Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Possible Virus - I want to give my computer a thorough check through t

Started by USSVoyager , Jan 12 2015 05:09 PM

  • This topic is locked This topic is locked

#1
USSVoyager
Posted 12 January 2015 - 05:09 PM

USSVoyager

    Member

  • Member
  • PipPip
  • 10 posts

My GMail (& Steam) was compromised earlier today and I want to make sure there's no trace of the virus on my system, just to be on the safe side. I'm also having my network driver randomly cut out but I believe that's most likely down to a faulty driver but I just wanted to make note of it anyway.

 

 

 

 

OTL logfile created on: 12/01/2015 23:04:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Lewis\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.87 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 30.27% Memory free
15.37 Gb Paging File | 11.69 Gb Available in Paging File | 76.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.45 Gb Total Space | 37.19 Gb Free Space | 33.37% Space Free | Partition Type: NTFS
Drive D: | 350.00 Mb Total Space | 88.39 Mb Free Space | 25.26% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 547.09 Gb Free Space | 58.73% Space Free | Partition Type: NTFS
 
Computer Name: LEWISPC | User Name: Lewis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/01/12 22:57:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lewis\Desktop\OTL.exe
PRC - [2015/01/05 05:16:16 | 000,846,624 | ---- | M] (Glarysoft Ltd) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
PRC - [2014/12/13 00:47:37 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/12/13 00:13:07 | 002,531,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/12/13 00:13:04 | 001,701,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/12/06 01:50:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/10/21 17:52:24 | 022,869,088 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/10/07 16:33:10 | 000,457,216 | ---- | M] (Skillbrains) -- C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\5.1.4.15\Lightshot.exe
PRC - [2014/08/28 03:00:02 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/08/28 02:51:20 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/07/27 22:14:36 | 002,404,352 | ---- | M] (Don HO [email protected]) -- C:\Program Files (x86)\Notepad++\notepad++.exe
PRC - [2014/03/20 10:43:04 | 000,398,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2014/03/20 10:43:02 | 000,154,584 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/01/12 22:04:25 | 001,175,040 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._core_.pyd
MOD - [2015/01/12 22:04:25 | 001,160,704 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\_ssl.pyd
MOD - [2015/01/12 22:04:25 | 001,062,400 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._controls_.pyd
MOD - [2015/01/12 22:04:25 | 000,811,008 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._windows_.pyd
MOD - [2015/01/12 22:04:25 | 000,805,888 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._gdi_.pyd
MOD - [2015/01/12 22:04:25 | 000,735,232 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._misc_.pyd
MOD - [2015/01/12 22:04:25 | 000,713,216 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\_hashlib.pyd
MOD - [2015/01/12 22:04:25 | 000,686,080 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\unicodedata.pyd
MOD - [2015/01/12 22:04:25 | 000,557,056 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\pysqlite2._sqlite.pyd
MOD - [2015/01/12 22:04:25 | 000,525,640 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\windows._lib_cacheinvalidation.pyd
MOD - [2015/01/12 22:04:25 | 000,364,544 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\pythoncom27.dll
MOD - [2015/01/12 22:04:25 | 000,320,512 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32com.shell.shell.pyd
MOD - [2015/01/12 22:04:25 | 000,167,936 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32gui.pyd
MOD - [2015/01/12 22:04:25 | 000,128,512 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\_elementtree.pyd
MOD - [2015/01/12 22:04:25 | 000,127,488 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\pyexpat.pyd
MOD - [2015/01/12 22:04:25 | 000,122,368 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._wizard.pyd
MOD - [2015/01/12 22:04:25 | 000,119,808 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32file.pyd
MOD - [2015/01/12 22:04:25 | 000,110,080 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\PyWinTypes27.dll
MOD - [2015/01/12 22:04:25 | 000,108,544 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32security.pyd
MOD - [2015/01/12 22:04:25 | 000,098,816 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32api.pyd
MOD - [2015/01/12 22:04:25 | 000,087,552 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\_ctypes.pyd
MOD - [2015/01/12 22:04:25 | 000,078,336 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._animate.pyd
MOD - [2015/01/12 22:04:25 | 000,070,656 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\wx._html2.pyd
MOD - [2015/01/12 22:04:25 | 000,045,568 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\_socket.pyd
MOD - [2015/01/12 22:04:25 | 000,038,912 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32inet.pyd
MOD - [2015/01/12 22:04:25 | 000,035,840 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32process.pyd
MOD - [2015/01/12 22:04:25 | 000,027,136 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\_multiprocessing.pyd
MOD - [2015/01/12 22:04:25 | 000,025,600 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32pdh.pyd
MOD - [2015/01/12 22:04:25 | 000,024,064 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32pipe.pyd
MOD - [2015/01/12 22:04:25 | 000,022,528 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32ts.pyd
MOD - [2015/01/12 22:04:25 | 000,018,432 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32event.pyd
MOD - [2015/01/12 22:04:25 | 000,017,408 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32profile.pyd
MOD - [2015/01/12 22:04:25 | 000,011,264 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\win32crypt.pyd
MOD - [2015/01/12 22:04:25 | 000,010,240 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\select.pyd
MOD - [2015/01/12 22:04:25 | 000,007,168 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Temp\_MEI43202\hashobjs_ext.pyd
MOD - [2015/01/05 05:18:02 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
MOD - [2014/12/06 01:50:52 | 000,146,760 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll
MOD - [2014/12/06 01:50:51 | 014,913,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
MOD - [2014/12/06 01:50:50 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
MOD - [2014/12/06 01:50:46 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
MOD - [2014/12/06 01:50:45 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
MOD - [2014/12/06 01:50:44 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
MOD - [2014/09/25 09:53:38 | 006,572,360 | ---- | M] () -- C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdm.dll
MOD - [2014/09/06 16:44:46 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2014/08/28 02:51:21 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/08/28 02:51:20 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014/05/24 16:41:24 | 000,892,416 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
MOD - [2014/05/24 16:41:24 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
MOD - [2014/01/06 23:42:32 | 001,611,264 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
MOD - [2011/07/18 21:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/12/13 00:13:04 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/12/13 00:13:03 | 019,823,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/10/31 04:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/15 12:56:22 | 000,328,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/10/14 19:33:28 | 000,174,600 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2014/10/07 01:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/22 03:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/22 03:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/28 02:51:20 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 00:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 00:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 07:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/18 15:27:40 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 15:27:40 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 15:27:35 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 15:27:33 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 15:27:32 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 15:27:30 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/14 06:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 05:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 07:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/01/31 14:42:00 | 000,887,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/08/22 11:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 11:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 11:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 11:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 11:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 10:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 10:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 09:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 09:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 09:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 09:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 09:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 09:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 09:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 09:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2015/01/05 13:06:24 | 001,903,472 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2014/12/13 00:47:37 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/12/13 00:13:04 | 001,701,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/12/09 18:09:06 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/11/18 20:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/11/11 13:50:34 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/10/15 12:56:22 | 000,279,144 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/09/18 14:29:46 | 000,088,400 | ---- | M] (Perfect World Entertainment Inc) [On_Demand | Stopped] -- E:\Arc\Arc\ArcService.exe -- (ArcService)
SRV - [2014/09/09 23:35:04 | 005,278,064 | ---- | M] (Binary Fortress Software) [Auto | Running] -- C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe -- (DisplayFusionService)
SRV - [2014/09/02 15:29:50 | 000,614,624 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/03/20 10:43:04 | 000,398,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014/03/20 10:43:02 | 000,154,584 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014/03/14 06:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 03:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 02:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/01/12 22:04:13 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015/01/12 18:18:04 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/12/13 10:08:08 | 000,039,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvadarm.sys -- (NVVADARM)
DRV:64bit: - [2014/12/13 00:13:03 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/11/22 10:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/11/22 02:51:29 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/11/21 06:14:26 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/11/21 06:14:12 | 000,093,400 | ---- | M] (Malwarebytes Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/10/15 12:56:16 | 004,753,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/10/14 19:33:28 | 000,185,352 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2014/10/13 02:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/13 02:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/13 02:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/10 01:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/09 17:02:39 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/09/22 03:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/22 03:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/22 02:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/09/19 01:58:48 | 000,038,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/09/19 01:58:48 | 000,027,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014/09/09 16:27:58 | 000,142,528 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2014/08/28 02:51:29 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/08/28 02:51:22 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/08/28 02:51:22 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/08/28 02:51:22 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/08/28 02:51:22 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/08/28 02:51:22 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/08/28 02:51:22 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/08/15 00:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/25 10:19:42 | 000,049,776 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv.sys -- (ManyCam)
DRV:64bit: - [2014/07/24 15:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 15:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 11:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/13 13:21:18 | 000,035,440 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2014/05/01 13:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/20 10:43:02 | 000,118,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014/03/20 03:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 15:27:34 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 15:27:30 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 15:27:20 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 15:27:19 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 15:27:18 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 15:27:18 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 15:27:18 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 15:27:18 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 15:10:07 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/03/13 12:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 20:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/07 08:26:44 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/01/07 09:02:04 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2013/08/22 13:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 13:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 12:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 12:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 12:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 12:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 12:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 12:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 12:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 12:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 12:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 12:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 12:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 12:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 12:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 12:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 12:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 12:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 12:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 12:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 12:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 12:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 12:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 12:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 12:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 12:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 12:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 12:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 12:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 11:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 11:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 11:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 11:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 11:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 11:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 11:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 11:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 11:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 11:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 11:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 11:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 11:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 11:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 11:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 11:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 11:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 11:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 11:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 11:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 11:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 08:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 23:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 00:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 18:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 19:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 14:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2013/04/24 09:17:38 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/18 07:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV - [2015/01/12 00:14:18 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\EEK\bin\cleanhlp64.sys -- (cleanhlp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 BE 86 17 69 C2 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: E:\Arc\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Lewis\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lewis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/28 02:51:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/01/12 23:01:45 | 000,000,000 | ---D | M]
 
[2014/08/28 02:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lewis\AppData\Roaming\Mozilla\Extensions
[2014/12/07 14:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lewis\AppData\Roaming\Mozilla\Firefox\Profiles\q2d04hdp.default\extensions
[2014/08/28 02:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/11/11 13:50:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\3.1_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped\6.6_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apmlngnhgbnjpajelfkmabhkfapgnoai\1.2_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng\1.6.226_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme\3.8_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.16.2_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.79_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe\1.0.0.6_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn\2.0_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.5.4_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojcphfdgpombpjbaphohhfalnbpjlpf\1_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookngkjbobceimcicokadhjonlejhobj\1.1.4_0\
 
