

http://i.imgur.com/uVlwZES.png
and accounts i have right now http://i.imgur.com/cf4silt.png

Edited by mafiso, 03 February 2014 - 08:23 AM.

  • 0

#15
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Hi mafiso, :)

The username folders are the remnants of your old user accounts. You can browse them idividually and can delete the folders if you do not need them. Make sure that you do not delete the current user account folders.

For the permissing issue please follow the steps listed here. Do not download any softwares from the page unless told other wise.

Personally, it is recommended to keep the UAC warning turned on as it is an essential layer of security but it depends on your choice.

Regards,
Valinorum
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP