Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

how do i get rid of trovi search? [Solved]

Started by blaze1940 , Oct 22 2014 07:29 AM

trovi search

This topic is locked

#1
blaze1940

Posted 22 October 2014 - 07:29 AM

Member

Member
15 posts

About 2 weeks ago i downloaded a program, i have uninstalled the program that has given me this browser hijacker, i have reset my browser, reinstalled my browser, ran multiple virus, malware and spyware programs and still cannot get rid of the hijacked brower. I have a Dell Alienware MX17, i7 laptop, and have follwed part of a previous post from your site. here are the logs that the previous post mentioned from the program OTL.

OTL logfile created on: 22-Oct-14 10:17:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Blaze\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

31.92 Gb Total Physical Memory | 28.39 Gb Available Physical Memory | 88.92% Memory free
63.92 Gb Paging File | 60.16 Gb Available in Paging File | 94.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 196.95 Gb Total Space | 70.64 Gb Free Space | 35.86% Space Free | Partition Type: NTFS
Drive D: | 931.39 Gb Total Space | 783.49 Gb Free Space | 84.12% Space Free | Partition Type: NTFS
Drive X: | 490.00 Mb Total Space | 199.62 Mb Free Space | 40.74% Space Free | Partition Type: NTFS
Drive Y: | 8.39 Gb Total Space | 0.71 Gb Free Space | 8.49% Space Free | Partition Type: NTFS

Computer Name: BLAZE | User Name: Blaze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-10-22 22:17:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Blaze\Downloads\OTL.exe
PRC - [2014-10-01 02:17:20 | 002,694,320 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2014-09-28 20:56:44 | 000,490,160 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
PRC - [2014-09-26 14:40:46 | 006,237,856 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2014-09-24 15:08:51 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-09-10 12:37:16 | 000,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2014-09-04 11:44:30 | 003,802,448 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014-06-21 16:19:50 | 000,596,360 | ---- | M] (Autodesk Inc.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
PRC - [2014-06-21 16:19:49 | 000,488,328 | ---- | M] (Autodesk Inc.) -- C:\Users\Blaze\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
PRC - [2014-06-21 12:09:52 | 009,578,288 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2014-06-21 12:09:52 | 000,095,536 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2014-06-21 12:09:38 | 002,938,672 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2014-06-21 11:55:14 | 004,357,936 | ---- | M] () -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
PRC - [2014-06-21 11:55:10 | 000,631,088 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAsenmon.exe
PRC - [2014-05-20 17:48:06 | 000,254,464 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
PRC - [2014-05-20 17:48:04 | 000,367,616 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
PRC - [2014-04-25 14:14:28 | 004,101,584 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014-04-25 14:14:16 | 004,214,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
PRC - [2014-04-25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014-04-25 14:12:10 | 002,081,752 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014-04-25 14:12:06 | 001,738,200 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014-04-17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Blaze\AppData\Local\Akamai\netsession_win.exe
PRC - [2014-04-10 14:30:14 | 000,202,248 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
PRC - [2013-12-10 15:32:26 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-11-22 10:19:24 | 004,136,976 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Toaster.exe
PRC - [2013-11-22 10:18:54 | 001,915,920 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\AlienRespawn\SftService.exe
PRC - [2013-11-22 10:17:30 | 000,490,344 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe
PRC - [2013-11-16 10:31:04 | 000,338,224 | ---- | M] (Compal) -- C:\Program Files (x86)\Alienware On-Screen Display\DSubOSD.exe
PRC - [2013-11-16 10:17:36 | 004,593,968 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
PRC - [2013-11-05 10:35:38 | 000,042,000 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
PRC - [2013-11-05 10:32:46 | 000,015,376 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
PRC - [2013-11-05 10:29:32 | 000,086,032 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2013-11-05 10:26:50 | 000,017,936 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2013-10-23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-09-19 02:33:50 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013-09-19 02:33:20 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013-09-12 02:52:08 | 000,783,264 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe
PRC - [2013-09-12 02:52:02 | 000,711,584 | ---- | M] (Intel) -- C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
PRC - [2013-09-05 13:14:44 | 000,154,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
PRC - [2013-08-08 07:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013-08-08 07:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013-08-08 06:38:18 | 000,283,648 | ---- | M] () -- C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
PRC - [2013-06-05 16:00:42 | 000,038,704 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FACSMon.exe
PRC - [2013-03-05 13:43:20 | 000,110,144 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012-10-09 09:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2011-09-15 14:19:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe

========== Modules (No Company Name) ==========

MOD - [2014-10-19 02:04:47 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a027a5ca6358908b97b5085fb0464a36\System.IdentityModel.ni.dll
MOD - [2014-10-19 02:04:46 | 001,070,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\9c83f0e7098f709abd115e29c73e601e\System.ServiceModel.Web.ni.dll
MOD - [2014-10-19 02:04:45 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7159bb28e23de8ed898a2acb1dbfef6c\System.ServiceModel.Internals.ni.dll
MOD - [2014-10-19 02:04:45 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1c09d6db83322a23a1744d75c4836f85\SMDiagnostics.ni.dll
MOD - [2014-10-19 01:17:35 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\61a2137c469ac7656c9820bd63a669df\System.Core.ni.dll
MOD - [2014-10-16 09:50:49 | 005,467,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014-10-16 09:50:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014-10-16 09:50:43 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014-10-16 09:50:23 | 007,995,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014-10-16 09:50:20 | 007,785,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll
MOD - [2014-10-16 09:50:20 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\9b0c1539963f393f6641949a67757b8f\System.Xml.Linq.ni.dll
MOD - [2014-10-16 09:50:16 | 001,874,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6281ab590224520bad7c4f5b3ef37575\System.Xaml.ni.dll
MOD - [2014-10-16 09:50:15 | 012,856,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\70c6bf4a51d18b4a9a1805cd48d1caad\System.Windows.Forms.ni.dll
MOD - [2014-10-16 09:50:09 | 019,567,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\055a9f703a30ece9cce1f6a130a296b5\System.ServiceModel.ni.dll
MOD - [2014-10-16 09:49:59 | 002,803,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll
MOD - [2014-10-16 09:49:58 | 000,797,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\98e2b92537958bea8cd8c89c8f859f40\System.Runtime.Remoting.ni.dll
MOD - [2014-10-16 09:49:57 | 001,169,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\8843bc51abc35b8247ffb506ef61d954\System.Management.ni.dll
MOD - [2014-10-16 09:49:57 | 000,522,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\f13998cc28c6bb3c3138398e19c0d631\System.Net.Http.ni.dll
MOD - [2014-10-16 09:49:56 | 001,635,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll
MOD - [2014-10-16 09:49:55 | 007,385,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\393d18ac0734febc7e5f0437f6af0555\System.Data.ni.dll
MOD - [2014-10-16 09:49:52 | 018,744,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\377e9afc870e7d53922fbcfd6023b2f7\PresentationFramework.ni.dll
MOD - [2014-10-16 09:49:52 | 000,968,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\00fc7d14bbb38db00e4103912c041adf\System.Configuration.ni.dll
MOD - [2014-10-16 09:49:52 | 000,463,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\eb62bc6e97d1d2aafbf3a101d7f029e1\PresentationFramework.Aero2.ni.dll
MOD - [2014-10-16 09:49:44 | 011,027,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1799dc618cfa61adb75b82311884c3d\PresentationCore.ni.dll
MOD - [2014-10-16 09:49:39 | 003,957,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b8e2e79f70d09551560548cda72e2c51\WindowsBase.ni.dll
MOD - [2014-10-16 09:49:37 | 006,951,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\483443985708dc5439abe7fd6350abe4\System.Core.ni.dll
MOD - [2014-10-16 09:49:34 | 010,030,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll
MOD - [2014-09-28 21:01:38 | 036,730,032 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
MOD - [2014-09-28 21:01:38 | 000,746,160 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libGLESv2.dll
MOD - [2014-09-28 21:01:38 | 000,136,368 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libEGL.dll
MOD - [2014-09-26 14:40:46 | 006,237,856 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2014-09-24 15:09:17 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-08-17 04:34:42 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\314786c0ad6b74f19b64f46ea84a90ac\CustomMarshalers.ni.dll
MOD - [2014-08-16 19:41:32 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014-06-21 16:19:57 | 000,104,328 | ---- | M] () -- C:\Users\Blaze\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
MOD - [2014-06-21 12:10:08 | 000,028,976 | ---- | M] () -- C:\Program Files (x86)\Sensible Vision\Fast Access\QtSolutions_MFCMigrationFramework-2.8.dll
MOD - [2014-06-21 12:09:56 | 000,060,208 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2014-06-21 12:09:40 | 000,084,784 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2014-06-21 12:09:28 | 000,591,664 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll
MOD - [2014-06-21 11:55:14 | 004,357,936 | ---- | M] () -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
MOD - [2014-05-27 14:39:14 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2014-05-05 22:21:12 | 000,065,792 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
MOD - [2014-05-05 22:20:58 | 000,071,936 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2014-04-25 14:11:24 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014-04-25 14:11:22 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014-04-25 14:11:20 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014-01-27 21:52:41 | 017,395,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013-11-22 08:00:44 | 001,904,928 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Restore\STRestoreAPI.dll
MOD - [2013-11-16 10:17:36 | 004,593,968 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
MOD - [2013-08-08 06:38:18 | 000,283,648 | ---- | M] () -- C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
MOD - [2013-03-06 04:41:36 | 000,015,424 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013-03-05 13:40:16 | 000,626,240 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012-11-26 15:20:38 | 000,117,608 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Restore\zlib1.dll
MOD - [2012-11-26 15:20:28 | 001,153,384 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Restore\libxml2.dll
MOD - [2009-12-19 04:07:06 | 000,577,536 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014-08-16 13:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014-08-16 10:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014-08-16 10:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014-08-12 00:56:36 | 002,428,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014-07-24 17:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014-04-30 13:42:03 | 001,357,104 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:64bit: - [2014-04-06 21:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014-04-04 19:47:18 | 002,252,504 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2014-03-24 12:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014-03-24 12:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014-03-14 16:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014-03-08 15:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014-03-06 17:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014-02-23 01:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014-02-22 19:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014-02-22 19:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014-02-22 19:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014-02-22 19:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014-02-06 20:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-12-10 17:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013-11-05 10:26:54 | 000,015,888 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2013-09-14 10:40:30 | 000,288,472 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2013-09-05 13:13:04 | 000,976,600 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2013-08-28 07:32:30 | 000,828,376 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013-08-28 07:32:14 | 000,747,520 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2013-08-22 21:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013-08-22 21:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013-08-22 21:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013-08-22 21:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013-08-22 21:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013-08-22 20:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013-08-22 20:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013-08-22 20:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013-08-22 20:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013-08-22 20:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013-08-22 20:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013-08-22 20:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013-08-22 20:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013-08-22 20:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013-08-22 19:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013-08-22 19:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 19:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-08-22 19:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 19:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013-08-22 19:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013-08-22 19:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-08-22 19:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013-08-08 07:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013-08-08 06:38:30 | 000,343,040 | ---- | M] (Qualcomm Atheros) [Auto | Running] -- C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe -- (Qualcomm Atheros Killer Service V2)
SRV:64bit: - [2013-06-06 12:09:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2012-11-02 02:14:54 | 006,145,872 | ---- | M] (iolo technologies, LLC) [On_Demand | Stopped] -- C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe -- (ioloEnergyBooster)
SRV:64bit: - [2011-09-15 14:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe -- (mi-raysat_3dsmax2014_64)
SRV:64bit: - [2009-11-18 11:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014-09-23 14:32:08 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-09-11 18:40:32 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-09-04 11:44:28 | 002,525,008 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014-08-22 23:04:06 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014-08-16 13:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014-08-08 15:02:36 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014-07-14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014-07-14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014-06-21 16:19:50 | 000,596,360 | ---- | M] (Autodesk Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe -- (AdAppMgrSvc)
SRV - [2014-06-21 12:09:38 | 002,938,672 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2014-05-20 17:48:04 | 000,367,616 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe -- (RzWizardService)
SRV - [2014-04-10 14:30:14 | 000,202,248 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014-03-14 16:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013-12-10 15:32:26 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-11-22 10:18:54 | 001,915,920 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\AlienRespawn\SftService.exe -- (SftService)
SRV - [2013-10-23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-09-19 02:33:50 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013-09-19 02:33:20 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013-09-12 02:52:08 | 000,783,264 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv)
SRV - [2013-08-22 13:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-22 12:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013-08-07 10:24:40 | 000,243,464 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe -- (CLKMSVC10_99E320F5)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014-09-04 11:44:24 | 000,046,136 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2014-08-15 10:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014-07-25 01:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014-07-25 01:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014-07-24 21:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014-05-01 23:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014-04-04 20:38:57 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014-04-04 20:38:57 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014-04-04 20:38:57 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014-04-04 20:38:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014-04-04 20:38:45 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014-04-04 19:47:18 | 000,228,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2014-04-04 19:47:18 | 000,186,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2014-04-04 19:47:18 | 000,170,712 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2014-04-04 19:47:18 | 000,166,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2014-04-04 19:47:18 | 000,040,248 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2014-04-04 19:47:18 | 000,038,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2014-04-04 19:47:17 | 007,474,864 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL63a.SYS -- (BCM43XX)
DRV:64bit: - [2014-03-24 12:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014-03-24 12:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014-03-24 12:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014-03-20 13:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014-03-13 22:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014-03-09 06:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014-02-23 02:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014-02-23 01:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014-02-23 01:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014-02-23 01:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014-02-23 01:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014-02-22 22:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013-12-10 15:32:50 | 000,451,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013-12-05 04:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013-09-19 02:33:26 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013-09-12 02:52:02 | 000,020,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irstrtdv.sys -- (irstrtdv)
DRV:64bit: - [2013-08-23 05:12:11 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013-08-23 05:12:07 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013-08-22 23:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013-08-22 23:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013-08-22 22:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-22 22:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013-08-22 22:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-08-22 22:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013-08-22 22:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013-08-22 22:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013-08-22 22:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013-08-22 22:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013-08-22 22:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013-08-22 22:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013-08-22 22:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013-08-22 22:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013-08-22 22:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013-08-22 22:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013-08-22 22:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013-08-22 22:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013-08-22 22:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013-08-22 22:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013-08-22 22:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013-08-22 22:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013-08-22 22:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013-08-22 22:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-08-22 22:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013-08-22 22:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013-08-22 22:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013-08-22 22:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013-08-22 22:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013-08-22 21:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013-08-22 21:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013-08-22 21:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013-08-22 21:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013-08-22 21:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013-08-22 21:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013-08-22 21:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-08-22 21:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013-08-22 21:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013-08-22 21:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013-08-22 21:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013-08-22 21:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013-08-22 21:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013-08-22 21:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013-08-22 21:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-22 21:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013-08-22 21:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013-08-22 21:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013-08-22 21:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013-08-22 21:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013-08-22 21:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013-08-22 18:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013-08-14 08:19:16 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-08-14 08:19:12 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013-08-14 03:49:56 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013-08-13 09:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013-08-10 10:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013-08-07 03:08:24 | 000,083,456 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST_Accel.sys -- (ST_ACCEL)
DRV:64bit: - [2013-07-31 04:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013-07-26 05:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013-07-10 10:20:04 | 000,355,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2013-06-17 02:38:14 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013-05-01 03:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013-05-01 03:18:10 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013-03-21 09:50:44 | 000,163,536 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e22w8x64.sys -- (Ke2200)
DRV:64bit: - [2013-03-06 05:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013-02-14 08:11:24 | 000,075,056 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bwcW8x64.sys -- (BfLwf)
DRV:64bit: - [2013-01-25 12:12:08 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012-12-21 08:20:06 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012-09-03 16:28:04 | 000,037,888 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (facap)
DRV:64bit: - [2012-07-14 09:31:18 | 000,022,168 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2012-07-11 02:19:28 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:64bit: - [2008-05-06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2012-12-30 06:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2012-07-11 02:19:28 | 000,015,160 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\EMSC.sys -- (EMSC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {458517AD-AFB4-4D54-A224-9B18BD87D861}
IE:64bit: - HKLM\..\SearchScopes\{458517AD-AFB4-4D54-A224-9B18BD87D861}: "URL" = http://www.bing.com/...=IE11TR&pc=DCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {458517AD-AFB4-4D54-A224-9B18BD87D861}
IE - HKLM\..\SearchScopes\{458517AD-AFB4-4D54-A224-9B18BD87D861}: "URL" = http://www.bing.com/...=IE11TR&pc=DCJB

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.alienware....com/welcome-au [binary data]
IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.alienware....com/welcome-au [binary data]
IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\..\SearchScopes,DefaultScope = {458517AD-AFB4-4D54-A224-9B18BD87D861}
IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\..\SearchScopes\{458517AD-AFB4-4D54-A224-9B18BD87D861}: "URL" = http://www.bing.com/...=IE11TR&pc=DCJB
IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Trovi search"
FF - prefs.js..browser.search.selectedEngine: "Trovi search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.2
FF - prefs.js..extensions.enabledAddons: 2.0%40disconnect.me:3.14.0
FF - prefs.js..extensions.enabledAddons: thumbnailZoom%40dadler.github.com:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@sensiblevision.com/FastAccess,version=4.1.110: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2014-06-28 12:59:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014-04-29 20:57:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Extensions
[2014-10-17 13:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\extensions
[2014-10-12 17:05:00 | 000,947,620 | ---- | M] () (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\extensions\[email protected]
[2014-10-12 17:00:33 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\extensions\[email protected]
[2014-10-12 17:00:24 | 000,126,171 | ---- | M] () (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\extensions\[email protected]
[2014-10-12 17:06:04 | 000,184,159 | ---- | M] () (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\extensions\[email protected]
[2014-10-17 13:15:27 | 000,979,610 | ---- | M] () (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-10-12 17:00:11 | 000,556,429 | ---- | M] () (No name found) -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2014-09-23 23:23:08 | 000,001,074 | ---- | M] () -- C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\searchplugins\trovi-search.xml
[2014-10-12 16:58:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014-10-12 16:58:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.805.0.6_0\
CHR - Extension: Google Cast = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.916.0.7_0\
CHR - Extension: Google Search = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014-09-24 00:10:11 | 000,450,709 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.1-2005-search.com
O1 - Hosts: 127.0.0.1   1-2005-search.com
O1 - Hosts: 127.0.0.1   123fporn.info
O1 - Hosts: 15469 more lines...
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Alienware)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_PushButton] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSKAppManager] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe (Autodesk Inc.)
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RzWizard] C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe (Razer Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1349769393-725388422-3516167252-1002..\Run: [Akamai NetSession Interface] C:\Users\Blaze\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1349769393-725388422-3516167252-1002..\Run: [DellSystemDetect] C:\Users\Blaze\AppData\Local\Apps\2.0\CV2TBV96.340\VDWMKC82.4XY\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe (Dell)
O4 - HKU\S-1-5-21-1349769393-725388422-3516167252-1002..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1349769393-725388422-3516167252-1002\..Trusted Domains: vizzed.com ([www] * in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F213BFD-442C-4F9C-8BBC-5889BD083C09}: DhcpNameServer = 10.1.1.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-05-01 14:16:36 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-10-19 20:32:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014-10-19 20:32:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014-10-16 13:12:03 | 000,000,000 | ---D | C] -- C:\Users\Blaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2014-10-16 13:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2014-10-16 13:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2014-10-16 11:04:47 | 000,000,000 | ---D | C] -- C:\Users\Blaze\AppData\Roaming\SanDisk SecureAccess
[2014-10-15 15:58:16 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014-10-15 15:58:16 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014-10-15 15:58:16 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014-10-15 15:58:13 | 001,702,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014-10-15 15:58:13 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014-10-15 15:58:13 | 000,672,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014-10-15 15:58:13 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014-10-15 15:58:13 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014-10-15 15:58:13 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014-10-15 15:58:13 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014-10-15 15:58:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014-10-15 15:58:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014-10-15 15:58:13 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014-10-15 15:58:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014-10-15 15:58:13 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014-10-15 15:58:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014-10-15 15:58:08 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-10-15 15:58:05 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-10-15 15:58:05 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-10-15 15:58:05 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-10-15 15:58:05 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-10-15 15:58:05 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-10-15 15:58:05 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-10-15 15:58:05 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-10-15 15:58:05 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-10-15 15:58:05 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-10-15 15:58:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-10-15 15:58:05 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-10-15 15:58:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-10-15 15:58:05 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-10-15 15:57:47 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014-10-15 15:57:47 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014-10-15 15:57:46 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014-10-15 15:57:46 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014-10-15 15:57:45 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014-10-15 15:57:44 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014-10-15 15:57:44 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014-10-15 15:57:44 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014-10-15 15:57:44 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014-10-15 15:57:43 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014-10-15 15:57:43 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014-10-15 15:57:43 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014-10-15 15:57:43 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014-10-15 15:57:43 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014-10-15 15:57:43 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014-10-15 15:57:43 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2014-10-15 15:57:42 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014-10-15 15:57:42 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014-10-15 15:57:42 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014-10-15 15:57:42 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ProximityService.dll
[2014-10-15 15:57:42 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll
[2014-10-15 15:57:42 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014-10-15 15:57:42 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcsvDevice.dll
[2014-10-15 15:57:42 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bisrv.dll
[2014-10-15 15:57:42 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014-10-15 15:57:42 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014-10-15 15:57:42 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014-10-15 15:57:42 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2014-10-15 15:57:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2014-10-15 15:57:37 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-10-15 15:57:37 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014-10-15 15:57:36 | 002,779,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014-10-15 15:57:36 | 002,646,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014-10-15 15:57:36 | 002,321,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014-10-15 15:57:36 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-10-13 22:17:59 | 000,000,000 | ---D | C] -- D:\Documents\WB Games
[2014-10-09 19:55:38 | 000,000,000 | ---D | C] -- C:\Users\Blaze\AppData\Local\ElevatedDiagnostics
[2014-10-09 19:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2014-09-25 20:17:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-09-23 14:32:44 | 000,000,000 | ---D | C] -- D:\Documents\Banished
[2014-09-23 14:22:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014-09-23 14:20:33 | 000,000,000 | ---D | C] -- C:\Users\Blaze\AppData\Roaming\uTorrent
[2014-09-23 10:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014-09-23 10:00:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