O1 HOSTS File: ([2013/08/22 13:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (ArcPluginIEBHO Class) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - E:\Arc\Arc\Plugins\ArcPluginIE.dll File not found
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DelaypluginInstall] C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe File not found
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe (Dxtory Software)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_3BAC32AADE80AF6F1FCA1E64FC802131] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKCU..\Run: [LightShot] C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKCU..\Run: [TeamSpeak 3 Client] C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD3BEB8B-9D03-47D6-BFFC-3F6EE3710D9F}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\WSISAllmytubechrome - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\WSISAllmytubechrome - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/01/12 23:00:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/01/12 22:57:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lewis\Desktop\OTL.exe
[2015/01/12 19:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2015/01/12 19:03:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2015/01/12 18:55:48 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2015/01/12 18:42:07 | 000,000,000 | ---D | C] -- C:\EEK
[2015/01/12 18:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2015/01/12 18:18:04 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2015/01/12 18:18:04 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\GlarySoft
[2015/01/12 18:18:04 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\DiskDefrag
[2015/01/12 18:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2015/01/12 18:15:58 | 000,000,000 | ---D | C] -- C:\Users\Lewis\Desktop\Logs
[2015/01/12 16:19:07 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
[2015/01/12 16:19:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2015/01/11 19:12:13 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/01/11 18:15:27 | 000,000,000 | ---D | C] -- C:\FRST
[2015/01/11 18:00:28 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/11 18:00:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/01/11 18:00:22 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/01/11 18:00:22 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/01/11 18:00:22 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/01/11 18:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/01/11 10:39:19 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\Genymobile
[2015/01/11 10:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
[2015/01/10 17:30:53 | 000,061,440 | ---- | C] (Gary's Hood) -- C:\Users\Lewis\Desktop\rsclient.exe
[2015/01/10 12:18:55 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\Android
[2015/01/10 12:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015/01/10 12:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/01/10 12:09:17 | 000,000,000 | ---D | C] -- C:\Users\Lewis\.gradle
[2015/01/10 12:09:08 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AndroidStudioProjects
[2015/01/10 12:03:51 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\JetBrains
[2015/01/10 12:03:27 | 000,000,000 | ---D | C] -- C:\Users\Lewis\.AndroidStudio
[2015/01/10 12:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
[2015/01/10 11:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2015/01/10 07:31:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GPBAK
[2015/01/09 07:44:10 | 000,000,000 | ---D | C] -- C:\Users\Lewis\Desktop\sliders
[2015/01/09 04:14:51 | 000,000,000 | ---D | C] -- C:\Users\Lewis\Documents\Outlook Files
[2015/01/07 06:24:11 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\Classic Bridge.scr
[2015/01/07 06:24:07 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\ST Movie Computer.scr
[2015/01/07 06:24:05 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\1701A.scr
[2015/01/07 06:23:46 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\Captain Sulu.scr
[2015/01/07 06:23:11 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\Voyager LCARS 8472.scr
[2015/01/07 06:23:08 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\USS Pathfinder.scr
[2015/01/07 06:22:46 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\Voyager Master LCARS.scr
[2015/01/06 18:54:56 | 001,291,528 | ---- | C] (Mojang) -- C:\Users\Lewis\Desktop\Minecraft.exe
[2015/01/05 13:13:20 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\Electronic_Arts_Inc
[2015/01/05 13:08:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World
[2015/01/05 06:10:49 | 000,000,000 | ---D | C] -- C:\Users\Lewis\Desktop\FTB
[2015/01/02 08:17:27 | 000,000,000 | ---D | C] -- C:\.jagex_cache_32
[2015/01/02 08:16:24 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
[2015/01/02 08:16:23 | 000,000,000 | ---D | C] -- C:\Users\Lewis\jagexcache
[2014/12/31 19:21:17 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\iSkysoft
[2014/12/31 19:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iSkysoft
[2014/12/31 19:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\iSkysoft iTube Studio
[2014/12/31 19:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\iSkysoft Application Common Data
[2014/12/31 19:21:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iSkysoft
[2014/12/29 05:10:35 | 000,104,360 | ---- | C] (Goldshell Digital Media) -- C:\Windows\Ds9 V1.9.scr
[2014/12/28 04:37:15 | 000,000,000 | -HSD | C] -- C:\Boot
[2014/12/28 04:37:08 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/12/27 19:07:39 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\.StarMade
[2014/12/25 03:58:31 | 000,000,000 | ---D | C] -- C:\Users\Lewis\Desktop\Stuff
[2014/12/21 23:15:03 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\SKIDROW
[2014/12/21 22:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2014/12/19 00:38:24 | 000,000,000 | ---D | C] -- C:\Users\Lewis\Documents\EVE
[2014/12/18 00:20:01 | 000,000,000 | ---D | C] -- C:\Users\Lewis\.chunky
[2014/12/18 00:19:51 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chunky
[2014/12/18 00:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chunky
[2014/12/16 16:30:10 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\ElevatedDiagnostics
[2014/12/15 20:57:16 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
[2014/12/15 19:51:45 | 000,000,000 | ---D | C] -- C:\Users\Lewis\AppData\Local\CCP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/01/12 22:57:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lewis\Desktop\OTL.exe
[2015/01/12 22:56:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/12 22:10:09 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/12 22:10:09 | 000,734,492 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/12 22:10:09 | 000,139,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/12 22:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/01/12 22:05:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/01/12 22:04:40 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/01/12 22:04:13 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/12 22:03:41 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/12 22:03:33 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/01/12 22:03:32 | 3326,128,128 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/12 20:01:34 | 000,397,064 | ---- | M] () -- C:\Users\Lewis\Desktop\Logs.zip
[2015/01/12 20:00:58 | 000,003,184 | ---- | M] () -- C:\bootsqm.dat
[2015/01/12 18:18:04 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2015/01/11 19:09:11 | 000,000,000 | ---- | M] () -- C:\Users\Lewis\defogger_reenable
[2015/01/11 18:00:23 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/01/11 17:58:23 | 005,241,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/01/11 12:16:10 | 001,653,997 | ---- | M] () -- C:\Users\Lewis\Desktop\ApplicationTemplateNightfall.psd
[2015/01/10 19:59:26 | 000,001,754 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2015/01/10 17:30:52 | 000,061,440 | ---- | M] (Gary's Hood) -- C:\Users\Lewis\Desktop\rsclient.exe
[2015/01/07 06:24:11 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\Classic Bridge.scr
[2015/01/07 06:24:07 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\ST Movie Computer.scr
[2015/01/07 06:24:05 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\1701A.scr
[2015/01/07 06:23:46 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\Captain Sulu.scr
[2015/01/07 06:23:11 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\Voyager LCARS 8472.scr
[2015/01/07 06:23:08 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\USS Pathfinder.scr
[2015/01/07 06:22:46 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\Voyager Master LCARS.scr
[2015/01/07 06:15:26 | 000,000,690 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4.lnk
[2015/01/07 06:15:26 | 000,000,674 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
[2015/01/06 18:54:49 | 001,291,528 | ---- | M] (Mojang) -- C:\Users\Lewis\Desktop\Minecraft.exe
[2015/01/02 08:42:46 | 000,000,023 | ---- | M] () -- C:\Users\Lewis\jagexappletviewer.preferences
[2015/01/02 08:26:18 | 000,000,024 | ---- | M] () -- C:\Users\Lewis\random.dat
[2015/01/02 08:17:29 | 000,000,044 | ---- | M] () -- C:\Users\Lewis\jagex_cl_runescape_LIVE.dat
[2014/12/29 05:10:35 | 000,104,360 | ---- | M] (Goldshell Digital Media) -- C:\Windows\Ds9 V1.9.scr
[2014/12/29 05:10:35 | 000,028,672 | ---- | M] () -- C:\Windows\gscr.dll
[2014/12/28 16:09:17 | 000,000,064 | ---- | M] () -- C:\Users\Lewis\.atl.properties
[2014/12/27 17:52:40 | 000,000,154 | ---- | M] () -- C:\Users\Lewis\sto-dps-settings.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/01/12 20:01:34 | 000,397,064 | ---- | C] () -- C:\Users\Lewis\Desktop\Logs.zip
[2015/01/12 20:00:58 | 000,003,184 | ---- | C] () -- C:\bootsqm.dat
[2015/01/12 18:18:06 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2015/01/12 18:18:05 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2015/01/11 19:09:11 | 000,000,000 | ---- | C] () -- C:\Users\Lewis\defogger_reenable
[2015/01/11 18:00:23 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/01/11 12:15:59 | 001,653,997 | ---- | C] () -- C:\Users\Lewis\Desktop\ApplicationTemplateNightfall.psd
[2015/01/10 07:31:38 | 000,034,871 | ---- | C] () -- C:\Windows\SysWow64\gpedit.msc
[2015/01/07 06:15:26 | 000,000,690 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 4.lnk
[2015/01/02 08:17:29 | 000,000,044 | ---- | C] () -- C:\Users\Lewis\jagex_cl_runescape_LIVE.dat
[2015/01/02 08:17:25 | 000,000,023 | ---- | C] () -- C:\Users\Lewis\jagexappletviewer.preferences
[2015/01/02 08:16:24 | 000,002,106 | ---- | C] () -- C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
[2014/12/29 05:10:35 | 000,028,672 | ---- | C] () -- C:\Windows\gscr.dll
[2014/12/29 00:50:09 | 000,834,880 | ---- | C] () -- C:\Windows\SysNative\nvmcumd.dll
[2014/12/23 01:34:43 | 000,000,154 | ---- | C] () -- C:\Users\Lewis\sto-dps-settings.ini
[2014/11/08 10:43:15 | 000,186,368 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/11/08 10:43:14 | 016,810,624 | ---- | C] () -- C:\Windows\SysWow64\igd11dxva32.dll
[2014/10/25 16:37:11 | 000,001,754 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014/10/24 12:25:34 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2014/10/23 14:51:00 | 001,065,984 | ---- | C] () -- C:\Users\Lewis\AppData\Local\file__0.localstorage
[2014/10/01 07:23:30 | 000,145,792 | ---- | C] () -- C:\Users\Lewis\AppData\Local\downloader.exe
[2014/09/04 09:37:44 | 000,000,059 | ---- | C] () -- C:\Users\Lewis\rn_cl_Provenance 742_LIVE.dat
[2014/09/04 09:22:07 | 000,000,042 | ---- | C] () -- C:\Users\Lewis\matrix_cl_matrix_LIVE.dat
[2014/09/04 09:12:05 | 000,000,046 | ---- | C] () -- C:\Users\Lewis\noregret_cl_noregret_LIVE.dat
[2014/09/04 09:12:05 | 000,000,024 | ---- | C] () -- C:\Users\Lewis\random.dat
[2014/08/28 20:58:30 | 000,000,064 | ---- | C] () -- C:\Users\Lewis\.atl.properties
[2014/08/28 04:24:44 | 000,007,606 | ---- | C] () -- C:\Users\Lewis\AppData\Local\resmon.resmoncfg
[2014/08/27 20:18:50 | 000,000,436 | ---- | C] () -- C:\Users\Lewis\AppData\Local\UserProducts.xml
[2014/03/18 15:27:42 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 15:27:21 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/22 15:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 15:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 14:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 07:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 03:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 23:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 23:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2014/08/31 08:15:15 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/31 00:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 22:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 09:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 02:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 09:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2015/01/12 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\.minecraft
[2015/01/12 18:10:26 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\.StarMade
[2014/08/28 20:56:48 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\.technic
[2014/12/24 03:45:20 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Advanced Combat Tracker
[2014/09/28 19:35:37 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Arc
[2015/01/12 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Audacity
[2014/08/28 02:55:01 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\AVAST Software
[2014/11/19 18:12:20 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Battle.net
[2015/01/12 23:00:15 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\ClassicShell
[2014/10/27 18:36:37 | 000,000,000 | -HSD | M] -- C:\Users\Lewis\AppData\Roaming\Common
[2015/01/12 18:18:04 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\DiskDefrag
[2014/10/26 12:16:47 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\DisplayFusion
[2014/10/25 14:58:24 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\FileZilla
[2014/08/28 02:42:55 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Foxit Software
[2015/01/12 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\ftblauncher
[2015/01/12 18:18:04 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\GlarySoft
[2014/09/28 21:13:10 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Guild Wars 2
[2014/11/16 19:22:54 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\java
[2015/01/10 12:03:51 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\JetBrains
[2014/09/23 00:05:11 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\ManyCam
[2014/10/19 12:57:31 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\MAXON
[2014/08/29 07:17:20 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Notepad++
[2014/09/01 16:08:47 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\OpenOffice
[2015/01/05 13:07:00 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Origin
[2014/08/30 13:12:57 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\PACE Anti-Piracy
[2014/08/30 13:10:38 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Publish Providers
[2014/11/29 10:43:37 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\raidcall
[2014/10/28 20:42:22 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\SketchUp
[2014/09/14 13:30:26 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Sony
[2015/01/12 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\SpaceEngineers
[2015/01/12 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Spotify
[2014/09/03 06:06:44 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\STO Keybind App
[2014/11/27 21:25:34 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\StoDemoLauncher
[2015/01/09 04:14:53 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\TeamViewer
[2015/01/12 22:51:01 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\TS3Client
[2014/11/23 01:07:01 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\ts3overlay
[2014/12/09 20:23:53 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Unity
[2015/01/11 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\uTorrent
[2014/10/26 20:41:32 | 000,000,000 | ---D | M] -- C:\Users\Lewis\AppData\Roaming\Wargaming.net
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1080 bytes -> C:\Users\Lewis\AppData\Local\9ARjL9Jf:I6S2zDkeAndFXLO2V4WObFmO7rK5v
 
< End of report >
 

Edited by USSVoyager, 12 January 2015 - 05:19 PM.

  • 0

Advertisements

#2
ruggie_uk
Posted 13 January 2015 - 08:45 AM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Greetings USSVoyager and :welcome:

My nickname is Ruggie and I will be assisting you in cleaning your computer.
Please be aware I am currently in the final stages of training right now and all my work will be checked by an instructor so there may be a slight delay between posts. The added benefit to this is that you will have 2 sets of eyes looking at your problem so you can be assured you will get the best possible help.

  • Malware removal can be a long process and will at times get complicated with multiple steps to perform to ensure that your system is no longer infected.
  • When we start the process, the list of instructions must be followed closely, it may seem difficult at times but it is important that you stay with me until your computer is declared clean.
  • If you are receiving help elsewhere, please let me know so we can close this thread and help someone else.

stop32.png Before going any further, I recommend that you print out (or save to a file) these guidelines and also the instructions when I post them, as part of the repair process may involve going into safe mode and therefore you will not have internet access.

The following guidelines are important but the ones highlighted in RED are of the highest importance and must not be skipped.

right-grn.pngPlease be aware, the fixes we perform are specific to this machine, at this moment in time. They must not be used on another computer or unsupervised at another time. This can render your computer unbootable.

right-grn.pngIf at all possible, Make backups of all your important files, whilst we will do our best to ensure that no files are lost or damaged, sometimes things can go wrong.

right-grn.png I will do everything in my power to ensure that this clean is successful, but occasionally failure hits us all. In this event, please have your original installation disks to hand and be prepared to have to format and reinstall your computer.

right-grn.png Refrain from using any tool that hasn't been instructed as it could alter the process that we are working through and cause further problems. Also only use the tools I instruct in the manner provided as they are very powerful and if not used properly can cause even more problems. It is best if you can avoid using the computer at all, apart from to perform the cleaning steps to ensure that any infections aren't spread.

right-grn.png Please stick with me until the end. malware removal is difficult and time consuming. We have to analyse hundreds of lines in log files. This takes time which we give freely so I ask that you do us the courtesy of seeing it through.

right-grn.png Only paste the contents of log files into your reply, DO NOT attach any log files unless requested to do so.

right-grn.png If you have any questions or get stuck, stop and ask....I am here to help you make this go as smoothly as possible.

right-grn.png If you do not reply within 3 days, your topic will be closed. It can be reopened if you ask. But if you plan on being gone for a longer period, just let me know and I will hold it open for you.

Ready? Now lets get to work

 

Due to this being a Windows 8 Machine - we are better using fresh tools.

Initial FRST Scan

Please download Farbar Recovery Scan Tool and save it to your Desktop. There will be 2 versions offered, if you know which version is the one you need, download that one, if not, download both, only one will work on your computer, that is the one you need.

  • Right click frst.png to run as administrator. >> Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to the disclaimer.
  • Ensure that the following are ticked as in the image below


Drivers MD5
Shortcut.txt
Addition.txt

frst-addition.png
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • This will also generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


Items I need to see in your next post:

  • FRST.txt
  • Shortcut.txt
  • Addition.txt

 