========== Files - Modified Within 30 Days ==========

[2014-10-22 22:15:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-10-22 21:40:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-10-22 21:07:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-10-22 19:24:19 | 000,865,408 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-10-22 19:24:19 | 000,732,688 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-10-22 19:24:19 | 000,136,262 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-10-22 19:20:03 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-10-22 19:18:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-10-22 19:17:56 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014-10-22 19:17:54 | 1653,411,834 | -HS- | M] () -- C:\hiberfil.sys
[2014-10-16 13:12:03 | 000,001,021 | ---- | M] () -- C:\Users\Blaze\Desktop\SpeedFan.lnk
[2014-10-16 13:12:02 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2014-10-16 09:35:12 | 005,049,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-10-13 21:59:36 | 000,000,222 | ---- | M] () -- C:\Users\Blaze\Desktop\Middle-earth Shadow of Mordor.url
[2014-10-12 16:58:53 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-10-10 08:16:51 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-10-09 15:20:20 | 000,000,132 | ---- | M] () -- C:\Users\Blaze\AppData\Roaming\Adobe Targa Format CC Prefs
[2014-10-09 15:07:38 | 000,000,132 | ---- | M] () -- C:\Users\Blaze\AppData\Roaming\Adobe PNG Format CC Prefs
[2014-10-09 08:09:34 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014-09-30 08:45:58 | 000,706,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-09-30 08:45:58 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-09-26 08:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-09-26 08:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-09-26 08:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-09-24 00:10:11 | 000,450,709 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014-09-24 00:09:54 | 000,450,709 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140924-001011.backup
[2014-09-24 00:05:57 | 000,022,815 | ---- | M] () -- C:\Windows\wininit.ini
[2014-09-23 23:26:51 | 000,450,709 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140924-000954.backup
[2014-09-23 10:00:38 | 000,002,531 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2014-10-16 13:12:03 | 000,001,021 | ---- | C] () -- C:\Users\Blaze\Desktop\SpeedFan.lnk
[2014-10-16 13:12:02 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2014-10-15 15:57:42 | 000,388,729 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014-10-13 21:59:36 | 000,000,222 | ---- | C] () -- C:\Users\Blaze\Desktop\Middle-earth Shadow of Mordor.url
[2014-10-12 16:58:53 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-10-12 16:58:53 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-09-24 00:05:30 | 000,022,815 | ---- | C] () -- C:\Windows\wininit.ini
[2014-08-12 15:58:48 | 000,000,132 | ---- | C] () -- C:\Users\Blaze\AppData\Roaming\Adobe PNG Format CC Prefs
[2014-06-21 12:09:56 | 000,060,208 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2014-06-21 12:09:40 | 000,084,784 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2014-06-21 12:09:28 | 000,591,664 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2014-05-29 22:52:42 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2014-05-08 15:57:06 | 000,000,132 | ---- | C] () -- C:\Users\Blaze\AppData\Roaming\Adobe BMP Format CC Prefs
[2014-05-07 14:19:29 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2014-05-07 14:19:18 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2014-05-07 14:19:18 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2014-05-05 16:49:49 | 000,000,132 | ---- | C] () -- C:\Users\Blaze\AppData\Roaming\Adobe Targa Format CC Prefs
[2014-04-29 21:24:09 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014-04-29 21:01:10 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014-04-04 19:50:57 | 000,863,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-04-04 19:49:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013-11-05 10:31:54 | 000,024,080 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2013-08-28 07:00:08 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2013-08-23 01:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013-08-23 01:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013-08-23 00:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013-08-22 17:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013-08-22 13:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013-08-22 09:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013-08-22 09:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2014-04-29 21:35:46 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-08-16 14:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-08-16 13:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 19:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 12:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 19:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Blaze\OneDrive:ms-properties

< End of report >

OTL Extras logfile created on: 22-Oct-14 10:17:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Blaze\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

31.92 Gb Total Physical Memory | 28.39 Gb Available Physical Memory | 88.92% Memory free
63.92 Gb Paging File | 60.16 Gb Available in Paging File | 94.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 196.95 Gb Total Space | 70.64 Gb Free Space | 35.86% Space Free | Partition Type: NTFS
Drive D: | 931.39 Gb Total Space | 783.49 Gb Free Space | 84.12% Space Free | Partition Type: NTFS
Drive X: | 490.00 Mb Total Space | 199.62 Mb Free Space | 40.74% Space Free | Partition Type: NTFS
Drive Y: | 8.39 Gb Total Space | 0.71 Gb Free Space | 8.49% Space Free | Partition Type: NTFS