  • 1

#3
USSVoyager
Posted 13 January 2015 - 09:14 AM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Lewis (administrator) on LEWISPC on 13-01-2015 15:12:34
Running from C:\Users\Lewis\Desktop
Loaded Profile: Lewis (Available profiles: Lewis)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\5.1.4.15\Lightshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-28] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\iTube Studio\DelayPluginI.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Run: [GoogleChromeAutoLaunch_3BAC32AADE80AF6F1FCA1E64FC802131] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Run: [LightShot] => C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] ()
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [10725320 2014-08-04] (TeamSpeak Systems GmbH)
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-01-05] (Glarysoft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> E:\Arc\Arc\Plugins\ArcPluginIE.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: WSISAllmytubechrome - No CLSID Value
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Lewis\AppData\Roaming\Mozilla\Firefox\Profiles\q2d04hdp.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> E:\Arc\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lewis\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3510865584-56101363-2820924693-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lewis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-28]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "https://www.neobux.com/m/l/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-28]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-08-27]
CHR Extension: (Google Search) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-28]
CHR Extension: (Netflix) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2014-08-27]
CHR Extension: (ZenMate) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-11-16]
CHR Extension: (AdBlock) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-11]
CHR Extension: (Voice Recognition) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2014-12-24]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-01-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Star Trek USS ENTERPRISE NCC 1701-E) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojcphfdgpombpjbaphohhfalnbpjlpf [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-28]
CHR Extension: (Sky+) - C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookngkjbobceimcicokadhjonlejhobj [2014-08-27]
CHR HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lewis\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-01-11]
CHR HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-28]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ArcService; E:\Arc\Arc\ArcService.exe [88400 2014-09-18] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-28] (AVAST Software)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5278064 2014-09-09] (Binary Fortress Software)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-09-02] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-15] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-05] (Electronic Arts)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-28] ()
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-12] (Emsisoft GmbH)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-12] (Glarysoft Ltd)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys 9539F7917B4B6D92C90F0FAA6B86C605
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 374E27295F0A9DCAA8FC96370F9BEEA5
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys 8E8E34B7BA059050EED827410D0697A2
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 04951A9A937CBE28A2D3FEEA360B6D1F
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\system32\drivers\aswHwid.sys D95E64416A4A3ED6986E0F474DA934BD
C:\Windows\system32\drivers\aswMonFlt.sys FF1E537A3632CBB9A0BF72B9FD0878D5
C:\Windows\system32\drivers\aswRdr2.sys A5757DE5F9C83AB40667A53D5126EA40
C:\Windows\System32\Drivers\aswRvrt.sys 645D97385F3F284FB5604F9B970F4D24
C:\Windows\system32\drivers\aswSnx.sys CB3FC6732A50513EFC93B6E2495CF94A
C:\Windows\system32\drivers\aswSP.sys 0DEDC041DF594AEC2C3BD00417CFAF60
C:\Windows\system32\drivers\aswStm.sys 48DED912CDE54FC0923B9858512366E1
C:\Windows\System32\Drivers\aswVmm.sys 471A311745848B80339436688A8286E6
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\bthhfenum.sys 746B9F94214915AECDE4B7FEA5FF9664
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\System32\drivers\bthmodem.sys 66B791F6B11DC4303DD18A224A501542
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\EEK\bin\cleanhlp64.sys B794DCF38C965FA2F93C45A7C3D582C5
C:\Windows\System32\drivers\CLFS.sys 179A41249055D5F039F1B6703F3B6D2B
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 4E1207CE16E615B0B7A70DC889F4500E
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93
C:\Windows\System32\drivers\dc3d.sys 7AF9DAC504FBD047CBC3E64AE52C92BF
C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys DDC11A202207C0400CBE07315B8FDE5E
C:\Windows\System32\drivers\dxgkrnl.sys 313DCE665B57000B18CB26C6B6A10DFE
C:\Windows\system32\DRIVERS\e1i63x64.sys FA988D76745C917CDFE20031C06DE860
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys 6592D192E2823C043EDBC010E7774053
C:\Windows\System32\drivers\FsDepends.sys 35005534E600E993A90B036E4E599F2B
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\Windows\System32\drivers\GUBootStartup.sys 0636745A40DEA06283D45885C228AF01
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 9DDCA7F18983C5410DEFF79F819DF93C
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 84CFC5EFA97D0C965EDE1D56F116A541
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\DRIVERS\igdkmd64.sys 09F8023A17EE9EB0897A1B195428192B
C:\Windows\system32\drivers\intelaud.sys CF25067821BB89E87021E9493C178863
C:\Windows\system32\DRIVERS\IntcDAud.sys 8E4044C6B71B2F837166F6EDB6BF9100
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys A770340FC02B999EF0DE6C2A6BC8437C
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9C096BF5E10CA8BFA56F32522A89FAF1
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E
C:\Windows\System32\drivers\iwdbus.sys 2DB1E2AE4A0DE62026296F0A6C29F3F5
C:\Windows\System32\drivers\kbdclass.sys 8BE92376799B6B44D543E8D07CDCF885
C:\Windows\System32\drivers\kbdhid.sys FB6E47E569D4872ABEB506BE03A45FBA
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys ADDECBCC777665BD113BED437E602AB0
C:\Windows\System32\Drivers\ksecpkg.sys 6D2EE96150E35B9EA49F2B481DE0369A
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\Windows\system32\DRIVERS\mcvidrv.sys 562F2CD3DA6BEAE5DE37ED2E79F8F729
C:\Windows\system32\drivers\mbamchameleon.sys 478CC94C937D235CB0A96AB8F2359D81
C:\Windows\system32\drivers\mbam.sys CA43F8904E24BBE49982E4C0B29E6579
C:\Windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3
C:\Windows\system32\drivers\mwac.sys 9D7BFFDB5FA62B600DF1FCB4919D9D79
C:\Windows\system32\drivers\mcaudrv_x64.sys 4C017AF4CBC57A36C75A270184CC86CB
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\system32\DRIVERS\TeeDriverx64.sys 8751062F2F7EC78DE92D778A08099DDE
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys CEAC6D40FE887CE8406C2393CF97DE06
C:\Windows\System32\drivers\mouhid.sys 02D98BF804084E9A0D69D1C69B02CCA9
C:\Windows\System32\drivers\mountmgr.sys 515549560D481138E6E21AF7C6998E56
C:\Windows\System32\drivers\mpsdrv.sys F170510BE94CF45E3C6274578F6204B2
C:\Windows\system32\drivers\mrxdav.sys 1D55DADC22D21883A2F80297F5A5AE48
C:\Windows\System32\DRIVERS\mrxsmb.sys 7A1A3F213CDB3363D179D5014272025D
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E
C:\Windows\System32\DRIVERS\mrxsmb20.sys C910E5D18958914A66F0E45689D0B40A
C:\Windows\system32\DRIVERS\bridge.sys E0927EFA25D473367C3341B9F5969779
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 375E44168F2DFB91A68B8A3F619C5A7C
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys 26ACA481FAFEC59FE311D719E3027BBA
C:\Windows\System32\drivers\ndis.sys E4B4BE2D7750849C07589DA0B0AABA01
C:\Windows\system32\DRIVERS\ndiscap.sys C6BB12BC35D1637CA17AE16D3A4725EB
C:\Windows\system32\DRIVERS\NdisImPlatform.sys B1AA3B19A2E596A59224F893E01A5A75
C:\Windows\system32\DRIVERS\ndistapi.sys 9423421E735BD5394351E0C47C76BB92
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys A5BD69A8812FA79D1A487691DD3FB244
C:\Windows\System32\drivers\Ndu.sys 5A072F0B90C29C5233D78BE33EF5ED78
C:\Windows\System32\DRIVERS\netbios.sys A83D67D347A684F10B7D3019C8A6380C
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\system32\DRIVERS\netvsc63.sys 70414DB660BFBB7BD58FCE8EA4364E1B
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys E490B459978CB87779E84C761D22B827
C:\Windows\System32\Drivers\Ntfs.sys 038C77D577900EE39410662478BB0D50
C:\Windows\System32\drivers\NuidFltr.sys 96ACBF3DDC38A52FEE115F577F36568F
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\system32\drivers\nvhda64v.sys 7E4355930B28C2798D9F09AB9F81151F
C:\Windows\system32\DRIVERS\nvlddmkm.sys ED4D88A04D22E6B00DB6BC8FACDBAFED
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 0C4A0D577A6EF1B9D353851668779944
C:\Windows\system32\drivers\nvvadarm.sys ADD20F47868519DB6987D0946E18EC37
C:\Windows\system32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys EF0C1749C9A8CEE9A457473D433CC00F
C:\Windows\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys 24A8DFC07E4BAF29AEA26E383D4CC886
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys 8528BB05E4D4E25945F78B00B2555FB7
C:\Windows\system32\DRIVERS\qcusbser.sys 65D32E9BBCC9FFD36F2BF38C595D283F
C:\Windows\system32\drivers\qwavedrv.sys 3FB466684609A4329858CF2EBD62E0FD
C:\Windows\System32\DRIVERS\rasacd.sys 2C56F0EE27E4EF70CA4B4983D3638905
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys 9F08A6608F98B5407E7DDBCF306573EF
C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys E515A287C8FAE901EB8FB42F168E14F2
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Program Files\Sandboxie\SbieDrv.sys B38103F1B78072D53EC23AC8287A72C2
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys ABD0237B15DBD2B4695F4B7D734A58F7
C:\Windows\System32\drivers\sdbus.sys 7B7C482CF48E6EE33664340D1A78E6FE
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 0BD2B65DCE756FDE95A2E5CCCBF7705D
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\drivers\spaceport.sys 240C5C3793206725AA05665851E8C214
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys 6416E79A58A8FCC33A447A4DDDD3BF04
C:\Windows\System32\DRIVERS\srv2.sys 5BED3AB69797C8786EF70AEA8C33748B
C:\Windows\System32\DRIVERS\srvnet.sys D047CD668E6277FD80F0C613946F034C
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\DRIVERS\vmstorfl.sys 7A08CEE1535F5A448215634C5EA74E50
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\swenum.sys 84E0F5D41C138C5CC975137A2A98F6D3
C:\Windows\System32\drivers\tcpip.sys CCB3A2BB60FE5073F2DEA63FE83CF8FE
C:\Windows\system32\DRIVERS\tcpip.sys CCB3A2BB60FE5073F2DEA63FE83CF8FE
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys E0088068DCE2EE82897027DDB8E05254
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys B034A41891A36457B994307DFA772293
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\system32\drivers\usbaudio.sys DF355EB0199198728027962DCFCDE5FB
C:\Windows\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\Windows\System32\drivers\usbcir.sys B3D6457D841A0CAEF4C52D88621715F2
C:\Windows\System32\drivers\usbehci.sys 48BA326A3DBA5B5BEB5F2777F4618696
C:\Windows\System32\drivers\usbhub.sys FEF0BC107812B36849741C3211BA6B60
C:\Windows\System32\drivers\UsbHub3.sys 65392F3F3F65E4C6CC82A0F4F8A0B051
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\System32\drivers\USBSTOR.SYS 66732C13628BDB1AB0D6FD46027327C2
C:\Windows\System32\drivers\usbuhci.sys 064260B3A5868AC894A4943543BC7AB7
C:\Windows\System32\drivers\USBXHCI.SYS 48430B0313FC1CFE3D2400553F1A93CD
C:\Windows\system32\DRIVERS\VBoxDrv.sys BC72F198968C1D483435F29ACFAFEA78
C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 8FD4BE594B4247E534E5D7CADA47FF20
C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 7C7B16651E383C828A8FAB2B4E7D144E
C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 97F31032ECA2AA9CD6F456ADEA27EDA4
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys 52E483A3701A5A61A75A06993720347D
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\vmbus.sys C6305BDFC4F7CE51F72BB072C03D4ACE
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 64CA2B4A49A8EAF495E435623ECCE7DB
C:\Windows\System32\drivers\vpci.sys 01355C98B5C3ED1EC446743CDA848FCE
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys 0359607177E5E9F6041136CC0A5CB0B6
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys DE8D12B4C3F55FA2C5E9774314F6C58A
C:\Windows\System32\Drivers\WdNisDrv.sys 4AD874CDC812EC156265E451B6B09DAB
C:\Windows\System32\DRIVERS\wfplwfs.sys BFBE1C5F57FE7A885673A1962D5532B7
C:\Windows\System32\drivers\wimmount.sys 867BCC69ED9C31C501465EB0E8BA9DFA
C:\Windows\system32\DRIVERS\WinUsb.sys AC263C2F66405589528995AA41040599
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys 182561A14F2E93E81E66FE3700D17A5A
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WudfPf.sys D537815E450A149752C15868392AD1F3
C:\Windows\System32\drivers\WUDFRd.sys 7CCBBCEE408A5DBE3FE47297DB5A6CFC
C:\Windows\system32\DRIVERS\WUDFRd.sys 7CCBBCEE408A5DBE3FE47297DB5A6CFC
C:\Windows\system32\DRIVERS\WUDFRd.sys 7CCBBCEE408A5DBE3FE47297DB5A6CFC
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-13 15:11 - 2015-01-13 15:12 - 00045062 _____ () C:\Users\Lewis\Desktop\FRST.txt
2015-01-13 15:08 - 2015-01-13 15:08 - 02124288 _____ (Farbar) C:\Users\Lewis\Desktop\FRST64.exe
2015-01-13 11:55 - 2015-01-13 11:55 - 00000525 _____ () C:\Users\Lewis\Desktop\Backup-codes-askpiratecoffee.txt
2015-01-13 11:10 - 2015-01-13 11:10 - 00000000 ____D () C:\Users\Lewis\Desktop\Games
2015-01-13 11:05 - 2015-01-13 11:05 - 00001071 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-12 23:08 - 2015-01-12 23:08 - 00157466 _____ () C:\Users\Lewis\Desktop\OTL.Txt
2015-01-12 23:02 - 2015-01-12 23:09 - 00103098 _____ () C:\Users\Lewis\Desktop\Extras.Txt
2015-01-12 22:57 - 2015-01-12 22:57 - 00602112 _____ (OldTimer Tools) C:\Users\Lewis\Desktop\OTL.exe
2015-01-12 20:03 - 2015-01-13 13:32 - 00111117 _____ () C:\Windows\WindowsUpdate.log
2015-01-12 20:01 - 2015-01-12 20:01 - 00397064 _____ () C:\Users\Lewis\Desktop\Logs.zip
2015-01-12 19:55 - 2015-01-12 19:55 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-01-12 19:03 - 2015-01-12 19:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-12 18:55 - 2015-01-12 18:55 - 00000000 ____D () C:\Windows\ERUNT
2015-01-12 18:42 - 2015-01-12 18:42 - 00000000 ____D () C:\EEK
2015-01-12 18:37 - 2015-01-12 18:37 - 00000000 _____ () C:\Recovery.txt
2015-01-12 18:18 - 2015-01-13 08:09 - 00000348 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-12 18:18 - 2015-01-13 08:09 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-12 18:18 - 2015-01-12 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-01-12 18:18 - 2015-01-12 18:18 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-01-12 18:18 - 2015-01-12 18:18 - 00002970 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2015-01-12 18:18 - 2015-01-12 18:18 - 00002622 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-12 18:18 - 2015-01-12 18:18 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-12 18:18 - 2015-01-12 18:18 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\GlarySoft
2015-01-12 18:18 - 2015-01-12 18:18 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\DiskDefrag
2015-01-12 16:19 - 2015-01-12 18:25 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2015-01-12 16:19 - 2015-01-12 16:19 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-01-12 05:31 - 2015-01-12 05:41 - 764315600 _____ () C:\Users\Lewis\Downloads\Jan 2015 Fleet Meeting.wav
2015-01-11 19:12 - 2015-01-12 19:06 - 00000000 ____D () C:\AdwCleaner
2015-01-11 19:09 - 2015-01-11 19:12 - 00000472 _____ () C:\Users\Lewis\Desktop\defogger_disable.log
2015-01-11 19:09 - 2015-01-11 19:09 - 00000000 _____ () C:\Users\Lewis\defogger_reenable
2015-01-11 18:15 - 2015-01-13 15:12 - 00000000 ____D () C:\FRST
2015-01-11 18:00 - 2015-01-13 14:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-11 18:00 - 2015-01-11 18:00 - 00001130 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-11 18:00 - 2015-01-11 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-11 18:00 - 2015-01-11 18:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 18:00 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-11 18:00 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-11 18:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-11 10:39 - 2015-01-12 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2015-01-11 10:39 - 2015-01-11 10:57 - 00000000 ____D () C:\Users\Lewis\AppData\Local\Genymobile
2015-01-10 17:30 - 2015-01-10 17:30 - 00061440 _____ (Gary's Hood) C:\Users\Lewis\Desktop\rsclient.exe
2015-01-10 12:18 - 2015-01-10 12:18 - 00000000 ____D () C:\Users\Lewis\AppData\Local\Android
2015-01-10 12:18 - 2015-01-10 12:18 - 00000000 ____D () C:\ProgramData\Sun
2015-01-10 12:09 - 2015-01-10 12:09 - 00000000 ____D () C:\Users\Lewis\AndroidStudioProjects
2015-01-10 12:09 - 2015-01-10 12:09 - 00000000 ____D () C:\Users\Lewis\.gradle
2015-01-10 12:03 - 2015-01-12 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2015-01-10 12:03 - 2015-01-10 12:03 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\JetBrains
2015-01-10 12:03 - 2015-01-10 12:03 - 00000000 ____D () C:\Users\Lewis\.AndroidStudio
2015-01-10 11:59 - 2015-01-12 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-01-10 07:31 - 2015-01-12 18:25 - 00000000 ____D () C:\Windows\SysWOW64\GPBAK
2015-01-10 07:31 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2015-01-10 07:31 - 2001-08-23 13:00 - 00034871 _____ () C:\Windows\SysWOW64\gpedit.msc
2015-01-09 04:14 - 2015-01-12 20:07 - 00000000 ____D () C:\Users\Lewis\Documents\Outlook Files
2015-01-07 06:24 - 2015-01-07 06:24 - 00104360 _____ (Goldshell Digital Media) C:\Windows\ST Movie Computer.scr
2015-01-07 06:24 - 2015-01-07 06:24 - 00104360 _____ (Goldshell Digital Media) C:\Windows\Classic Bridge.scr
2015-01-07 06:24 - 2015-01-07 06:24 - 00104360 _____ (Goldshell Digital Media) C:\Windows\1701A.scr
2015-01-07 06:23 - 2015-01-07 06:23 - 00104360 _____ (Goldshell Digital Media) C:\Windows\Voyager LCARS 8472.scr
2015-01-07 06:23 - 2015-01-07 06:23 - 00104360 _____ (Goldshell Digital Media) C:\Windows\USS Pathfinder.scr
2015-01-07 06:23 - 2015-01-07 06:23 - 00104360 _____ (Goldshell Digital Media) C:\Windows\Captain Sulu.scr
2015-01-07 06:22 - 2015-01-07 06:22 - 00104360 _____ (Goldshell Digital Media) C:\Windows\Voyager Master LCARS.scr
2015-01-05 13:54 - 2014-11-22 10:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-01-05 13:54 - 2014-11-22 10:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-01-05 13:13 - 2015-01-12 18:25 - 00000000 ____D () C:\Users\Lewis\AppData\Local\Electronic_Arts_Inc
2015-01-05 13:08 - 2015-01-12 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World
2015-01-05 06:10 - 2015-01-05 06:21 - 00000000 ____D () C:\Users\Lewis\Desktop\FTB
2015-01-02 08:17 - 2015-01-12 18:25 - 00000000 ____D () C:\.jagex_cache_32
2015-01-02 08:17 - 2015-01-02 08:42 - 00000023 _____ () C:\Users\Lewis\jagexappletviewer.preferences
2015-01-02 08:17 - 2015-01-02 08:17 - 00000044 _____ () C:\Users\Lewis\jagex_cl_runescape_LIVE.dat
2015-01-02 08:16 - 2015-01-12 18:25 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-01-02 08:16 - 2015-01-02 08:17 - 00000000 ____D () C:\Users\Lewis\jagexcache
2015-01-02 08:16 - 2015-01-02 08:16 - 00002106 _____ () C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-12-31 19:21 - 2015-01-12 18:25 - 00000000 ____D () C:\ProgramData\iSkysoft iTube Studio
2014-12-31 19:21 - 2015-01-12 05:34 - 00000000 ____D () C:\Program Files (x86)\iSkysoft
2014-12-31 19:21 - 2014-12-31 19:21 - 00000000 ____D () C:\Users\Lewis\AppData\Local\iSkysoft
2014-12-31 19:21 - 2014-12-31 19:21 - 00000000 ____D () C:\ProgramData\iSkysoft Application Common Data
2014-12-31 19:21 - 2014-12-31 19:21 - 00000000 ____D () C:\Program Files\Common Files\iSkysoft
2014-12-29 05:10 - 2014-12-29 05:10 - 00104360 _____ (Goldshell Digital Media) C:\Windows\Ds9 V1.9.scr
2014-12-29 05:10 - 2014-12-29 05:10 - 00028672 _____ () C:\Windows\gscr.dll
2014-12-29 00:51 - 2014-12-13 00:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-29 00:50 - 2015-01-12 18:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-12-29 00:50 - 2014-12-13 10:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-29 00:50 - 2014-12-13 10:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00834880 _____ () C:\Windows\system32\nvmcumd.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00391488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00346944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00100680 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2014-12-29 00:50 - 2014-12-13 10:08 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2014-12-29 00:50 - 2014-10-09 17:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-29 00:50 - 2014-10-09 17:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-29 00:50 - 2014-10-09 07:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-12-28 04:37 - 2014-12-28 04:37 - 00000000 __SHD () C:\Recovery
2014-12-27 19:07 - 2015-01-12 18:10 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\.StarMade
2014-12-25 03:58 - 2015-01-13 11:10 - 00000000 ____D () C:\Users\Lewis\Desktop\Stuff
2014-12-23 01:34 - 2014-12-27 17:52 - 00000154 _____ () C:\Users\Lewis\sto-dps-settings.ini
2014-12-21 23:15 - 2014-12-21 23:15 - 00000000 ____D () C:\Users\Lewis\AppData\Local\SKIDROW
2014-12-21 22:18 - 2014-12-21 22:18 - 00000000 ____D () C:\ProgramData\RELOADED
2014-12-19 00:38 - 2014-12-19 00:38 - 00000000 ____D () C:\Users\Lewis\Documents\EVE
2014-12-18 00:20 - 2014-12-18 00:20 - 00000000 ____D () C:\Users\Lewis\.chunky
2014-12-18 00:19 - 2014-12-18 00:19 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chunky
2014-12-18 00:19 - 2014-12-18 00:19 - 00000000 ____D () C:\Program Files (x86)\Chunky
2014-12-15 22:53 - 2014-10-30 22:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-15 22:53 - 2014-10-30 22:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-15 20:57 - 2014-12-15 20:57 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
2014-12-15 19:51 - 2014-12-15 19:51 - 00000000 ____D () C:\Users\Lewis\AppData\Local\CCP
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-13 15:09 - 2014-08-28 12:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-13 15:06 - 2014-08-27 20:28 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\ClassicShell
2015-01-13 15:02 - 2014-08-28 02:54 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Skype
2015-01-13 15:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-13 14:56 - 2014-08-28 02:40 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 14:18 - 2014-08-27 20:13 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\TS3Client
2015-01-13 11:38 - 2014-10-07 17:53 - 00650945 _____ () C:\Users\Lewis\AppData\Roaming\Lightshot.exe.log
2015-01-13 11:28 - 2014-08-28 02:40 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3510865584-56101363-2820924693-1001
2015-01-13 11:05 - 2014-09-15 19:49 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\TeamViewer
2015-01-13 11:05 - 2014-09-15 19:49 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-13 10:13 - 2014-08-28 02:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-13 08:09 - 2014-10-13 15:37 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-01-13 08:09 - 2014-08-27 20:46 - 00000000 ___RD () C:\Users\Lewis\Google Drive
2015-01-13 08:08 - 2014-08-30 12:10 - 00011719 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-13 08:08 - 2014-08-28 02:40 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 23:24 - 2014-08-28 02:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-12 23:02 - 2014-09-11 15:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-12 23:01 - 2014-09-11 15:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-12 23:01 - 2014-03-18 15:10 - 00000000 ____D () C:\Windows\ShellNew
2015-01-12 23:01 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-12 23:01 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-12 23:01 - 2013-08-22 13:25 - 00000076 _____ () C:\Windows\win.ini
2015-01-12 22:10 - 2014-03-18 15:26 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-12 22:05 - 2014-08-28 02:51 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-12 22:03 - 2014-10-23 13:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-12 22:03 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-12 22:01 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-12 19:57 - 2014-09-14 09:29 - 00000000 ____D () C:\Windows\Minidump
2015-01-12 18:25 - 2014-11-16 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-12 18:25 - 2014-10-31 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2015-01-12 18:25 - 2014-10-31 20:50 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-01-12 18:25 - 2014-10-23 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-12 18:25 - 2014-10-23 13:53 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-12 18:25 - 2014-10-10 17:56 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\SpaceEngineers
2015-01-12 18:25 - 2014-09-16 22:35 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\vlc
2015-01-12 18:25 - 2014-09-15 10:00 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Audacity
2015-01-12 18:25 - 2014-09-04 08:09 - 00000000 ____D () C:\ProgramData\Origin
2015-01-12 18:25 - 2014-09-04 08:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-12 18:25 - 2014-09-04 08:09 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-12 18:25 - 2014-09-01 03:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-12 18:25 - 2014-08-28 04:38 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\.minecraft
2015-01-12 18:25 - 2014-08-28 02:41 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Spotify
2015-01-12 18:25 - 2014-08-28 02:35 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Adobe
2015-01-12 18:25 - 2014-08-27 23:10 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\ftblauncher
2015-01-12 18:25 - 2014-08-27 20:28 - 00000000 ____D () C:\ProgramData\ClassicShell
2015-01-12 18:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-01-12 18:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-12 18:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\WinMetadata
2015-01-12 18:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-12 18:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-12 18:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\registration
2015-01-12 18:10 - 2014-12-09 20:16 - 00000000 ____D () C:\Users\Lewis\AppData\Local\Unity
2015-01-12 18:10 - 2014-10-12 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-01-12 18:10 - 2014-10-12 20:25 - 00000000 ____D () C:\Program Files\Speccy
2015-01-12 18:10 - 2014-08-28 02:35 - 00000000 ____D () C:\Users\Lewis
2015-01-12 18:10 - 2013-08-22 15:36 - 00000000 __RSD () C:\Windows\Media
2015-01-12 18:10 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-12 18:10 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-12 18:10 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
2015-01-12 18:10 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-12 18:10 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-12 18:02 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-12 17:17 - 2014-08-28 02:35 - 00000000 ____D () C:\Users\Lewis\AppData\Local\Packages
2015-01-12 17:17 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-12 05:32 - 2014-08-28 02:42 - 00000000 ____D () C:\Program Files\Intel
2015-01-12 05:20 - 2014-08-30 08:26 - 00438272 ___SH () C:\Users\Lewis\Desktop\Thumbs.db
2015-01-11 18:16 - 2014-08-30 12:36 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\uTorrent
2015-01-11 17:58 - 2013-08-22 14:44 - 05241072 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-11 11:39 - 2014-10-27 18:24 - 00000000 ____D () C:\Users\Lewis\AppData\Local\CrashDumps
2015-01-11 10:45 - 2014-10-04 15:01 - 00000000 ____D () C:\Users\Lewis\.VirtualBox
2015-01-10 19:59 - 2014-10-25 16:37 - 00001754 _____ () C:\Windows\Sandboxie.ini
2015-01-10 12:18 - 2014-11-16 19:44 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-10 12:18 - 2014-11-16 19:44 - 00000000 ____D () C:\Program Files\Java
2015-01-10 07:16 - 2014-08-28 07:23 - 00000000 ____D () C:\Users\Lewis\AppData\Local\Spotify
2015-01-05 13:07 - 2014-09-04 08:10 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Origin
2015-01-05 11:08 - 2014-10-23 13:53 - 00000000 ____D () C:\Users\Lewis\AppData\Local\NVIDIA Corporation
2015-01-05 06:11 - 2014-08-27 23:10 - 00000000 ____D () C:\Users\Lewis\AppData\Local\ftblauncher
2015-01-05 00:50 - 2014-12-03 22:13 - 00000000 ____D () C:\Users\Lewis\Desktop\Combatreader
2015-01-02 08:26 - 2014-09-04 09:12 - 00000024 _____ () C:\Users\Lewis\random.dat
2015-01-02 04:28 - 2014-08-27 20:44 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-28 16:09 - 2014-08-28 20:58 - 00000064 _____ () C:\Users\Lewis\.atl.properties
2014-12-27 19:58 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\ADFS
2014-12-24 03:45 - 2014-09-08 17:06 - 00000000 ____D () C:\Users\Lewis\AppData\Roaming\Advanced Combat Tracker
2014-12-21 23:15 - 2014-09-01 03:47 - 00000000 ____D () C:\Users\Lewis\Documents\My Games
2014-12-21 23:14 - 2014-10-23 14:14 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-21 22:59 - 2014-10-06 19:28 - 00491520 ___SH () C:\Users\Lewis\Downloads\Thumbs.db
2014-12-19 01:22 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
 
Files to move or delete:
====================
C:\Users\Lewis\jagex_cl_runescape_LIVE.dat
C:\Users\Lewis\matrix_cl_matrix_LIVE.dat
C:\Users\Lewis\noregret_cl_noregret_LIVE.dat
C:\Users\Lewis\random.dat
C:\Users\Lewis\rn_cl_Provenance 742_LIVE.dat
 
 
Some content of TEMP:
====================
C:\Users\Lewis\AppData\Local\Temp\ose00000.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-10 02:10
 
==================== End Of Log ============================

  • 0

#4
USSVoyager
Posted 13 January 2015 - 09:15 AM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Lewis at 2015-01-13 15:12:54
Running from C:\Users\Lewis\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DMark (HKLM-x32\...\{33f8bc21-1d62-455b-8038-c8296d01ec48}) (Version: 1.4.780.0 - Futuremark)
3DMark (Version: 1.4.780.0 - Futuremark) Hidden
3DMark 11 Demo (HKLM-x32\...\Steam App 221870) (Version:  - Futuremark)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version:  - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bridge Commander MW (HKLM-x32\...\InstallShield_{304D46E1-364B-45AB-9170-53E200DB4E85}) (Version: 1.1.0000 - Activision)
Bridge Commander MW (x32 Version: 1.1.0000 - Activision) Hidden
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Cannons Lasers Rockets (HKLM-x32\...\Steam App 265770) (Version:  - Net Games Laboratory)
Chunky (HKLM\...\Chunky) (Version:  - )
CINEMA 4D 15.064 (HKLM\...\MAXON5C68297C) (Version: 15.064 - MAXON Computer GmbH)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DisplayFusion 6.1.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 6.1.2.0 - Binary Fortress Software)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EVGA PrecisionX 16 (HKLM-x32\...\{9914A7AB-3FFC-4A34-837A-E89D0B61362E}) (Version: 5.2.3 - EVGA Corporation)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Firefall (HKLM-x32\...\Steam App 227700) (Version:  - Red 5 Studios)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Futuremark SystemInfo (HKLM-x32\...\{E114E635-F06E-43B4-A800-74A22536B1B0}) (Version: 4.30.472.0 - Futuremark)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Genymotion version 2.3.1 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.3.1 - Genymobile)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities 5.16 (HKLM-x32\...\Glary Utilities 5) (Version: 5.16.0.29 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\{B3DE583C-ADB7-3B8D-9A8E-EAF9805BA608}) (Version: 66.3.32862 - Google, Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LCARS 47 (6.3) (HKLM-x32\...\{15D54E46-E3A2-448B-97A0-8C20CD38E4EC}_is1) (Version: 6.3.0.2 - Sollertia Station)
LCARS 47 Area 51 (HKLM-x32\...\LCARS 47 Area 51_is1) (Version: 0.0.0.1 - Sollertia Station)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-GB)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung SSD 840 EVO Performance Restoration (HKLM-x32\...\{B4B18E77-4C37-46F2-BC38-9451E65C9AEC}_is1) (Version: 1.0 - Samsung Electronics)
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
Skype™ 6.18 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.106 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Speccy (HKLM\...\Speccy) (Version: 1.27 - Piriform)
Spotify (HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
STO Keybinds (HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\73217bad652635ca) (Version: 1.0.0.113 - Federation Emergency Services)
Surgeon Simulator (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Render Client 15.064 (HKLM\...\MAXON3C5A6FA6) (Version: 15.064 - MAXON Computer GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WinDirStat 1.1.2 (HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\WinDirStat) (Version:  - )
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3510865584-56101363-2820924693-1001_Classes\CLSID\{05330e97-f1e0-4354-97dc-84a57e694eb1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3510865584-56101363-2820924693-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
29-12-2014 08:33:32 Scheduled Checkpoint
02-01-2015 08:16:12 Installed RuneScape Launcher 1.2.3
10-01-2015 02:13:25 Scheduled Checkpoint
11-01-2015 10:03:49 Installed Intel® Hardware Accelerated Execution Manager
12-01-2015 17:59:54 Restore Operation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0E2AD84B-C91E-41FC-9665-3E77B91F32B5} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-01-05] (Glarysoft Ltd)
Task: {67C3D917-C232-4B27-ADD4-5DE74B469519} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-01-05] (Glarysoft Ltd)
Task: {6BB49558-7346-442F-9BAF-C17A3C40417E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {6EE20F2D-62C2-4F43-B549-6DE49FA1D861} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {89A3BD75-B40B-450A-A247-82AC40F9C6B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A7FA6A7C-A2F7-4931-AC51-E0268F1F2760} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {B89A3F29-8F4D-4CC8-82A3-DC5072B93080} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-09-11] ()
Task: {E90C4799-2335-4F02-AF17-F2B3E644135C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {F1B971FB-D851-493E-B5D3-297DD0907CE6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-28] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-10-23 13:57 - 2014-12-13 08:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 19:29 - 2014-05-01 19:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-28 09:14 - 2014-02-28 09:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 14:51 - 2014-02-27 14:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 14:51 - 2014-02-27 14:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 13:43 - 2014-08-04 13:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 13:43 - 2014-08-04 13:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 14:51 - 2014-02-27 14:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 14:51 - 2014-02-27 14:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 13:46 - 2014-08-04 13:46 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 13:46 - 2014-08-04 13:46 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 14:51 - 2014-02-27 14:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-08-28 02:51 - 2014-08-28 02:51 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-12 19:05 - 2015-01-12 19:05 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011201\algo.dll
2015-01-13 11:45 - 2015-01-13 11:45 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011300\algo.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-20 10:43 - 2014-03-20 10:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-01-13 08:09 - 2015-01-13 08:09 - 00098816 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32api.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00110080 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\pywintypes27.dll
2015-01-13 08:09 - 2015-01-13 08:09 - 00364544 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\pythoncom27.dll
2015-01-13 08:09 - 2015-01-13 08:09 - 00045568 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\_socket.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 01160704 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\_ssl.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00320512 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32com.shell.shell.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00713216 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\_hashlib.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 01175040 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._core_.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00805888 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._gdi_.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00811008 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._windows_.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 01062400 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._controls_.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00735232 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._misc_.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00128512 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\_elementtree.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00127488 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\pyexpat.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00557056 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\pysqlite2._sqlite.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00087552 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\_ctypes.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00119808 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32file.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00108544 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32security.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00007168 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\hashobjs_ext.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00167936 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32gui.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00018432 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32event.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00038912 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32inet.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00011264 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32crypt.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00070656 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._html2.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00027136 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\_multiprocessing.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00035840 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32process.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00686080 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\unicodedata.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00122368 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._wizard.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00024064 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32pipe.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00025600 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32pdh.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00525640 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\windows._lib_cacheinvalidation.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00010240 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\select.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00017408 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32profile.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00022528 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\win32ts.pyd
2015-01-13 08:09 - 2015-01-13 08:09 - 00078336 _____ () C:\Users\Lewis\AppData\Local\Temp\_MEI60282\wx._animate.pyd
2014-09-06 16:44 - 2014-09-06 16:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-12 14:57 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 14:57 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 14:57 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 14:57 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-08-28 02:51 - 2014-08-28 02:51 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-30 05:52 - 2014-11-11 18:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 05:52 - 2014-11-11 18:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 05:52 - 2014-11-11 18:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-27 20:34 - 2014-11-11 18:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-08-27 20:34 - 2014-11-18 20:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 05:52 - 2014-11-11 18:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 05:52 - 2014-11-11 18:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-08-27 20:34 - 2014-11-18 20:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-08-27 20:34 - 2014-11-11 18:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-27 20:34 - 2014-11-11 18:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-10-18 04:16 - 2014-12-06 01:50 - 00146760 _____ () C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll
2014-10-18 04:16 - 2014-09-25 09:53 - 06572360 _____ () C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdm.dll
2014-12-12 14:57 - 2014-12-06 01:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Lewis\AppData\Local\9ARjL9Jf:I6S2zDkeAndFXLO2V4WObFmO7rK5v
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3510865584-56101363-2820924693-1001\...\StartupApproved\Run: => "GUDelayStartup"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3510865584-56101363-2820924693-500 - Administrator - Disabled)
Guest (S-1-5-21-3510865584-56101363-2820924693-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3510865584-56101363-2820924693-1003 - Limited - Enabled)
Lewis (S-1-5-21-3510865584-56101363-2820924693-1001 - Administrator - Enabled) => C:\Users\Lewis
 