Computer Name: BLAZE | User Name: Blaze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1349769393-725388422-3516167252-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023AF053-FA79-4B4C-807D-62E67C42F6B6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{139D8E24-21C4-4DA4-8E77-9D7F6537A2DD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1E037A16-F748-4F36-A367-3877FF1A57C8}" = rport=138 | protocol=17 | dir=out | app=system |
"{25216DC3-3281-4F69-AD76-4BC40D14A101}" = rport=10243 | protocol=6 | dir=out | app=system |
"{33037871-C73D-4667-B5B2-AADA2BEC30C3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4B356D68-D330-41DF-9162-F676381E173E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{4B4B5544-CDAA-4A2A-9060-5DC7A6A4D968}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C8B4A7B-0DDF-4B3C-8639-F87BC3BCA1C2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5EB343B6-AF1F-4AF5-A9D3-1B9121887805}" = lport=2869 | protocol=6 | dir=in | app=system |
"{647ECDE8-69FB-4A95-9CC0-EC2548283DC4}" = rport=139 | protocol=6 | dir=out | app=system |
"{7026C643-0170-4362-B3C7-CED128642C71}" = lport=139 | protocol=6 | dir=in | app=system |
"{813662E7-26C1-4E15-B87F-8863D6DFB39E}" = lport=51003 | protocol=6 | dir=in | name=akamai netsession interface |
"{89A4B3DC-9EB0-40E9-9717-B9C305EC2D99}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D9DD9C2-56A3-47D6-A3CC-A166BC72F589}" = lport=137 | protocol=17 | dir=in | app=system |
"{948E75DC-514B-4E4C-B4F7-38EA3B7A89B9}" = lport=445 | protocol=6 | dir=in | app=system |
"{B04721EE-5CBD-4ACF-AD97-C2EF57713018}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BEB367A1-113A-416F-AB8E-77A1D9802D9E}" = rport=445 | protocol=6 | dir=out | app=system |
"{C61247D7-8BF0-479F-A2B1-B91FBA610F28}" = rport=137 | protocol=17 | dir=out | app=system |
"{D9E576D8-E7A1-4CC2-BAFE-CF22631B17AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E1EF660D-9102-44D1-9325-45840CF60C9D}" = lport=138 | protocol=17 | dir=in | app=system |
"{E4D2F9B1-A570-4422-A449-21BD46A69527}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED42CEF7-ED91-46C4-8A87-DD679F0DBD26}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{ED8D58DE-95D1-45B2-BF05-7CE1C3F4EED5}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{FE2C77E0-0657-4299-938C-5C84AF6689E8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{070147EA-B8C6-4F05-AA24-E21F08F2E377}" = protocol=6 | dir=in | app=d:\games\steamapps\common\shadowofmordor\x64\shadowofmordor.exe |
"{0741DCE8-143D-4A82-818C-C0A689D6BAAE}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{0A7CC947-861B-4E7A-89A3-B0EB700B1ED3}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{0C3179F4-0BD6-407E-8A03-20D8F877E156}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rpgvxace\rpgvxace.exe |
"{0D960DD0-FE73-4325-85DF-28F9132F0254}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rpgvxace\rpgvxace.exe |
"{0E3A8018-F7C9-4642-BA97-EF5B3AFB5970}" = protocol=1 | dir=out | [email protected],-28544 |
"{0E9B0FF6-224E-426C-B081-6CECF3F9DCEC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{121B9E02-8338-48C7-BF13-E78D4B375EC1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe |
"{1C6C86F7-83D8-4017-9D7F-81CD43A55454}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe |
"{1E737B82-0B6C-4AAB-B430-F6C12B0B8373}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{1F762C66-11ED-4AA2-AE3D-5F6E5FFC5D50}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{2195503D-7609-4C32-9D4B-3502505CA95B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3454\agent.exe |
"{223263CB-5424-4F0D-B344-59A1FE504BBF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\projectzomboid\projectzomboid64.exe |
"{226CE3EC-E1A1-4D41-9155-3F62AE19805C}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{22C29C52-A21D-4D0C-A4A1-26153384D5C5}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
"{24994D4C-0D81-481A-A9C0-2967C144D4CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2563C75D-84B7-4EB2-90EC-4665B6CB82AE}" = protocol=6 | dir=in | app=d:\games\chaosonline\patcher.exe |
"{28C5E511-13FB-489F-A773-99138E9D5812}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{2AE5B317-FC35-4EF3-862C-08BCD2FF0946}" = protocol=17 | dir=in | app=d:\games\steamapps\common\shadowofmordor\x64\shadowofmordor.exe |
"{2AF08F88-6728-406D-B32E-E21C8977542A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2B48ED41-9D34-429E-8A72-A25FEBC6A8F7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{2DFC4834-5709-4528-A16B-A0AF719FDD8D}" = protocol=17 | dir=in | app=d:\games\steamapps\common\sanctum2\binaries\win32\sanctumgame-win32-shipping.exe |
"{2F6EBC48-20B7-48B6-A890-A4DC66312601}" = protocol=58 | dir=in | app=system |
"{30966562-DFD0-4570-9F21-75324C7AFFB3}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{30B792D7-0999-49B0-9CD1-03C9CEF4CE08}" = protocol=6 | dir=in | app=d:\games\steamapps\common\shadowrun returns\shadowrun.exe |
"{362761A2-B54A-4AAE-97D9-B9B859245188}" = protocol=17 | dir=in | app=d:\games\chaosonline\chaosonline.exe |
"{3AE07587-6E8D-4BBC-A340-141BA18900BF}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{45C4C701-07E4-4152-AA29-5C6C507789E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{46B60C84-9996-4199-8D90-FEE20308B37D}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{49491F3A-4DF4-4534-9209-CEC784CC20D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E48627A-AA8B-4C2A-8F98-FC8EB4EFDFB0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55770451-5E38-442F-BD8E-A7A7501362F2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{579D54CB-EDD2-4C94-A80E-847D29A2754E}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{5B2F6B42-74BC-4812-9027-9E0D25DFD0D1}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{5DB48D0C-3485-4001-8376-4F7DADE36FAF}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{5E7E35B5-1E2A-4908-83A5-645F3D3BF455}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{643D9486-D35C-4E26-AEFE-EB604262728C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{652B57FE-69C7-4042-9B22-9E0BBBA7E5F5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{65D7036A-37BB-49DB-B7BB-03D404EFBADF}" = protocol=6 | dir=in | app=d:\games\steamapps\common\sanctum2\binaries\win32\sanctumgame-win32-shipping.exe |
"{6B2A66EA-05B5-4CE2-8FF3-0DB125E773CA}" = protocol=17 | dir=in | app=d:\games\steamapps\common\planetary annihilation\pa.exe |
"{6EF33E33-1F08-4834-BFF7-001ED7B933BD}" = protocol=6 | dir=in | app=d:\games\steamapps\common\planetary annihilation\pa.exe |
"{6F544D9E-0BE0-4ABB-83FA-229212D50833}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64server.exe |
"{708023F4-AD79-401D-869F-8DBB5D541FDC}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{70E9A7B1-A0A1-4476-89F8-A0D1933A7AF7}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{72A3A015-DB04-456F-8298-D8795A625185}" = protocol=17 | dir=in | app=c:\users\blaze\appdata\roaming\utorrent\utorrent.exe |
"{72ED344D-553F-4A8B-86DC-189E2A66EEE5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{782EC110-15D5-4C72-A950-1DC1534580EF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7963B3B8-0B24-4C16-9820-0A75A59D5D68}" = protocol=6 | dir=in | app=d:\games\steamapps\common\robocraft\robocraft.exe |
"{7FAE5B66-A781-499F-8469-A70F4FB8D4FC}" = protocol=1 | dir=in | [email protected],-28543 |
"{80FC0136-8367-4415-A509-34CC4C413B76}" = protocol=6 | dir=in | app=c:\users\blaze\appdata\roaming\utorrent\utorrent.exe |
"{81ACA60A-8FD0-449E-9122-3E50565469E4}" = protocol=17 | dir=in | app=d:\games\chaosonline\patcher.exe |
"{83FA143B-E678-4E07-A2A0-7BEF6809C655}" = protocol=58 | dir=out | [email protected],-28546 |
"{83FEC1F3-B024-4F07-A5C9-A75C9CEDF7B7}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{878A7981-2679-4967-A80C-E87DB26D8693}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2014\nvidia\satellite\raysat_3dsmax2014_64.exe |
"{8AD9D753-DB97-49B6-A0F5-E81E665FAEE9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8DB5A7CC-8EAC-4781-8E3A-39B3CB00A84A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{8E33F8AD-B743-498D-B1C5-8E94C1249A52}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{92F16707-A79C-4E52-8327-14178A0991A5}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{93B435B9-16A4-436B-B108-949A7517ED6D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9A461841-A927-4454-B137-FEBC53757147}" = dir=out | name=@{microsoft.zunevideo_2.6.344.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{9C910334-C23A-4CF4-AD8D-81C68757A6AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A07521FE-D6BB-48BC-8820-AC0856DD7306}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{A1CD9131-63B3-4269-8C1F-E328972CDA67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A352BBFA-195D-4435-9039-28DEF605379B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A3D22634-CBC1-4A24-BCD6-2A379D25E66C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A6C0F30C-34E4-4F20-B93F-DFA72AD53E42}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{A7C8450C-B9C5-432C-908C-2126F7A6FE9D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{AD6EA698-15B9-4A60-BDC5-B7245A1EFCB4}" = protocol=58 | dir=out | [email protected],-503 |
"{ADF2A946-F441-4B68-BFB3-2C9B4686DB64}" = protocol=17 | dir=in | app=d:\games\steamapps\common\the ship\ship.exe |
"{B3B203A5-892C-43E0-90DF-63A60C3AFFC6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3454\agent.exe |
"{B9A84BC7-0F10-4566-B75D-AF7D6C2B9ABA}" = dir=out | name=@{microsoft.bingsports_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{B9A8D9DB-3B91-43E6-976E-95DFF96CAC8B}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{BC883083-FBCE-432D-A121-0EB17784AA6E}" = protocol=17 | dir=in | app=d:\games\steamapps\common\robocraft\robocraft.exe |
"{BF5E880E-9220-4E41-8CB0-A1C2BEEF5597}" = dir=out | name=@{microsoft.bingweather_3.0.4.214_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{C4E816B9-14EA-459A-9D49-A57D6D8314C5}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{CF6AA61C-8271-4C3C-8135-0535FE579982}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D17B14CE-CBEA-497F-847A-67ECBEB007EE}" = protocol=6 | dir=in | app=d:\games\chaosonline\chaosonline.exe |
"{D41522C7-740A-4644-942B-D972BDF5A1D9}" = protocol=58 | dir=in | [email protected],-28545 |
"{D54995A3-130B-424A-A75F-D71EFEB0603B}" = dir=out | name=windows_ie_ac_001 |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DBA91878-50E4-484A-AA90-0FDD57A4F1F4}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{DC014439-BECA-4298-97E5-ADF431DB0065}" = dir=out | name=@{microsoft.zunemusic_2.6.343.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{DE666ACF-087D-4ACD-B3A5-573FAF0CCEF8}" = dir=out | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{DF34C1D2-DF39-4533-9C75-DD81B7824E4E}" = dir=in | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{E30D7279-71C9-4788-9F12-268347B42FB8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\geometry wars\geometrywars.exe |
"{E35308A5-3670-42C4-BA96-32412D3FF401}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\geometry wars\geometrywars.exe |
"{E722E1A1-3E5A-4B43-8AB6-F075FA07CDDB}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{EAB7D716-652B-4B7D-A644-F532FFFD402A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EB672324-4B07-441D-B327-E5FC2A929DC5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\projectzomboid\projectzomboid64.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE358229-5390-4C80-8EF7-0DE97F648D5B}" = dir=in | app=c:\users\blaze\appdata\local\microsoft\skydrive\skydrive.exe |
"{EF98B1C6-B1B4-47F9-AE49-6D8FC5EED2B7}" = protocol=17 | dir=in | app=d:\games\steamapps\common\path of exile\pathofexilesteam.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7EEEC1E-366A-4170-A862-513AB27E2924}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{F8D22FAF-1FD4-4A21-9EE6-232342A26967}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FC31C546-F72E-480A-83BF-300FB0369788}" = protocol=6 | dir=in | app=d:\games\steamapps\common\the ship\ship.exe |
"{FDBD8341-4168-456A-9DF6-D29D3713B860}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FE1DF9E9-CE4B-428F-8A37-C1CD7B0A9E13}" = protocol=17 | dir=in | app=d:\games\steamapps\common\shadowrun returns\shadowrun.exe |
"{FE488036-86D9-46E6-B4CB-8F2A218615C9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE8222C1-6CAC-4082-9A71-8FDDA47D0A4E}" = protocol=6 | dir=out | app=system |
"{FFD4DFCB-155D-41AD-BE3B-107AD5D74AC1}" = protocol=6 | dir=in | app=d:\games\steamapps\common\path of exile\pathofexilesteam.exe |
"TCP Query User{0F85FA87-9CFB-4230-8AA7-40C78E691DBB}D:\games\chaosonline\chaosonline.exe" = protocol=6 | dir=in | app=d:\games\chaosonline\chaosonline.exe |
"TCP Query User{26E0E692-271A-4A3B-946C-AB63DB81D37C}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"TCP Query User{3D0E7308-B9F7-4F40-981A-14D4ABE6E4F2}D:\games\chaosonline\patcher.exe" = protocol=6 | dir=in | app=d:\games\chaosonline\patcher.exe |
"TCP Query User{56BA58A4-DF8C-43AF-82DD-7E56C6F08204}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"TCP Query User{5A88DEDC-614D-44DB-9C01-81490AE2B007}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe |
"TCP Query User{7E36ECB9-DE8D-49B3-80F5-67EA9451CB14}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{ADAD7D41-0852-43CC-A514-339A314094FB}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{E9A0C8EF-44A3-4F1A-AAC7-399CECD87D0C}C:\users\blaze\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\blaze\appdata\local\akamai\netsession_win.exe |
"TCP Query User{EAC2131B-92D3-4B98-8382-25AA87CBED4D}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"TCP Query User{F1273823-75CA-47C2-8B3D-9A61A993DEC0}C:\users\blaze\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\blaze\appdata\local\akamai\netsession_win.exe |
"UDP Query User{23DB870C-4488-4E6A-A8ED-D9AEC5DD54CB}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{584F13C8-599E-44F3-B373-6C93DB733FB8}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"UDP Query User{7F8821B6-44C5-4E26-9BFC-902C9A37CDB3}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{7FEE802D-F638-4D97-A12E-E988ED498A6F}D:\games\chaosonline\chaosonline.exe" = protocol=17 | dir=in | app=d:\games\chaosonline\chaosonline.exe |
"UDP Query User{DE92139D-45E9-4726-8402-5D8E0C8087E6}C:\users\blaze\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\blaze\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DF5D49EC-4B67-4D9F-9AFF-D23774160AF6}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{DFEF2C05-2CB8-47A2-92D7-844940ADBE98}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |
"UDP Query User{E0148FA7-4B9C-401B-998E-EDF741FE1B65}D:\games\chaosonline\patcher.exe" = protocol=17 | dir=in | app=d:\games\chaosonline\patcher.exe |
"UDP Query User{F2F57941-88D1-4331-9130-5BBB6F649EC1}C:\users\blaze\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\blaze\appdata\local\akamai\netsession_win.exe |
"UDP Query User{FE4F962B-4A68-4D27-9EE4-55DD51641B7C}C:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\projectzomboid\jre64\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009751C6-22D7-4548-A313-AD48FA57076F}" = Autodesk Inventor Server Engine for 3ds Max 2014 64-bit
"{0BB716E0-1400-0610-0000-097DC2F354DF}" = Autodesk Revit Interoperability for 3ds Max 2014
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23C9ED7C-CB64-45FE-A7EA-1BA666F5589D}" = Autodesk DirectConnect 2015 64-bit
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BE91685-1632-47FC-B563-A8A542C6664C}" = Autodesk Network License Manager
"{52B37EC7-D836-0409-0064-3C24BCED2010}" = Autodesk 3ds Max 2014
"{5AAB972C-FF31-4B01-8445-50C42860EC02}" = Autodesk Composite 2014
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64FD3798-AC2C-4E40-9910-E53F7D324D9E}" = XRayUnwrap - Automatic computing coordinate UV unwrap for Autodesk 3ds Max.
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7491836B-659E-47DD-ABBF-F875AD48FD10}" = Autodesk 3ds Max 2014 64-bit Populate Data
"{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}" = Dolby Digital Plus Home Theater
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8FC7C2B2-0F64-4B35-AA3D-2B051D009243}" = Autodesk DirectConnect 2014 64-bit
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel® Rapid Storage Technology
"{A8573F59-C080-4495-A9A8-EC32D8A4ECFF}" = TortoiseSVN 1.8.7.25475 (64 bit)
"{AC6D2774-D543-4C46-906D-801322D1823D}" = Qualcomm Atheros Bandwidth Control Filter Driver
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{BDF821F0-D64C-421D-0052-A9B995B20873}" = mental ray renderer for Autodesk Maya 2015
"{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = WIDCOMM Bluetooth Software
"{CB70AAFD-F212-4E4C-BA9E-7BD61B2ADC78}" = Face Recognition
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D4CE21D4-27E5-46DB-9FFE-553A90AD4B9F}" = Alienware Command Center
"{D652F49D-E8E1-49BF-9169-300D7CEBAFEB}" = Update for Microsoft en-us Dictionary
"{D7B06EA3-0B31-4BD0-B1CF-944DCD72656A}" = Autodesk Maya 2015
"{E8814D63-BB76-4C89-A25E-264ECF11D00D}" = Autodesk Essential Skills Movies for 3ds Max 2014 64-bit
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B2A675-5A6A-46FE-97DC-ECDB96714CE7}" = Qualcomm Atheros Killer E220x Drivers
"{F7A70D00-F283-45C8-B163-49EC365D7E27}" = DSC/AA Factory Installer
"{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}" = Qualcomm Atheros Network Manager
"Autodesk 3ds Max 2014" = Autodesk 3ds Max 2014
"Autodesk Composite 2014" = Autodesk Composite 2014
"Autodesk DirectConnect 2014 64-bit" = Autodesk DirectConnect 2014 64-bit
"Autodesk DirectConnect 2015 64-bit" = Autodesk DirectConnect 2015 64-bit
"Autodesk Maya 2015" = Autodesk Maya 2015
"Autodesk Maya 2015 SP1" = Autodesk Maya 2015 SP1
"Autodesk Revit Interoperability for 3ds Max 2014" = Autodesk Revit Interoperability for 3ds Max 2014
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.10
"HomeStudentRetail - en-us" = Microsoft Office Home and Student 2013 - en-us
"PC-Doctor for Windows" = AlienAutopsy
"StageLight" = StageLight
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = AlienRespawn
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{216B0AF1-3137-4E03-9C02-F5132550A268}" = League of Legends
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}" = Intel® Rapid Start Technology
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2014
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{56BF70E8-EC59-4F68-BEE7-8B71432048C4}" = Qualcomm Atheros Killer Network Manager Suite
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6D9F35D2-1D6F-4E17-A79F-991A7BD24AAD}" = Vizzed Retro Game Room
"{70B1DA58-A2B9-4EA0-B83D-F03CBEEAE22D}" = LogMeIn Hamachi
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}" = Autodesk Material Library Medium Resolution Image Library 2014
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = AlienRespawn - Support Software
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D2883AB6-09B4-4981-AAF8-E695411EEC9A}" = Sculptris Alpha 6
"{D3368212-EF35-46CF-931E-12AA327849C6}" = PAMM
"{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}" = Adobe Photoshop CC 2014
"{D850CB7E-72BC-4510-BA4F-48932BFAB295}" = Alienware Digital Delivery
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2321021-08A2-44D6-B1DF-BDB415F23EC3}" = Adobe Illustrator CC
"{FEB32068-825C-4E99-9680-5571451B3787}_is1" = King's Bounty: Armored Princess (Remove Only)
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Autodesk Application Manager" = Autodesk Application Manager
"Battle.net" = Battle.net
"Chaos Heroes" = Chaos Heroes
"Google Chrome" = Google Chrome
"InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}" = Sculptris Alpha 6
"InstallShield_{D4CE21D4-27E5-46DB-9FFE-553A90AD4B9F}" = Alienware Command Center
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 32.0.3 (x86 en-GB)" = Mozilla Firefox 32.0.3 (x86 en-GB)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SpeedFan" = SpeedFan (remove only)
"Steam App 108600" = Project Zomboid
"Steam App 200710" = Torchlight II
"Steam App 210770" = Sanctum 2
"Steam App 220700" = RPG Maker VX Ace
"Steam App 233250" = Planetary Annihilation
"Steam App 234650" = Shadowrun Returns
"Steam App 238960" = Path of Exile
"Steam App 2400" = The Ship
"Steam App 241930" = Middle-earth: Shadow of Mordor
"Steam App 301520" = Robocraft
"Steam App 8400" = Geometry Wars: Retro Evolved
"VLC media player" = VLC media player 2.1.3
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1349769393-725388422-3516167252-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"9204f5692a8faf3b" = Dell System Detect
"Akamai" = Akamai NetSession Interface
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 05-Oct-14 7:42:05 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "c:\program files (x86)\Adobe\adobe
creative cloud\Utils\Creative Cloud Uninstaller.exe".Error in manifest or policy
file "" on line . A component version required by the application conflicts with
another component version already active. Conflicting components are:. Component
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error - 05-Oct-14 7:42:07 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 05-Oct-14 8:06:50 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "c:\program files (x86)\Adobe\adobe
creative cloud\Utils\Creative Cloud Uninstaller.exe".Error in manifest or policy
file "" on line . A component version required by the application conflicts with
another component version already active. Conflicting components are:. Component
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error - 05-Oct-14 8:06:52 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 05-Oct-14 8:11:10 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "c:\program files (x86)\Adobe\adobe
creative cloud\Utils\Creative Cloud Uninstaller.exe".Error in manifest or policy
file "" on line . A component version required by the application conflicts with
another component version already active. Conflicting components are:. Component
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error - 05-Oct-14 8:11:12 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 05-Oct-14 9:48:21 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "c:\program files (x86)\Adobe\adobe
creative cloud\Utils\Creative Cloud Uninstaller.exe".Error in manifest or policy
file "" on line . A component version required by the application conflicts with
another component version already active. Conflicting components are:. Component
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error - 05-Oct-14 9:48:23 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 05-Oct-14 10:37:53 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "c:\program files (x86)\Adobe\adobe
creative cloud\Utils\Creative Cloud Uninstaller.exe".Error in manifest or policy
file "" on line . A component version required by the application conflicts with
another component version already active. Conflicting components are:. Component
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error - 05-Oct-14 10:37:55 AM | Computer Name = Blaze | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ Spybot - Search and Destroy Events ]
Error - 23-Sep-14 10:05:34 AM | Computer Name = Blaze | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 23-Sep-14 10:05:40 AM | Computer Name = Blaze | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