==================== Faulty Device Manager Devices =============
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VirtualBox Host-Only Ethernet Adapter #2
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/12/2015 07:06:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (01/12/2015 07:06:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (01/12/2015 07:06:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (01/12/2015 07:03:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
 
System errors:
=============
Error: (01/13/2015 11:47:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/13/2015 11:47:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/13/2015 11:47:04 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/13/2015 11:02:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/13/2015 11:02:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/13/2015 11:02:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (01/13/2015 08:09:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
 
Error: (01/12/2015 11:24:08 PM) (Source: DCOM) (EventID: 10010) (User: LewisPC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (01/12/2015 11:24:08 PM) (Source: DCOM) (EventID: 10010) (User: LewisPC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (01/12/2015 11:24:08 PM) (Source: DCOM) (EventID: 10010) (User: LewisPC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
 
Microsoft Office Sessions:
=========================
Error: (01/12/2015 07:06:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestE:\Google Chrome Downloads\esetsmartinstaller_enu (1).exe
 
Error: (01/12/2015 07:06:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestE:\Google Chrome Downloads\esetsmartinstaller_enu (1).exe
 
Error: (01/12/2015 07:06:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestE:\Google Chrome Downloads\esetsmartinstaller_enu (1).exe
 
Error: (01/12/2015 07:03:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestE:\Google Chrome Downloads\esetsmartinstaller_enu.exe
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 72%
Total physical RAM: 3965.05 MB
Available physical RAM: 1077.4 MB
Total Pagefile: 15741.05 MB
Available Pagefile: 11350.3 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
 
==================== Drives ================================
 
Drive c: (Samsung Boot SSD) (Fixed) (Total:111.45 GB) (Free:35.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (1TB Drive) (Fixed) (Total:931.51 GB) (Free:547.09 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A76A8380)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=111.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 37815E36)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#5
USSVoyager
Posted 13 January 2015 - 09:15 AM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Users shortcut scan result (x64) Version: 12-01-2015 02
Ran by Lewis at 2015-01-13 15:13:14
Running from C:\Users\Lewis\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
 
 
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk -> C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe (Belarc, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk -> C:\Windows\System32\GfxUIEx.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> E:\World of Warcraft\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat\Help (ENG).lnk -> C:\Program Files (x86)\WinDirStat\windirstat.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat\Uninstall WinDirStat.lnk -> C:\Program Files (x86)\WinDirStat\Uninstall.exe (WDS Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat\WinDirStat.lnk -> C:\Program Files (x86)\WinDirStat\windirstat.exe (Seifert)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Valley Benchmark 1.0\Uninstall.lnk -> C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Valley Benchmark 1.0\User manual.lnk -> C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\documentation\User_Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine\Valley Benchmark 1.0\Valley Benchmark 1.0.lnk -> C:\Program Files (x86)\Unigine\Valley Benchmark 1.0\valley.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection\Technical Support.lnk -> E:\Origin\The Sims 2 Ultimate Collection\Support\EA Help\Technical Support.en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection\The Sims 2 Ultimate Collection End User License Agreement.lnk -> E:\Origin\The Sims 2 Ultimate Collection\Support\eula\en_US_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection\The Sims 2 Ultimate Collection.lnk -> E:\Origin\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Battle.net Account Management.lnk -> E:\World of Warcraft\StarCraft II\Support\BattlenetAccount.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Blizzard Technical Support.lnk -> E:\World of Warcraft\StarCraft II\Support\TechSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Manual.lnk -> E:\World of Warcraft\StarCraft II\Support\Manual.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Map Editor.lnk -> E:\World of Warcraft\StarCraft II\Support\SC2Editor.exe (Blizzard Entertainment, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II.lnk -> E:\World of Warcraft\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Bridge Commander Maximum Warp\Bridge Commander (Unmodded).lnk -> E:\STBC\Original\STBC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Bridge Commander Maximum Warp\Maximum Warp Launcher.lnk -> E:\STBC\STBC_Launcher.exe (Maximum Warp Edition Launcher                                                                       )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Bridge Commander Maximum Warp\Maximum Warp Multiplayer.lnk -> E:\STBC\MP_Modded\STBC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Bridge Commander Maximum Warp\Maximum Warp Single Player.lnk -> E:\STBC\SP_Modded\STBC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Bridge Commander Maximum Warp\Multiplayer\Multiplayer Manual.lnk -> E:\STBC\MP_Modded\KOBMARU-MANUAL.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Bridge Commander Maximum Warp\Multiplayer\Multiplayer Readme.lnk -> E:\STBC\MP_Modded\KOBMARU-README.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek Bridge Commander Maximum Warp\Multiplayer\Multiplayer Updates.lnk -> E:\STBC\MP_Modded\kmupdate_checker.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk -> C:\Program Files\Speccy\Speccy64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Uninstall Speccy.lnk -> C:\Program Files\Speccy\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Readme.lnk -> C:\Program Files\Sony\Vegas Pro 13.0\Readme\Vegas_readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype for desktop.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014\LayOut.lnk -> E:\Programs\Sketchup\LayOut\LayOut.exe (Trimble Navigation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014\SketchUp.lnk -> E:\Programs\Sketchup\SketchUp.exe (Trimble Navigation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014\Style Builder.lnk -> E:\Programs\Sketchup\Style Builder\Style Builder.exe (Trimble Navigation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\Read Me.lnk -> E:\Origin\SimCity\Support\readme\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\SimCity™ End User License Agreement.lnk -> E:\Origin\SimCity\Support\eula\en_US_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\SimCity™.lnk -> E:\Origin\SimCity\SimCity\SimCity.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\Technical Support.lnk -> E:\Origin\SimCity\Support\EA Help\Technical Support.en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity 2000 Special Edition\SimCity 2000 Special Edition End User License Agreement.lnk -> E:\Origin\SimCity 2000 SE\Support\eula\en_US_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity 2000 Special Edition\SimCity 2000 Special Edition.lnk -> E:\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe (DOSBox Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity 2000 Special Edition\Technical Support.lnk -> E:\Origin\SimCity 2000 SE\Support\EA Help\Technical Support.en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD 840 EVO Performance Restoration\Samsung SSD 840 EVO Performance Restoration.lnk -> C:\Program Files (x86)\Samsung SSD 840 EVO Performance Restoration\EVOPerformanceCure.exe (SAMSUNG Electronics Co,Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD 840 EVO Performance Restoration\Uninstall Samsung SSD 840 EVO Performance Restoration.lnk -> C:\Program Files (x86)\Samsung SSD 840 EVO Performance Restoration\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\RaidCall.lnk -> C:\Program Files (x86)\RaidCall\raidcall.exe (RAIDCALL.COM)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\Uninstall RaidCall.lnk -> C:\Program Files (x86)\RaidCall\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Arc.lnk -> E:\Arc\Arc\ArcLauncher.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Repair Arc.lnk -> E:\Arc\Arc\ArcRepair.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk -> E:\Virtual Box\License_en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk -> E:\Virtual Box\VirtualBox.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk -> E:\Virtual Box\VirtualBox.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk -> E:\Virtual Box\doc\UserManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World\Need for Speed World End User License Agreement.lnk -> E:\Origin\Need for Speed World\Support\eula\en_US_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World\Need for Speed World.lnk -> E:\Origin\Need for Speed World\GameLauncher.exe (Electronic Arts Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World\Read Me.lnk -> E:\Origin\Need for Speed World\Support\readme\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World\Technical Support.lnk -> E:\Origin\Need for Speed World\Support\EA Help\Technical Support.en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\CINEMA 4D 64 Bit.lnk -> E:\C4D\C4D\CINEMA 4D 64 Bit.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\Team Render Client 64 Bit.lnk -> E:\C4D\Team Render Client 64 Bit.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCARS 47\Install a Standard Drydock Plugin.lnk -> C:\Program Files (x86)\LCARS 47\Bin\LCARS 47 Standard Drydock Plugin Pack.exe (Sollertia Station                                           )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCARS 47\LCARS 47 (6.3).lnk -> C:\Program Files (x86)\LCARS 47\LaunchCenter.exe (Sollertia Station)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCARS 47\Read the User Manual (Microsoft Word).lnk -> C:\Program Files (x86)\LCARS 47\Bin\LCARS 47 User Manual.docx ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCARS 47\Read the User Manual (PDF).lnk -> C:\Program Files (x86)\LCARS 47\Bin\LCARS 47 User Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCARS 47\Uninstall LCARS 47 (6.3).lnk -> C:\Program Files (x86)\LCARS 47\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk -> C:\Program Files\Java\jdk1.8.0_25\bin\jmc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en_GB.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility\Intel® Driver Update Utility 2.0.lnk -> C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe (Intel)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk -> E:\World of Warcraft\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk -> E:\GW2\Guild Wars 2\Gw2.exe (ArenaNet)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Uninstall.lnk -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Website.lnk -> C:\Program Files (x86)\Glary Utilities 5\Glary Utilities 5.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion\Genymotion Shell.lnk -> E:\Genymotion\Genymotion\genyshell.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion\Genymotion.lnk -> E:\Genymotion\Genymotion\genymotion.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion\Uninstall Genymotion.lnk -> E:\Genymotion\Genymotion\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark\3DMark\3DMark.lnk -> E:\3DMARK\bin\x64\3DMark.exe (Futuremark)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Uninstall Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA\PrecisionX 16\EVGA PrecisionX 16.lnk -> C:\Windows\Installer\{9914A7AB-3FFC-4A34-837A-E89D0B61362E}\PrecisionX_x64.exe_392A563078774EA2A2D938EF7E7829B4.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Euro Truck Simulator 2 Manual.lnk -> E:\ETS\Euro Truck Simulator 2\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Euro Truck Simulator 2.lnk -> E:\ETS\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - DirectX.lnk -> E:\ETS\Euro Truck Simulator 2\bin\win_x86\troubleshoot_dx9.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - OpenGL.lnk -> E:\ETS\Euro Truck Simulator 2\bin\win_x86\troubleshoot_gl.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Troubleshooting\Troubleshooting - Safe mode.lnk -> E:\ETS\Euro Truck Simulator 2\bin\win_x86\troubleshoot_safe.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIFix.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\AVIFix.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIMux.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\AVIMux.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory Video Setting.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\DxtoryVideoSetting.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\EULA.txt.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\EULA_en.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\License Register.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\LicReg.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\RawCapConv.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\readme.txt.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Uninstall.lnk -> C:\Program Files (x86)\DisplayFusion\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Battle.net Account Management.lnk -> E:\World of Warcraft\Diablo III\BattlenetAccount.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Blizzard Technical Support.lnk -> E:\World of Warcraft\Diablo III\TechSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Manual.lnk -> E:\World of Warcraft\Diablo III\Manual.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk -> E:\World of Warcraft\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Explorer Settings.lnk -> C:\Program Files\Classic Shell\ClassicExplorerSettings.exe (IvoSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic IE Settings.lnk -> C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Help.lnk -> C:\Program Files\Classic Shell\ClassicShell.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Readme.lnk -> C:\Program Files\Classic Shell\ClassicShellReadme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Update.lnk -> C:\Program Files\Classic Shell\ClassicShellUpdate.exe (IvoSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4 End User License Agreement.lnk -> E:\Origin\Battlefield 4\Support\eula\en_US_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4(64 bit).lnk -> E:\Origin\Battlefield 4\bf4.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4.lnk -> E:\Origin\Battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Technical Support.lnk -> E:\Origin\Battlefield 4\Support\EA Help\Technical Support.en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> E:\World of Warcraft\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Combat Tracker\Advanced Combat Tracker.lnk -> C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (Aditu of Permafrost)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Combat Tracker\Uninstall ACT.lnk -> C:\Program Files (x86)\Advanced Combat Tracker\Uninstall-ACT.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Bridge CS6 (64bit).lnk -> C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe ExtendScript Toolkit CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Extension Manager CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Encoder CS6.lnk -> C:\Program Files\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Premiere Pro CS6.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D21A32E7-AFB2-4AB0-93F0-467D4365CC4C}\PlayTasks\2\Repair.lnk -> E:\eve\repair.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D21A32E7-AFB2-4AB0-93F0-467D4365CC4C}\PlayTasks\0\Play EVE.lnk -> E:\eve\eve.exe (CCP hf.)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\PlayTasks\0\Play.lnk -> E:\GW2\Guild Wars 2\Gw2.exe (ArenaNet)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Lewis\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Lewis\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\Links\Desktop.lnk -> C:\Users\Lewis\Desktop ()
Shortcut: C:\Users\Lewis\Links\Downloads.lnk -> C:\Users\Lewis\Downloads ()
Shortcut: C:\Users\Lewis\Links\Google Drive.lnk -> C:\Users\Lewis\Google Drive ()
Shortcut: C:\Users\Lewis\Desktop\Games\Battlefield 4(64 bit).lnk -> E:\Origin\Battlefield 4\bf4.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Lewis\Desktop\Games\Battlefield 4.lnk -> E:\Origin\Battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Lewis\Desktop\Games\World of Tanks.lnk -> E:\World_of_Tanks\WoTLauncher.exe (Wargaming.net)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk -> C:\Program Files (x86)\RaidCall\raidcall.exe (RAIDCALL.COM)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Lewis\Documents ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Lewis\Pictures ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Lewis\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Encyclopedia.lnk -> E:\World_of_Tanks\wiki.url ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Game Manual.lnk -> E:\World_of_Tanks\game_manual.url ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Latest updates.lnk -> E:\World_of_Tanks\readme.url ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Official website.lnk -> E:\World_of_Tanks\website.url ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Uninstall World of Tanks.lnk -> E:\World_of_Tanks\unins000.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\World of Tanks.lnk -> E:\World_of_Tanks\WoTLauncher.exe (Wargaming.net)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\License.lnk -> C:\Users\Lewis\jagexcache\jagexlauncher\LICENSE.txt ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView\BlueScreenView Help.lnk -> C:\Program Files (x86)\NirSoft\BlueScreenView\BlueScreenView.chm ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView\BlueScreenView.lnk -> C:\Program Files (x86)\NirSoft\BlueScreenView\BlueScreenView.exe (NirSoft)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView\Uninstall.lnk -> C:\Program Files (x86)\NirSoft\BlueScreenView\uninst.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Learn More.lnk -> C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\5.1.4.15\learnmore.url ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Lightshot .lnk -> C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Uninstall LightShot.lnk -> C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\unins000.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE\Play EVE.lnk -> E:\eve\eve.exe (CCP hf.)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE\Repair.lnk -> E:\eve\repair.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE\Uninstall EVE.lnk -> E:\eve\Uninstall.exe (CCP hf.)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chunky\ReadMe.lnk -> C:\Program Files (x86)\Chunky\ReadMe.html ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chunky\Uninstall.lnk -> C:\Program Files (x86)\Chunky\Uninstall.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chunky\Wiki.lnk -> C:\Program Files (x86)\Chunky\Wiki.URL ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk -> C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe (Belarc, Inc.)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk -> E:\Virtual Box\VirtualBox.exe ()
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Lewis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b15f30ab853b7d31\Diablo III.lnk -> E:\World of Warcraft\Diablo III\Diablo III Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Lewis\AppData\Roaming\ClassicShell\Pinned\Skype for desktop.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated) -> --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Seagate Technology) -> C:\Program Files (x86)\Seagate\SeaTools for Windows\NEWSEGLOGO.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie\Run any program sandboxed.lnk -> C:\Program Files\Sandboxie\Start.exe (Sandboxie Holdings, LLC) -> /box:__ask__ run_dialog
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie\Run Web browser sandboxed.lnk -> C:\Program Files\Sandboxie\Start.exe (Sandboxie Holdings, LLC) -> default_browser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie\Run Windows Explorer sandboxed.lnk -> C:\Program Files\Sandboxie\Start.exe (Sandboxie Holdings, LLC) -> .
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie\Sandboxie Control.lnk -> C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie\Sandboxie Start Menu.lnk -> C:\Program Files\Sandboxie\Start.exe (Sandboxie Holdings, LLC) -> /box:__ask__ start_menu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie\Uninstall Sandboxie.lnk -> C:\Windows\Installer\SandboxieInstall64_VCRedist.exe (Sandboxie Holdings, LLC) -> /remove
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Uninstall Arc.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe (Perfect World Entertainment) -> -runfromtemp -l0x0809  -removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Desktop Wallpaper.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowwallpaper
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Monitor Configuration.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowmonitorconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion Settings.lnk -> C:\Program Files (x86)\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software) -> -windowsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Start Menu Settings.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft) -> -settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{D21A32E7-AFB2-4AB0-93F0-467D4365CC4C}\PlayTasks\1\Play EVE (Safe Mode).lnk -> E:\eve\eve.exe (CCP hf.) -> /safemode
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk -> C:\Users\Lewis\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\RuneScape.lnk -> C:\Users\Lewis\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE\Play EVE (Safe Mode).lnk -> E:\eve\eve.exe (CCP hf.) -> /safemode
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chunky\Chunky (Launcher).lnk -> C:\Program Files\Java\jre7\bin\javaw.exe (Oracle Corporation) -> -jar "C:\Program Files (x86)\Chunky\chunky.jar" --launcher
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chunky\Chunky.lnk -> C:\Program Files\Java\jre7\bin\javaw.exe (Oracle Corporation) -> -jar "C:\Program Files (x86)\Chunky\chunky.jar"
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\SendTo\Sandboxie - DefaultBox.lnk -> C:\Program Files\Sandboxie\Start.exe (Sandboxie Holdings, LLC) -> /box:DefaultBox
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk -> C:\Program Files\Sandboxie\Start.exe (Sandboxie Holdings, LLC) -> default_browser
ShortcutWithArgument: C:\Users\Lewis\AppData\Roaming\ClassicShell\Pinned\startscreen.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft) -> -togglenew
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Lewis\AppData\Local\Google\Chrome\User Data\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
 
 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org\Open Codecs\Website.url -> hxxp://xiph.org/dshow/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy Homepage.url -> hxxp://www.piriform.com/speccy
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World\Need For Speed™ World Web Site.url -> 0
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCARS 47\LCARS 47 (6.3) on the Web.url -> hxxp://www.lcars47.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Support Web Site.url -> hxxp://support.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Web Site.url -> hxxp://www.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Euro Truck Simulator 2 Website.url -> hxxp://www.eurotrucksimulator2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\SCS Software Website.url -> hxxp://www.scssoft.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion\DisplayFusion on the Web.url -> hxxp://www.displayfusion.com
InternetURL: C:\Users\Lewis\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Lewis\Desktop\Games\Firefall.url -> steam://rungameid/227700
InternetURL: C:\Users\Lewis\Desktop\Games\Star Trek Online.url -> steam://rungameid/9900
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Arma Cold War Assault.url -> steam://rungameid/65790
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Call of Duty Ghosts - Multiplayer.url -> steam://rungameid/209170
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Cannons Lasers Rockets.url -> steam://rungameid/265770
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Contagion.url -> steam://rungameid/238430
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Firefall.url -> steam://rungameid/227700
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\FTL Faster Than Light.url -> steam://rungameid/212680
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Garry's Mod.url -> steam://rungameid/4000
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\ORION Prelude.url -> steam://rungameid/104900
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PlanetSide 2.url -> steam://rungameid/218230
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Portal 2.url -> steam://rungameid/620
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Star Trek Online.url -> steam://rungameid/9900
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Team Fortress 2.url -> steam://rungameid/440
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Warframe.url -> steam://rungameid/230410
InternetURL: C:\Users\Lewis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE\EVE Web Page.URL -> hxxp://www.eveonline.com
InternetURL: C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\5.1.4.9\learnmore.url -> hxxp://app.prntscr.com/learnmore.html
InternetURL: C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\5.1.4.9\learnmore_ru.url -> hxxp://app.prntscr.com/ru/learnmore.html
InternetURL: C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\5.1.4.15\learnmore.url -> hxxp://app.prntscr.com/learnmore.html
InternetURL: C:\Users\Lewis\AppData\Local\Skillbrains\lightshot\5.1.4.15\learnmore_ru.url -> hxxp://app.prntscr.com/ru/learnmore.html
 
==================== End of log =============================

  • 0

#6
ruggie_uk
Posted 13 January 2015 - 10:22 AM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Hi. Machine looks pretty good so far so I think just a bit of tidying and a deep scan just to be sure.

Step 1
FRST Fix

If FRST.exe/FRST64.exe is not on your desktop, please download Farbar Recovery Scan Tool and save it to your desktop.

  • Download the attached Attached File  fixlist.txt   1017bytes   132 downloads and save it to your desktop <<< very important - it must be in the same location as FRST.exe/FRST64.exe
  • Right click frst.png and run as administrator. When the tool opens click Yes to the disclaimer.
  • Press the Fix button.
  • It will produce a log called fixlog.txt on your Desktop.
  • Please copy and paste the contents of that log back here.

    NOTICE: This script was written specifically for this user, for use on that particular machine, at this point in time. Running this on another machine may cause damage to your operating system.