[ System Events ]
Error - 14-Oct-14 5:33:40 AM | Computer Name = Blaze | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start.    Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error
Code: 126

Error - 14-Oct-14 5:33:42 AM | Computer Name = Blaze | Source = Service Control Manager | ID = 7000
Description = The Search Protect Service service failed to start due to the following
error:   %%2

Error - 15-Oct-14 1:51:24 AM | Computer Name = Blaze | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:15:37 AM on ?10/?15/?2014 was unexpected.

Error - 15-Oct-14 1:51:24 AM | Computer Name = Blaze | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start.    Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error
Code: 126

Error - 15-Oct-14 1:51:26 AM | Computer Name = Blaze | Source = Service Control Manager | ID = 7000
Description = The Search Protect Service service failed to start due to the following
error:   %%2

Error - 15-Oct-14 7:35:12 PM | Computer Name = Blaze | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:05:01 AM on ?10/?16/?2014 was unexpected.

Error - 15-Oct-14 7:35:13 PM | Computer Name = Blaze | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start.    Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error
Code: 126

Error - 15-Oct-14 7:35:15 PM | Computer Name = Blaze | Source = Service Control Manager | ID = 7000
Description = The Search Protect Service service failed to start due to the following
error:   %%2

Error - 15-Oct-14 7:36:28 PM | Computer Name = Blaze | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start.    Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error
Code: 126

Error - 15-Oct-14 7:36:30 PM | Computer Name = Blaze | Source = Service Control Manager | ID = 7000
Description = The Search Protect Service service failed to start due to the following
error:   %%2

< End of report >

I hope that someone will be able to assist me with this problem as i have tried to remove it myself and i am now seeking help before sending it off to dell which will take about 4 weeks to return probally with a new system, and or all my presonal files deleted.

Thanks in advance Blaze

#2
BrianDrab

Posted 22 October 2014 - 07:57 AM

Trusted Helper

Malware Removal
3,591 posts

I'd be glad to help. I'll review the logs and get back to you.

#3
BrianDrab

Posted 22 October 2014 - 08:01 AM

Trusted Helper

Malware Removal
3,591 posts

Hi. My name is Brian, and I would be happy to look into your issue.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.

- General Instructions -

Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
Any fixes provided by myself are for this log file only and should not be used on any other systems.
Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
Please feel free to ask any questions, especially if you are having problems with my instructions.

- Save ALL Tools to your Desktop-

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

- Finally Before We Start-

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Let's get started. It appears you are running Win8/8.1 on your laptop. I'd like to use a different tool that works better with this Operating System. Please follow the instructions below.

Step#1 - FRST Scan

1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.

#4
blaze1940

Posted 22 October 2014 - 08:21 AM

Member

Topic Starter
Member
15 posts

Thank you for the fast reply, i was expectong a day or so on the reply

Here are the text files you requested:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Blaze (administrator) on BLAZE on 23-10-2014 00:18:40
Running from C:\Users\Blaze\Desktop
Loaded Profiles: UpdatusUser & Blaze (Available profiles: UpdatusUser & Blaze)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FACSMon.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAsenmon.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Akamai Technologies, Inc.) C:\Users\Blaze\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Blaze\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Dell) C:\Users\Blaze\AppData\Local\Apps\2.0\CV2TBV96.340\VDWMKC82.4XY\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Autodesk Inc.) C:\Users\Blaze\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
() C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
() C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Compal) C:\Program Files (x86)\Alienware On-Screen Display\DSubOSD.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-10-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-27] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-05] (Alienware)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4593968 2013-11-16] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95536 2014-06-21] (Sensible Vision )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-05-20] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1349769393-725388422-3516167252-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Blaze\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1349769393-725388422-3516167252-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1349769393-725388422-3516167252-1002\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-1349769393-725388422-3516167252-1002\...\Run: [DellSystemDetect] => C:\Users\Blaze\AppData\Local\Apps\2.0\CV2TBV96.340\VDWMKC82.4XY\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-04-30] (Dell)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.alienware....com/welcome-au
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.alienware....com/welcome-au
SearchScopes: HKLM - DefaultScope {458517AD-AFB4-4D54-A224-9B18BD87D861} URL = http://www.bing.com/...=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {458517AD-AFB4-4D54-A224-9B18BD87D861} URL = http://www.bing.com/...=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope {458517AD-AFB4-4D54-A224-9B18BD87D861} URL = http://www.bing.com/...=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {458517AD-AFB4-4D54-A224-9B18BD87D861} URL = http://www.bing.com/...=IE11TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {458517AD-AFB4-4D54-A224-9B18BD87D861} URL = http://www.bing.com/...=IE11TR&pc=DCJB
SearchScopes: HKCU - {458517AD-AFB4-4D54-A224-9B18BD87D861} URL = http://www.bing.com/...=IE11TR&pc=DCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1

FireFox:
========
FF ProfilePath: C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=M2A9C36ED-9869-4AB3-8148-740E9867D53A&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP304EBBF1-C4A9-4C4A-A1FC-70BF84B3AE1C
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @sensiblevision.com/FastAccess,version=4.1.110 -> C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @vizzed.com/VizzedRGR -> C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Disconnect - C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\Extensions\[email protected] [2014-10-12]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\Extensions\[email protected] [2014-10-12]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\Extensions\[email protected] [2014-10-12]
FF Extension: Thumbnail Zoom Plus - C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\Extensions\[email protected] [2014-10-12]
FF Extension: Adblock Plus - C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-28]
FF Extension: Adblock Edge - C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-06-28]

Chrome:
=======
CHR Profile: C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-10]
CHR Extension: (Google Drive) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-20]
CHR Extension: (YouTube) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10]
CHR Extension: (Google Cast) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-08-10]
CHR Extension: (Google Search) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Gmail) - C:\Users\Blaze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2014-04-04] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-07] (CyberLink)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-02] (iolo technologies, LLC)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-19] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-14] (Realtek Semiconductor)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-04-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7474864 2014-04-04] (Broadcom Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-14] (Qualcomm Atheros, Inc.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-06] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R0 EMSC; C:\Windows\System32\drivers\EMSC.SYS [17720 2012-07-11] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-11] ()
S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows ® Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-12] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-21] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-19] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83456 2013-08-07] (STMicroelectronics)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 00:18 - 2014-10-23 00:18 - 00033509 _____ () C:\Users\Blaze\Desktop\FRST.txt
2014-10-23 00:18 - 2014-10-23 00:18 - 00000000 ____D () C:\FRST
2014-10-23 00:17 - 2014-10-23 00:17 - 02110976 _____ (Farbar) C:\Users\Blaze\Desktop\FRST64.exe
2014-10-22 22:22 - 2014-10-22 22:22 - 00118396 _____ () C:\Users\Blaze\Downloads\Extras.Txt
2014-10-22 22:21 - 2014-10-22 22:21 - 00175606 _____ () C:\Users\Blaze\Downloads\OTL.Txt
2014-10-22 22:17 - 2014-10-22 22:17 - 00602112 _____ (OldTimer Tools) C:\Users\Blaze\Downloads\OTL.exe
2014-10-22 19:07 - 2014-10-22 19:18 - 00003282 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-10-19 20:32 - 2014-10-19 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-10-19 20:32 - 2014-10-19 20:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-10-16 13:12 - 2014-10-19 20:32 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-16 13:12 - 2014-10-16 13:12 - 00001021 _____ () C:\Users\UpdatusUser\Desktop\SpeedFan.lnk
2014-10-16 13:12 - 2014-10-16 13:12 - 00001021 _____ () C:\Users\Blaze\Desktop\SpeedFan.lnk
2014-10-16 13:12 - 2014-10-16 13:12 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-10-16 13:12 - 2014-10-16 13:12 - 00000000 ____D () C:\Users\Blaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-16 13:12 - 2014-10-16 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-16 13:08 - 2014-10-16 13:08 - 02174848 _____ () C:\Users\Blaze\Downloads\instsf450.exe
2014-10-16 11:04 - 2014-10-16 11:04 - 00000000 ____D () C:\Users\Blaze\AppData\Roaming\SanDisk SecureAccess
2014-10-15 15:58 - 2014-09-28 08:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 15:58 - 2014-09-26 08:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 15:58 - 2014-09-26 08:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 15:58 - 2014-09-26 08:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 15:58 - 2014-09-26 08:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 15:58 - 2014-09-26 08:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 15:58 - 2014-09-26 08:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 15:58 - 2014-09-19 12:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 15:58 - 2014-09-19 11:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 15:58 - 2014-09-19 11:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 15:58 - 2014-09-19 11:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 15:58 - 2014-09-19 11:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 15:58 - 2014-09-19 11:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 15:58 - 2014-09-19 11:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 15:58 - 2014-09-19 11:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 15:58 - 2014-09-19 11:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 15:58 - 2014-09-19 11:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 15:58 - 2014-09-19 10:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 15:58 - 2014-09-19 10:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 15:58 - 2014-09-19 10:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 15:58 - 2014-09-19 10:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 15:58 - 2014-09-19 10:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 15:58 - 2014-09-19 10:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 15:58 - 2014-09-19 10:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 15:58 - 2014-09-19 10:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 15:58 - 2014-09-19 10:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 15:58 - 2014-09-19 10:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 15:58 - 2014-09-19 09:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 15:58 - 2014-09-19 09:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 15:58 - 2014-09-19 09:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 15:58 - 2014-09-19 09:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 15:58 - 2014-09-08 13:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-15 15:58 - 2014-09-08 11:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-15 15:58 - 2014-09-08 11:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-15 15:58 - 2014-09-08 10:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-15 15:58 - 2014-09-08 10:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-15 15:58 - 2014-09-08 10:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-15 15:58 - 2014-09-08 10:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-15 15:58 - 2014-09-08 10:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-15 15:58 - 2014-09-08 10:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-15 15:58 - 2014-09-08 10:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-15 15:58 - 2014-09-08 09:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-15 15:58 - 2014-09-08 09:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-15 15:58 - 2014-09-08 09:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-15 15:58 - 2014-09-08 09:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-15 15:58 - 2014-09-04 10:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-15 15:58 - 2014-09-04 09:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-15 15:58 - 2014-09-04 09:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-15 15:57 - 2014-10-10 08:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 15:57 - 2014-10-09 08:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 15:57 - 2014-09-19 11:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 15:57 - 2014-09-13 16:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 15:57 - 2014-09-13 16:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 15:57 - 2014-09-13 15:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 15:57 - 2014-09-13 15:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 15:57 - 2014-09-04 10:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 15:57 - 2014-09-04 10:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 15:57 - 2014-08-29 11:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-15 15:57 - 2014-08-29 09:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-15 15:57 - 2014-08-29 09:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-15 15:57 - 2014-08-16 14:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-15 15:57 - 2014-08-16 14:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-15 15:57 - 2014-08-16 14:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-15 15:57 - 2014-08-16 13:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-15 15:57 - 2014-08-16 13:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-15 15:57 - 2014-08-16 13:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-15 15:57 - 2014-08-16 13:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-15 15:57 - 2014-08-16 13:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-15 15:57 - 2014-08-16 13:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-15 15:57 - 2014-08-16 11:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-15 15:57 - 2014-08-16 11:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-15 15:57 - 2014-08-16 10:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-15 15:57 - 2014-08-16 10:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-15 15:57 - 2014-08-16 10:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-15 15:57 - 2014-08-16 10:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-15 15:57 - 2014-08-16 10:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-15 15:57 - 2014-08-16 10:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-15 15:57 - 2014-08-16 10:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-15 15:57 - 2014-08-16 10:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-15 15:57 - 2014-08-16 10:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 15:57 - 2014-08-16 10:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-15 15:57 - 2014-08-16 10:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-15 15:57 - 2014-08-16 10:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-15 15:57 - 2014-08-16 10:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 15:57 - 2014-08-16 10:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-15 15:57 - 2014-08-16 10:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-15 15:57 - 2014-08-16 10:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-15 15:57 - 2014-08-16 10:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 15:57 - 2014-08-16 10:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-15 15:57 - 2014-08-16 10:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-15 15:57 - 2014-08-16 10:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-15 15:57 - 2014-08-16 10:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-15 15:57 - 2014-08-16 10:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 15:57 - 2014-08-16 10:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-15 15:57 - 2014-08-01 09:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-13 21:59 - 2014-10-13 21:59 - 00000222 _____ () C:\Users\Blaze\Desktop\Middle-earth Shadow of Mordor.url
2014-10-12 16:58 - 2014-10-12 16:58 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-12 16:58 - 2014-10-12 16:58 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-09 19:54 - 2014-10-09 19:54 - 00003232 _____ () C:\Windows\System32\Tasks\{6CBEA618-7529-414C-807C-76A45D5F1EF2}
2014-10-09 19:53 - 2014-10-09 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-02 02:30 - 2014-10-02 02:30 - 00000000 ____D () C:\Users\Blaze\Downloads\Misc
2014-10-02 02:29 - 2014-10-09 14:59 - 00000000 ____D () C:\Users\Blaze\Downloads\Images
2014-10-02 02:28 - 2014-10-12 16:58 - 00000000 ____D () C:\Users\Blaze\Downloads\Executables
2014-09-25 20:17 - 2014-10-12 16:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 00:10 - 2014-09-24 00:09 - 00450709 ____R () C:\Windows\system32\Drivers\etc\hosts.20140924-001011.backup
2014-09-24 00:09 - 2014-09-23 23:26 - 00450709 ____R () C:\Windows\system32\Drivers\etc\hosts.20140924-000954.backup
2014-09-24 00:05 - 2014-09-24 00:05 - 00022815 _____ () C:\Windows\wininit.ini
2014-09-23 23:26 - 2013-08-22 23:25 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140923-232651.backup
2014-09-23 14:22 - 2014-09-24 01:04 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-23 14:21 - 2014-09-23 14:21 - 00000878 _____ () C:\Users\Blaze\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-23 14:20 - 2014-10-22 21:59 - 00000000 ____D () C:\Users\Blaze\AppData\Roaming\uTorrent
2014-09-23 10:00 - 2014-09-23 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 00:18 - 2014-06-25 13:51 - 00000000 ____D () C:\Users\Blaze\AppData\Roaming\Skype
2014-10-23 00:15 - 2014-08-10 19:10 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-23 00:02 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-22 23:40 - 2014-04-29 21:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-22 22:25 - 2014-07-05 14:55 - 00000000 ____D () C:\Users\Blaze\AppData\Local\LogMeIn Hamachi
2014-10-22 21:59 - 2014-09-13 10:24 - 00000000 ____D () C:\Windows\Minidump
2014-10-22 21:59 - 2014-04-04 19:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-22 20:43 - 2014-04-29 17:35 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1349769393-725388422-3516167252-1002
2014-10-22 19:25 - 2014-04-04 19:55 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn
2014-10-22 19:24 - 2014-04-04 19:52 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-22 19:20 - 2014-08-10 19:11 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-22 19:18 - 2014-08-10 19:10 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-22 19:18 - 2014-08-06 16:10 - 00000000 ____D () C:\Users\Blaze\AppData\Local\TSVNCache
2014-10-22 19:18 - 2014-05-10 01:06 - 00000000 ___DO () C:\Users\Blaze\OneDrive
2014-10-22 19:18 - 2014-04-29 21:39 - 00000000 ____D () C:\Users\Blaze\AppData\Local\Adobe
2014-10-22 19:17 - 2014-04-04 19:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-22 19:17 - 2013-08-23 00:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-22 19:17 - 2013-08-22 23:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-22 11:59 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-21 16:42 - 2014-04-29 17:30 - 00000000 ____D () C:\Users\Blaze
2014-10-21 15:11 - 2014-05-05 13:51 - 00000000 ____D () C:\Users\Blaze\AppData\Roaming\vlc
2014-10-18 14:13 - 2014-04-29 21:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 14:11 - 2014-04-29 21:12 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 13:33 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:05 - 2014-04-30 03:33 - 00000000 ____D () C:\ProgramData\Autodesk
2014-10-16 09:35 - 2014-07-10 01:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 09:35 - 2013-08-23 01:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-16 09:35 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-16 09:35 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-16 09:35 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-16 09:35 - 2013-08-23 01:36 - 00000000 ____D () C:\Windows\Camera
2014-10-16 09:35 - 2013-08-23 00:44 - 05049512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 17:13 - 2013-08-23 01:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-13 22:24 - 2014-07-31 06:41 - 00000000 ____D () C:\Users\Blaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-12 16:52 - 2014-05-03 18:57 - 00000000 ____D () C:\Users\Blaze\Desktop\Tutorials
2014-10-11 13:13 - 2014-07-28 16:12 - 00001331 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-10-11 13:13 - 2014-05-01 23:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-09 19:53 - 2014-05-30 22:31 - 00000000 ____D () C:\Users\Blaze\AppData\Local\NCSOFT
2014-10-09 15:20 - 2014-05-05 16:49 - 00000132 _____ () C:\Users\Blaze\AppData\Roaming\Adobe Targa Format CC Prefs
2014-10-09 15:07 - 2014-08-12 15:58 - 00000132 _____ () C:\Users\Blaze\AppData\Roaming\Adobe PNG Format CC Prefs
2014-10-06 19:08 - 2014-04-30 03:22 - 00000000 ____D () C:\Users\Blaze\AppData\Local\Deployment
2014-10-02 02:31 - 2014-07-11 13:46 - 00081408 ___SH () C:\Users\Blaze\Downloads\Thumbs.db
2014-10-02 02:29 - 2014-09-16 15:14 - 00000000 ____D () C:\Users\Blaze\Downloads\Zip files
2014-10-02 02:22 - 2014-04-29 17:30 - 00000000 ____D () C:\Users\Blaze\AppData\Roaming\Adobe
2014-09-30 08:45 - 2013-08-23 01:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-30 08:45 - 2013-08-23 01:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-27 21:48 - 2014-09-18 12:52 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-23 23:21 - 2014-05-23 22:58 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-23 10:00 - 2014-06-25 13:51 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-23 10:00 - 2014-06-25 13:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-23 10:00 - 2014-06-25 13:50 - 00000000 ____D () C:\ProgramData\Skype

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-21 09:59

==================== End Of Log ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Blaze at 2014-10-23 00:18:57
Running from C:\Users\Blaze\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{D4CE21D4-27E5-46DB-9FFE-553A90AD4B9F}) (Version: 3.5.14.0 - Alienware Corp.)
Alienware Command Center (Version: 3.5.14.0 - Alienware Corp.) Hidden
Alienware Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.11C - )
Alienware On-Screen Display (x32 Version: 0.33.0.11C - ) Hidden
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.0.420.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Maya 2015 (HKLM\...\Autodesk Maya 2015) (Version: 15.1.1541.0 - Autodesk)
Autodesk Maya 2015 (Version: 15.1.1541.0 - Autodesk) Hidden
Autodesk Maya 2015 SP1 (HKLM\...\Autodesk Maya 2015 SP1) (Version: 15.1.1541.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.143 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chaos Heroes (HKLM-x32\...\Chaos Heroes) (Version: - )
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.6603 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.3214 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3123 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.3126 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (x32 Version: 12.0.3205.55 - CyberLink Corp.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
Face Recognition (HKLM\...\{CB70AAFD-F212-4E4C-BA9E-7BD61B2ADC78}) (Version: 4.1.199.1 - Sensible Vision)
Geometry Wars: Retro Evolved (HKLM-x32\...\Steam App 8400) (Version: - Bizarre Creations)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
King's Bounty: Armored Princess (Remove Only) (HKLM-x32\...\{FEB32068-825C-4E99-9680-5571451B3787}_is1) (Version: 1.0.0.0 - 1C Company)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
mental ray renderer for Autodesk Maya 2015 (HKLM\...\{BDF821F0-D64C-421D-0052-A9B995B20873}) (Version: 15.3.1808.0 - mental ray)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mozilla Firefox 32.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-GB)) (Version: 32.0.3 - Mozilla)
NVIDIA 3D Vision Controller Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
PAMM (HKLM-x32\...\{D3368212-EF35-46CF-931E-12AA327849C6}) (Version: 1.4.0.0 - The PA Community)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - The Indie Stone)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{56BF70E8-EC59-4F68-BEE7-8B71432048C4}) (Version: 1.0.30.1052 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7055 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
Sculptris Alpha 6 (HKLM-x32\...\InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic)
Sculptris Alpha 6 (x32 Version: 0.6 - Pixologic) Hidden
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2348.1 - Hi-Rez Studios)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0046 - ST Microelectronics)
StageLight (HKLM\...\StageLight) (Version: 1.2.0.4291 - Open Labs, LLC.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
TortoiseSVN 1.8.7.25475 (64 bit) (HKLM\...\{A8573F59-C080-4495-A9A8-EC32D8A4ECFF}) (Version: 1.8.25475 - TortoiseSVN)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Vizzed Retro Game Room (HKLM-x32\...\{6D9F35D2-1D6F-4E17-A79F-991A7BD24AAD}) (Version: 2.0.0 - Vizzed)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XRayUnwrap - Automatic computing coordinate UV unwrap for Autodesk 3ds Max. (HKLM\...\{64FD3798-AC2C-4E40-9910-E53F7D324D9E}) (Version: 1.5.5 - Raylight S.r.l.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1349769393-725388422-3516167252-1002_Classes\CLSID\{0460b4ef-34f7-4ca3-b80b-7cb26600ec12}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1349769393-725388422-3516167252-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-1349769393-725388422-3516167252-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Blaze\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1349769393-725388422-3516167252-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Blaze\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1349769393-725388422-3516167252-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Blaze\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1349769393-725388422-3516167252-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Blaze\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

10-10-2014 10:03:34 Scheduled Checkpoint
15-10-2014 07:11:34 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 23:25 - 2014-09-24 00:10 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1   www.007guard.com
127.0.0.1   007guard.com
127.0.0.1   008i.com
127.0.0.1   www.008k.com
127.0.0.1   008k.com
127.0.0.1   www.00hq.com
127.0.0.1   00hq.com
127.0.0.1   010402.com
127.0.0.1   www.032439.com
127.0.0.1   032439.com
127.0.0.1   www.0scan.com
127.0.0.1   0scan.com
127.0.0.1   1000gratisproben.com
127.0.0.1   www.1000gratisproben.com
127.0.0.1   1001namen.com
127.0.0.1   www.1001namen.com
127.0.0.1   100888290cs.com
127.0.0.1   www.100888290cs.com
127.0.0.1   www.100sexlinks.com
127.0.0.1   100sexlinks.com
127.0.0.1   10sek.com
127.0.0.1   www.10sek.com
127.0.0.1   www.1-2005-search.com
127.0.0.1   1-2005-search.com
127.0.0.1   123fporn.info
127.0.0.1   www.123fporn.info
127.0.0.1   123haustiereundmehr.com
127.0.0.1   www.123haustiereundmehr.com
127.0.0.1   123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {091BF48B-9C81-4AD0-8117-9A80EC7A565C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {09D6B14F-F428-4F79-86FA-B7F7292A7681} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BB30E8E-14BF-4413-82A1-0DAD3FAB3217} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {10C69F14-C893-46AF-A9A3-A9F8F0111EE4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-14] (Synaptics Incorporated)
Task: {1BF2312B-CF86-4356-BD99-576CD277816F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-01-11] (PC-Doctor, Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {24D6F5FA-2E6B-440D-BF76-A13D3E4BE59B} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {339C3BF2-721F-425D-8AD3-B13468FFCC59} - System32\Tasks\AdobeAAMUpdater-1.0-Blaze-PC-Blaze => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {34F04D77-A1DC-4271-8D25-4DC54C693CA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D317E39-02F0-41F9-8DCF-5CB1EE2CED57} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1349769393-725388422-3516167252-1002
Task: {4509D7B0-0A2E-49CE-BC97-B8E550111E17} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AC8E2AB-CD22-4336-B47D-8BD53D0889FF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7273BB03-0D6E-41F6-9A6E-7DBD3D760EFE} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2014-01-11] (PC-Doctor, Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {755E5DD3-5B46-47FC-88CA-DB2605EDBB12} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {75DD8E5E-0986-4EA0-ADAF-16466BCF1AA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {914CEEED-EA0E-4CCD-9DC3-06F806F6DBE9} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-12] (Intel)
Task: {927DC56D-B96A-45A6-8FDE-4F789F7D5187} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {933E5058-1640-4391-B0E1-B1BAA3AC416A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {9D4EFAC5-CF0C-4132-83DC-45FF931BFF7E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C5FC404D-E4D5-4CF3-AEA7-96C5E37599F3} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-09-10] (Dolby Laboratories Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D8592C6F-DC7A-4BAC-BDA8-7AD77AB1E1CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E8222B01-672B-45F5-AE80-4A59CB6C1AAF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {EABD02DD-3F0C-4CEF-A9CA-E0C3D7F843D9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {F7FF3602-F0A3-4FAF-9D13-059588C2A7E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-18] (Microsoft Corporation)
Task: {FA58CFE1-BE72-474A-BB99-DF51B1D90710} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {FB05D012-4DB7-4CB1-825A-3B582EE91C94} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-04 19:51 - 2013-10-23 18:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 13:13 - 2013-09-05 13:13 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-09-26 23:38 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-09-15 14:19 - 2011-09-15 14:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-09-27 21:45 - 2014-09-27 21:45 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-06 20:37 - 2014-05-06 20:37 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-05-06 20:37 - 2014-05-06 20:37 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-04-04 19:56 - 2013-08-20 02:21 - 00020256 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayIcon.dll
2014-04-04 19:56 - 2013-08-20 02:21 - 00019232 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayNotBackuped.dll
2014-04-04 19:56 - 2013-08-20 02:21 - 00035104 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRShellExtension.dll
2014-09-11 18:02 - 2014-09-11 18:02 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-08 10:08 - 2013-06-06 12:09 - 01185048 ____N () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-09-10 06:13 - 2013-09-10 06:13 - 00050904 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2013-11-16 10:17 - 2013-11-16 10:17 - 04593968 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
2013-08-08 06:38 - 2013-08-08 06:38 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-06-21 11:55 - 2014-06-21 11:55 - 04357936 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-04-04 19:56 - 2013-11-22 10:22 - 00484880 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe
2014-06-21 12:09 - 2014-06-21 12:09 - 00094000 _____ () C:\Windows\SYSTEM32\FAIEExtension.DLL
2013-04-04 14:42 - 2013-04-04 14:42 - 00012424 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\MFCaptureD3D_2_DLL.dll
2014-04-30 13:18 - 2014-06-21 16:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-04-30 13:18 - 2014-06-21 16:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-05-23 22:58 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-23 22:58 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-23 22:58 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-23 22:58 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-23 22:58 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2009-12-19 04:07 - 2009-12-19 04:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
2014-10-22 19:18 - 2014-06-21 16:19 - 00104328 _____ () C:\Users\Blaze\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2014-05-05 22:21 - 2014-05-05 22:21 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-05-05 22:20 - 2014-05-05 22:20 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-06-21 12:10 - 2014-06-21 12:10 - 00028976 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\QtSolutions_MFCMigrationFramework-2.8.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2014-04-04 19:54 - 2013-03-05 13:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-06 04:41 - 2013-03-06 04:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-04-04 19:49 - 2013-09-19 02:33 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-04-04 19:56 - 2013-11-22 08:00 - 01904928 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\STRestoreAPI.dll
2014-04-04 19:56 - 2012-11-26 15:20 - 01153384 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\libxml2.dll
2014-04-04 19:56 - 2012-11-26 15:20 - 00117608 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\zlib1.dll
2014-10-12 16:58 - 2014-09-24 15:09 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Blaze\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-1349769393-725388422-3516167252-500 - Administrator - Disabled)
Blaze (S-1-5-21-1349769393-725388422-3516167252-1002 - Administrator - Enabled) => C:\Users\Blaze

==================== Faulty Device Manager Devices =============

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: facap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2014 11:20:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FASecFacX.exe, version: 4.1.199.1, time stamp: 0x53a5d850
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x02862fb8
Faulting process id: 0x2670
Faulting application start time: 0xFASecFacX.exe0
Faulting application path: FASecFacX.exe1
Faulting module path: FASecFacX.exe2
Report Id: FASecFacX.exe3
Faulting package full name: FASecFacX.exe4
Faulting package-relative application ID: FASecFacX.exe5

Error: (10/22/2014 10:05:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SDFiles.exe version 2.3.39.135 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10b0

Start Time: 01cfedf0331af32d

Termination Time: 11

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe

Report Id: a62f9aaa-59e3-11e4-8308-54271e914bc8

Faulting package full name:

Faulting package-relative application ID:

Error: (10/22/2014 10:03:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SDFiles.exe version 2.3.39.135 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1948

Start Time: 01cfedf0176f4f7c

Termination Time: 11

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe

Report Id: 6bcb1bcd-59e3-11e4-8308-54271e914bc8

Faulting package full name:

Faulting package-relative application ID:

Error: (10/22/2014 09:56:46 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (10/22/2014 09:07:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FASecFacX.exe, version: 4.1.199.1, time stamp: 0x53a5d850
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x02d22fb8
Faulting process id: 0x2198
Faulting application start time: 0xFASecFacX.exe0
Faulting application path: FASecFacX.exe1
Faulting module path: FASecFacX.exe2
Report Id: FASecFacX.exe3
Faulting package full name: FASecFacX.exe4
Faulting package-relative application ID: FASecFacX.exe5

Error: (10/22/2014 02:00:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program 3dsmax.exe version 16.0.420.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b10

Start Time: 01cfedacafbc49a8

Termination Time: 4294967295

Application Path: C:\Program Files\Autodesk\3ds Max 2014\3dsmax.exe

Report Id: fe03d68b-599f-11e4-8306-54271e914bc8

Faulting package full name:

Faulting package-relative application ID:

Error: (10/22/2014 02:00:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program 3dsmax.exe version 16.0.420.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2dd8

Start Time: 01cfedac8fc85f86

Termination Time: 4294967295

Application Path: C:\Program Files\Autodesk\3ds Max 2014\3dsmax.exe

Report Id: eb3c16dc-599f-11e4-8306-54271e914bc8

Faulting package full name:

Faulting package-relative application ID:

Error: (10/22/2014 01:08:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FASecFacX.exe, version: 4.1.199.1, time stamp: 0x53a5d850
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x01122bf0
Faulting process id: 0x1888
Faulting application start time: 0xFASecFacX.exe0
Faulting application path: FASecFacX.exe1
Faulting module path: FASecFacX.exe2
Report Id: FASecFacX.exe3
Faulting package full name: FASecFacX.exe4
Faulting package-relative application ID: FASecFacX.exe5

Error: (10/22/2014 00:00:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/21/2014 03:11:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: 3dsmax.exe, version: 16.0.420.0, time stamp: 0x512f962b
Faulting module name: 3dsmax.exe, version: 16.0.420.0, time stamp: 0x512f962b
Exception code: 0xc000041d
Fault offset: 0x00000000004a24f5
Faulting process id: 0x2c30
Faulting application start time: 0x3dsmax.exe0
Faulting application path: 3dsmax.exe1
Faulting module path: 3dsmax.exe2
Report Id: 3dsmax.exe3
Faulting package full name: 3dsmax.exe4
Faulting package-relative application ID: 3dsmax.exe5

System errors:
=============
Error: (10/22/2014 07:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2

Error: (10/22/2014 07:17:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 126

Error: (10/22/2014 02:02:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2

Error: (10/22/2014 02:02:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 126

Error: (10/21/2014 09:26:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2

Error: (10/21/2014 09:26:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 126

Error: (10/21/2014 09:26:21 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:20:13 AM on ‎10/‎21/‎2014 was unexpected.

Error: (10/19/2014 08:32:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/19/2014 08:32:31 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000d1 (0xffffd001591aa3eb, 0x0000000000000002, 0x0000000000000000, 0xfffff8009f971034)C:\Windows\MEMORY.DMP101914-21125-01

Error: (10/19/2014 08:32:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Search Protect Service service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (10/22/2014 11:20:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FASecFacX.exe4.1.199.153a5d850unknown0.0.0.000000000c000000502862fb8267001cfedf34358ee17C:\Program Files (x86)\Sensible Vision\Fast Access\FASecFacX.exeunknown21cb85f2-59ee-11e4-8308-54271e914bc8

Error: (10/22/2014 10:05:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDFiles.exe2.3.39.13510b001cfedf0331af32d11C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exea62f9aaa-59e3-11e4-8308-54271e914bc8

Error: (10/22/2014 10:03:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDFiles.exe2.3.39.135194801cfedf0176f4f7c11C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe6bcb1bcd-59e3-11e4-8308-54271e914bc8

Error: (10/22/2014 09:56:46 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883

Error: (10/22/2014 09:07:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FASecFacX.exe4.1.199.153a5d850unknown0.0.0.000000000c000000502d22fb8219801cfede56f105f05C:\Program Files (x86)\Sensible Vision\Fast Access\FASecFacX.exeunknownaa842190-59db-11e4-8308-54271e914bc8

Error: (10/22/2014 02:00:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: 3dsmax.exe16.0.420.01b1001cfedacafbc49a84294967295C:\Program Files\Autodesk\3ds Max 2014\3dsmax.exefe03d68b-599f-11e4-8306-54271e914bc8

Error: (10/22/2014 02:00:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: 3dsmax.exe16.0.420.02dd801cfedac8fc85f864294967295C:\Program Files\Autodesk\3ds Max 2014\3dsmax.exeeb3c16dc-599f-11e4-8306-54271e914bc8

Error: (10/22/2014 01:08:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FASecFacX.exe4.1.199.153a5d850unknown0.0.0.000000000c000000501122bf0188801cfed9b1853d855C:\Program Files (x86)\Sensible Vision\Fast Access\FASecFacX.exeunknownc193bad6-5998-11e4-8306-54271e914bc8

Error: (10/22/2014 00:00:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe

Error: (10/21/2014 03:11:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 3dsmax.exe16.0.420.0512f962b3dsmax.exe16.0.420.0512f962bc000041d00000000004a24f52c3001cfece4158ddbe2C:\Program Files\Autodesk\3ds Max 2014\3dsmax.exeC:\Program Files\Autodesk\3ds Max 2014\3dsmax.exebca42b07-58e0-11e4-8306-54271e914bc8

==================== Memory info ===========================

Processor: Intel® Core™ i7-4900MQ CPU @ 2.80GHz
Percentage of memory in use: 11%
Total physical RAM: 32691.02 MB
Available physical RAM: 28891.05 MB
Total Pagefile: 65459.02 MB
Available Pagefile: 61326.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:196.95 GB) (Free:70.38 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:783.49 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.19 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:8.39 GB) (Free:0.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B24A40BE)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 32DE670F)

Partition: GPT Partition Type.

==================== End Of Log ============================

Again i thank you for your time.

#5
BrianDrab

Posted 22 October 2014 - 01:05 PM

Trusted Helper

Malware Removal
3,591 posts

OK, let's get you cleaned up. First a few warnings/notes.

Step#1 - Warnings

The Dangers of P2P Programs

IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.

Although Optional, my recommendation is to uninstall the following Peer-to-Peer program(s): uTorrent

CCleaner
I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good.

Spybot Search & Destroy
I see that you have Spybot Search & Destroy. This program can conflict with our fixes. Please disable Tea Timer while performing any of my instructions. You can re-enable it when we are all done. Instructions for that are here. If you decide to uninstall the program, first Undo your immunization before uninstalling. You can do that by clicking the Undo button with Spybot S&D and then remove from Add/Remove programs.

Step#2 - Create a Restore Point

1. Press the Windows Flag key on your keyboard to bring up your Start Screen.

2. Type restore point and then click on Create a restore point that comes up in the search results.

3. Click Create in the System Properties window.

4. Type G2G for the name of the restore point and click Create.

5. You will receive a message that the restore point was successfully created. Just click Close and then close the system properties box.

Step#3 - FRST Fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. fixlist.txt 1.14KB 160 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).

2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

Step#4 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Clean"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

Items for your next post

1. FRST Fix Log

2. AdwCleaner log

3. How's your machine doing?

#6
blaze1940

Posted 22 October 2014 - 08:54 PM

Member

Topic Starter
Member
15 posts

My computer is running fine as far as i am aware, Firefox is usable again without the hijacked browser settings. Boot time is amazing but that could be because of the SSD, Apart from that i have no other problems that i am aware of will still post to this site if more logs are needed.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-10-2014
Ran by Blaze at 2014-10-23 12:41:48 Run:1
Running from C:\Users\Blaze\Desktop
Loaded Profiles: UpdatusUser & Blaze (Available profiles: UpdatusUser & Blaze)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [FAStartup] => [X]
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
C:\Program Files (x86)\SearchProtect
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid=EB_ORIGINAL_CTID&ISID=M2A9C36ED-9869-4AB3-8148-740E9867D53A&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP304EBBF1-C4A9-4C4A-A1FC-70BF84B3AE1C
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\searchplugins\trovi-search.xml
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
EmptyTemp:

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\FAStartup => value deleted successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Value Data removed successfully.
C:\Program Files (x86)\SearchProtect => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
Firefox newtab deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Users\Blaze\AppData\Roaming\Mozilla\Firefox\Profiles\dcirr95b.default-1408839995113\searchplugins\trovi-search.xml => Moved successfully.
SPPD => Service deleted successfully.
EmptyTemp: => Removed 66.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

# AdwCleaner v4.001 - Report created 23/10/2014 at 12:47:56
# DB v2014-10-21.1
# Updated 20/10/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Blaze - BLAZE
# Running from : C:\Users\Blaze\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Blaze\Desktop\Tutorials

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v32.0.3 (x86 en-GB)

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [804 octets] - [23/10/2014 12:47:13]
AdwCleaner[S0].txt - [721 octets] - [23/10/2014 12:47:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [780 octets] ##########

And again thank you for the fast reply

#7
BrianDrab

Posted 23 October 2014 - 05:28 AM

Trusted Helper

Malware Removal
3,591 posts

I'm happy things are looking good.

will still post to this site if more logs are needed.

I appreciate that. I'd like to ensure there isn't anything malicious that is still hiding. Please do the following.

Step#1 - Malwarebytes Scan

Download Malwarebytes to your desktop from here.
Right-click on the file that is downloaded to your desktop and select Run as administrator.
Select the appropriate language and click OK.
Click Next.
Select "I accept the agreement" and click Next.
Click Next
Change the install path if desired. Normally you will keep this as is. Click Next.
Click Next again.
Click Next again.
Click Install.
Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
Click Finish
If an update is found you will be prompted to download and install. Go ahead.
Click the Scan button at the top of the form and then click Scan Now.
If anything is detected, there will be an Apply Actions button. Please click this.
Once the scan completes click the View detailed log link.
Then click the Copy to clipboard button and paste into your next post.

Step#2 - Security Check

1. Download Security Check from here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.
NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

Items for your next post
1. Malwarebytes log
2. Security Check log

#8
blaze1940

Posted 24 October 2014 - 03:30 AM

Member

Topic Starter
Member
15 posts

Sorry i havent got back to you, i have been at school.

here is the malware bytes scan data:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 24-Oct-14
Scan Time: 7:21:29 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.10.24.03
Rootkit Database: v2014.10.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Blaze

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 417756
Time Elapsed: 3 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [f58ea573007c181e559e81105da7a55b],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [1f646daba1db3cfaf8fa4c45f31103fd],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\SPVCLdr64.dll, Quarantined, [067dae6a6c10c5715d10bbe7c041f010],
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [6d1651c7413b4cea34c2f49db153c838],

Physical Sectors: 0
(No malicious items detected)

(end)

Results of screen317's Security Check version 0.99.89
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 71
Java version out of Date!
Adobe Flash Player 15.0.0.152
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 32.0.3 Firefox out of Date!
Google Chrome 37.0.2062.124
Google Chrome 38.0.2125.104
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

#9
blaze1940

Posted 24 October 2014 - 03:46 AM

Member

Topic Starter
Member
15 posts

after running the scans i have found that my browser is slowing up and something is not right. not sure why though, thought you might want to hear that

#10
BrianDrab

Posted 24 October 2014 - 04:03 AM

Trusted Helper

Malware Removal
3,591 posts

If you haven't rebooted your computer after the scans please do and let me know if all is well. Thanks.

#11
blaze1940

Posted 24 October 2014 - 04:07 AM

Member

Topic Starter
Member
15 posts

i have rebooted it a couple times, still acting up

#12
blaze1940

Posted 24 October 2014 - 04:09 AM

Member

Topic Starter
Member
15 posts

when it slows my internet my wifi spikes something horrid, not sure how to show it to you though

#13
blaze1940

Posted 24 October 2014 - 04:16 AM

Member

Topic Starter
Member
15 posts

#14
blaze1940

Posted 24 October 2014 - 04:17 AM

Member

Topic Starter
Member
15 posts

never has my wifi, disk and acpu been that high with so little processes running, my computer shouldnt slow or anything, i have ran many 3d modelling programs, websites and photoshop and it hasnt spiked this large.

would there be a reason why?