Step 2

jrt.pngJunkware Removal Tool
Please download Junkware Removal Tool to your desktop. << Important
Ensure that any security software is temporarily disabled for the duration of the scan. Don't forget to re-enable it afterwards.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by right-clicking jrt.png and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

ASWmbr Scan

Download aswMBR.exe ( 511KB ) to your desktop. If you already have this application, this is a new version I need you to download.

Double click the aswmbr.png aswMBR.exe to run it

aswMBR1.png

Click the "Scan" button to start scan

If your computer supports Virtualization Technology, select Yes to use it for rootkit detection. When it offers to download the virus database allow that as well

msgbox.png

On completion of the scan click Save Log, save it to your desktop and post in your next reply

aswMBR2.png

The tool will also produce a copy of the mbrdump labeled MBR.dat. Please do not delete this file until we have completed.

 

Items I need to see in your next post:

  • FRST Fixlog
  • JRT Log
  • ASWMBR Report


  • 1

#7
USSVoyager
Posted 13 January 2015 - 10:37 AM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-01-2015 02
Ran by Lewis at 2015-01-13 16:26:16 Run:1
Running from C:\Users\Lewis\Desktop
Loaded Profile: Lewis (Available profiles: Lewis)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
createrestorepoint:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
AlternateDataStreams: C:\Users\Lewis\AppData\Local\9ARjL9Jf:I6S2zDkeAndFXLO2V4WObFmO7rK5v
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> E:\Arc\Arc\Plugins\ArcPluginIE.dll No File
emptytemp:
end
*****************
 
Restore point was successfully created.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\Lewis\AppData\Local\9ARjL9Jf => ":I6S2zDkeAndFXLO2V4WObFmO7rK5v" ADS removed successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}" => Key deleted successfully.
EmptyTemp: => Removed 1.3 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 16:28:29 ====

  • 0

#8
USSVoyager
Posted 13 January 2015 - 10:38 AM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Lewis on 13/01/2015 at 16:34:27.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/01/2015 at 16:38:14.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#9
USSVoyager
Posted 13 January 2015 - 10:41 AM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-01-13 16:38:51
-----------------------------
16:38:51.873    OS Version: Windows x64 6.2.9200 
16:38:51.873    Number of processors: 4 586 0x3C03
16:38:51.874    ComputerName: LEWISPC  UserName: Lewis
16:38:52.005    Initialize success
16:38:52.008    VM: initialized successfully
16:38:52.009    VM: Intel CPU supported 
16:38:54.328    VM: supported disk I/O storport.sys
16:38:57.255    AVAST engine defs: 15011300
16:39:12.624    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000035
16:39:12.625    Disk 0 Vendor: Samsung_SSD_840_EVO_120GB EXT0CB6Q Size: 114473MB BusType: 11
16:39:12.628    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000036
16:39:12.629    Disk 1 Vendor: ST1000DM003-1CH162 CC49 Size: 953869MB BusType: 11
16:39:12.634    VM: Disk 0 MBR read successfully
16:39:12.635    Disk 0 MBR scan
16:39:12.637    Disk 0 Windows 7 default MBR code
16:39:12.639    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS          350 MB offset 2048
16:39:12.641    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       114121 MB offset 718848
16:39:12.649    Disk 0 scanning C:\Windows\system32\drivers
16:39:14.537    Service scanning
16:39:19.008    Modules scanning
16:39:19.010    Disk 0 trace - called modules:
16:39:19.015    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys storahci.sys hal.dll 
16:39:19.018    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0019236c5d0]
16:39:19.019    3 CLASSPNP.SYS[fffff8010237427b] -> nt!IofCallDriver -> [0xffffe001921a8db0]
16:39:19.021    5 ACPI.sys[fffff80101c197aa] -> nt!IofCallDriver -> [0xffffe001921ace50]
16:39:19.023    7 ACPI.sys[fffff80101c197aa] -> nt!IofCallDriver -> \Device\00000035[0xffffe001921a9060]
16:39:19.125    AVAST engine scan C:\Windows
16:39:19.382    AVAST engine scan C:\Windows\system32
16:39:51.490    AVAST engine scan C:\Windows\system32\drivers
16:39:54.199    AVAST engine scan C:\Users\Lewis
16:40:58.433    Disk 0 MBR has been saved successfully to "C:\Users\Lewis\Desktop\MBR.dat"
16:40:58.433    The log file has been saved successfully to "C:\Users\Lewis\Desktop\aswMBR.txt"

  • 0

#10
ruggie_uk
Posted 13 January 2015 - 01:36 PM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Good news, it looks like your system is clean. A good workman cleans up after himself so let's now attend to that :D

Tool Removal

We need to remove the tools we've used during cleaning your machine
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Activate UAC
    • Create registry backup
    • Purge system restore
    • Reset System Settings
    delfix-select.png
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply


Keep your machine updated

Due to the ever-present tide of malware, it is important to ensure your computer is kept up-to-date to minimize the risk of future infection. An important step is to ensure that automatic updates are enabled.


To enable automatic updates:

Windows 8
To turn on Automatic Updates yourself, follow these steps:
  • Open Windows Update by swiping in from the right edge of the screen (or, if you're using a mouse, pointing to the bottom-right corner of the screen and moving the mouse pointer up), tapping or clicking Settings, tapping or clicking Change PC settings, then tapping or clicking Update and recovery.
  • Tap or click Choose how updates are installed.
  • Select the option that you want.
  • Under Recommended updates, select the Give me recommended updates the same way I receive important updates or Include recommended updates when downloading, installing, or notifying me about updates check box, and then click OK.
It is recommended to install an anti-malware to help prevent reinfection.
Below are some free ones that can help keep you clean.

Malwarebytes AntiMalware

As you have installed Malwarebytes, I recommend that you keep this program and use it to help you stay clean.

The free version will scan your computer and fix the problems it finds but will not provide real-time protection. You must scan regularly to find any threats.
Consider purchasing the full version for active monitoring of threats.
JAVA Advice
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software or need it to play games on-line.
In that instance I would recommend that you only use Firefox or Chrome to visit those sites and do the following:
  • For Firefox, install the NoScript add-on.
  • For Chrome, install the ScriptNo add-on.
    -->IMPORTANT<--: After installing the add-ons you will need to tell them that the site you are visiting is allowed to run Javascript. If you don't, the sites won't work properly. Or not at all. You can go to the NoScript home page here to learn how to use the add-on.
  • Disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser or How to unplug Java from the browser)
If you still want to update your Java, follow the instructions below:

A.
Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older versions of Java components and update:
  • Download the latest version of the Java Runtime Environment (JRE) Version from Here and save it to your desktop.
  • Look for "Java Platform, Standard Edition". You will see the current Java version and update number under listed under the heading. Example: The newest update is Java SE 8u25
  • Click the "Download button under "JRE".
  • On the Java SE Runtime Environment page, click the button to "Accept License Agreement".
  • Under the Java SE Runtime Environment 8u25 heading:
    To install the version for your system:
    • For Windows 64bit systems, look for Windows x64 - 88.37MB, click the jre-8u25-windows-64.exe file and save it to your desktop. Do Not run it from the Java site.
  • Close any programs you may have running - especially your web browser.
B.
Uninstall all versions of Java
  • Click Start > Control Panel > Add/Remove Programs. The list of installed programs will populate.
  • Click the Start Orb, then Control Panel. Under the Programs or Programs and Features section click Uninstall a program. The list of installed programs will populate.
  • Remove all older versions of Java. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE or J2SE
    The versions I see on the computer are:
    • Java 7 Update
    • Java 8 (64-bit)
    • Java SE Development Kit 8
  • Right click each program and click Uninstall and follow the on screen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
C.
Install the latest JAVA

Back on your desktop:
  • Right click the jre-8u25-windows-x64.exe file, click Run as Administrator and OK the UAC prompt to install the newest version.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
[Note:] The Java Quick Starter (JQS.exe) adds a service to improve the initial start up time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > You will have to be in Classic View to see Java(It looks like a coffee cup). Double-click on Java click the Advanced Tab click Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.

Update Adobe Flash Player

NOTE: Depending on your settings, you may have to temporarily disable your antivirus software and firewall.
  • Please click here to go to the FlashPlayer Installation page.
  • In the first column, Adobe Flash Player, make sure the system version (64bit) and the browser are correct.
    • Note: If you use IE and other browsers you will need to install both Flash Player for IE and Flash Player for Other Browsers.
  • In the middle column, Optional offer:, UNCHECK the box next to Yes, install free McAfee Security Scan Plus
  • Click the Install now button. A download window for the install_flashplayer15x64_mssd_aaa_aih.exe file will open. Save it to the desktop.
  • Close the browser and all open windows.
  • Back on the desktop, right click the install_flashplayer15x64_mssd_aaa_aih.exe file and click Run as Administrator to install Flash Player.
Cryptolocker Warning
Go here for information about CryptoLocker Ransomeware.
The main thing with this infection is ~ Backup.
If you're using an external hard drive, keep it unplugged from the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever do come across it.

Recommended Programs
Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing. By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed.
CryptoPrevent is a free program that prevents CryptoLocker / ransomware from infecting your PC by locking down the OS so the malware can not get a grip on your system.
Web Of Trust is a browser add-on designed to alert the user before interacting with a potentially malicious website. It will highlight green if a site is known to be safe.

Adblock is a firefox browser add-on that blocks annoying banners, pop-ups and video ads.

General Advice
  • When browsing the internet, look closely at the links you click on. Some aren't always what they seem
  • Avoid Peer to Peer file sharing utilities, these are a minefield of malware infections.
  • Don't open email attachments unless you are expecting them. Even an email from your best friend can be infected, they might not have sent it.
  • Pay attention when installing a program to your computer, particularly to any check boxes that may appear during installation, it is common for unwanted software to be installed in this way.

  • 1

Advertisements

#11
USSVoyager
Posted 13 January 2015 - 01:51 PM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
# DelFix v10.8 - Logfile created 13/01/2015 at 19:49:53
# Updated 29/07/2014 by Xplode
# Username : Lewis - LEWISPC
# Operating System : Windows 8.1  (64 bits)
 
~ Activating UAC ... OK
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Lewis\Desktop\Addition.txt
Deleted : C:\Users\Lewis\Desktop\aswmbr.exe
Deleted : C:\Users\Lewis\Desktop\aswMBR.txt
Deleted : C:\Users\Lewis\Desktop\defogger_disable.log
Deleted : C:\Users\Lewis\Desktop\Extras.Txt
Deleted : C:\Users\Lewis\Desktop\Fixlog.txt
Deleted : C:\Users\Lewis\Desktop\FRST.txt
Deleted : C:\Users\Lewis\Desktop\FRST64.exe
Deleted : C:\Users\Lewis\Desktop\JRT (1).exe
Deleted : C:\Users\Lewis\Desktop\JRT.txt
Deleted : C:\Users\Lewis\Desktop\MBR.dat
Deleted : C:\Users\Lewis\Desktop\OTL.Txt
Deleted : C:\Users\Lewis\Desktop\OTL.exe
Deleted : C:\Users\Lewis\Desktop\Shortcut.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Services\aswMBR
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #34 [Installed RuneScape Launcher 1.2.3 | 01/02/2015 08:16:12]
Deleted : RP #35 [Scheduled Checkpoint | 01/10/2015 02:13:25]
Deleted : RP #36 [Installed Intel® Hardware Accelerated Execution Manager | 01/11/2015 10:03:49]
Deleted : RP #37 [Restore Operation | 01/12/2015 17:59:54]
Deleted : RP #39 [Restore Point Created by FRST | 01/13/2015 16:26:17]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0

#12
ruggie_uk
Posted 13 January 2015 - 01:56 PM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts
Excellent you are good to go. :D
  • 1

#13
USSVoyager
Posted 13 January 2015 - 01:57 PM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Excellent you are good to go. :D

 

Quick question.

 

I'm unable to download CryptoPrevent & NoScript for Google Chrome, how can I download them? links don't go anywhere.


Edited by USSVoyager, 13 January 2015 - 01:57 PM.

  • 0

#14
ruggie_uk
Posted 13 January 2015 - 02:03 PM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts
https://www.foolishi.../cryptoprevent/

Big blue button right at the bottom.

My bad - I updated my windows 7 script but not 8.

https://chrome.googl...ahbdbdgdf?hl=en

This is ScriptSafe/ScriptNo
  • 2

#15
USSVoyager
Posted 13 January 2015 - 03:05 PM

USSVoyager

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Thank you.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP