Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Adware pop up, non detected [Solved]

Started by Darke , Apr 09 2015 03:29 AM
adware firefox

  • This topic is locked This topic is locked

#1
Darke
Posted 09 April 2015 - 03:29 AM

Darke

    Member

  • Member
  • PipPip
  • 12 posts

I am starting to be desperate. Somehow I catched ugly adware, creating ad pop up. At first it infected all browsers, Firefox, Chrome and Ie... I´ve run serie of scans, Avast, Norton, Hitman, SuperAntiSpyware... I´ve removed pop up ads from Chrome and Internet explorer but not from Firefox. I´ve checked installed programs many times, there is nothing suspicious, I´ve uninstalled all extensions from Firefox, created new profil. All antiviruses and antiadwares I mentioned can´t find anything at all. Any help would be appreciated.

 

Maybe it is worth to mention that popup windows are called: "ads by name", I´ve found several outdated guides how to remove them, but they all kinda expect some recently installed software, some extensions in browser and such, neither of those is case.

 

PS: only software that finds something is SpyHunter 4, actually it finds a lot, but given people experience and how their license works I kinda feel like they just generates some random issues and hope that user will buy their software.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Darke (administrator) on VOIDSTORM on 09-04-2015 11:48:01
Running from C:\Users\Darke\Downloads
Loaded Profiles: Darke (Available profiles: Darke)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ANSYS, Inc.) B:\Shared Files\Licensing\winx64\ansysli_server.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
(Dropbox, Inc.) C:\Users\Darke\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Power Software Ltd) B:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(LogMeIn, Inc.) B:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn, Inc.) B:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ANSYS, Inc.) B:\Shared Files\Licensing\winx64\ansysli_monitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Flexera Software LLC) B:\Shared Files\Licensing\winx64\lmgrd.exe
(ANSYS, Inc.) B:\Shared Files\Licensing\winx64\ansyslmd.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
() C:\Users\Darke\Downloads\bitdefender_tsecurity.exe
(Bitdefender) C:\Users\Darke\AppData\Local\Temp\RarSFX0\setupdownloader.exe
() C:\ProgramData\ASUS\AI Suite III\Setup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2014-05-16] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2014-05-16] ()
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PWRISOVM.EXE] => b:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM-x32\...\Run: [bdruninstaller] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"setupdownloader.exe" /args:"/token:tsecurity /after_restart"
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Run: [icq] => C:\Users\Darke\AppData\Roaming\ICQM\icq.exe [35239432 2014-11-05] (ICQ)
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\system: [DisableLockWorkstationMythBackup] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\Users\Darke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1243830967-3492521458-558565078-1000 -> {03CE1DFA-B2FA-4674-A3C9-93C69997D703} URL = http://tv.seznam.cz/...ickSearch_13415
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-03-29] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-03-29] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> B:\Program Files (x86)\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> B:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Tcpip\..\Interfaces\{8CEBE121-3759-4E2B-83B1-704D40A8F162}: [NameServer] 158.196.149.9,158.196.162.8
 
FireFox:
========
FF ProfilePath: C:\Users\Darke\AppData\Roaming\Mozilla\Firefox\Profiles\iu8fwyqf.Test
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-03-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-03-29] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-01-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> B:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1243830967-3492521458-558565078-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1243830967-3492521458-558565078-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1243830967-3492521458-558565078-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Darke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-20] (Apple Inc.)
StartMenuInternet: FIREFOX.EXE - B:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=16805
CHR Profile: C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (YouTube) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google Search) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-25]
CHR Extension: (ikknnkomiokeodcdkknnhgjmncfiefmn) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn [2015-04-01]
CHR Extension: (AdBlock Plus) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\kphmpbcadbchedbfdpcimhcddhbfhpjp [2014-10-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-29]
CHR Extension: (Adblock Plus Chrome) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\omihghdlmaedmkipdikamnejbeecjcim [2014-10-25]
CHR Extension: (Gmail) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-06-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2014-05-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-13] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-06] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 IPClampService; C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe [45700 2007-11-20] () [File not signed]
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.)
R2 ANSYS, Inc. License Manager; "B:\Shared Files\Licensing\winx64\ansysli_server.exe" -nodaemon -k runservice [X]
R2 Hamachi2Svc; "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]
S3 wampapache64; "B:\wamp\bin\apache\apache2.4.9\bin\httpd.exe" -k runservice [X]
S3 wampmysqld64; B:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-05-17] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1266688 2014-05-16] (C-Media Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VSPerfDrv100; \??\B:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] ()
S3 VSPerfDrv110; \??\B:\Program Files (x86)\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 aswMBR; \??\C:\Users\Darke\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Darke\AppData\Local\Temp\aswVmm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-09 11:45 - 2015-04-09 11:13 - 05198336 _____ (AVAST Software) C:\Users\Darke\Downloads\Unconfirmed 566022 - Copy.crdownload
2015-04-09 11:35 - 2015-04-09 11:35 - 00000816 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-09 11:35 - 2015-04-09 11:35 - 00000816 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-09 11:34 - 2015-04-09 11:34 - 40866864 _____ () C:\Users\Darke\Downloads\Firefox Setup 37.0.1 (1).exe
2015-04-09 11:22 - 2015-04-09 11:48 - 00033594 _____ () C:\Users\Darke\Downloads\FRST.txt
2015-04-09 11:22 - 2015-04-09 11:48 - 00000000 ____D () C:\FRST
2015-04-09 11:22 - 2015-04-09 11:40 - 00056800 _____ () C:\Users\Darke\Downloads\Addition.txt
2015-04-09 11:22 - 2015-04-09 11:22 - 02095616 _____ (Farbar) C:\Users\Darke\Downloads\FRST64.exe
2015-04-09 11:20 - 2015-04-09 11:20 - 00129400 _____ () C:\Users\Darke\Downloads\OTL.Txt
2015-04-09 11:20 - 2015-04-09 11:20 - 00083114 _____ () C:\Users\Darke\Downloads\Extras.Txt
2015-04-09 11:13 - 2015-04-09 11:13 - 05198336 _____ (AVAST Software) C:\Users\Darke\Downloads\Unconfirmed 566022.crdownload
2015-04-09 11:05 - 2015-04-09 11:05 - 02868848 _____ () C:\Users\Darke\Downloads\bitdefender_tsecurity.exe
2015-04-09 11:05 - 2015-04-09 11:05 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-04-09 07:30 - 2015-04-09 07:34 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-04-09 07:30 - 2015-04-09 07:30 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2015-04-09 05:22 - 2015-04-09 05:22 - 00000000 _____ () C:\autoexec.bat
2015-04-09 05:19 - 2015-04-09 05:19 - 00000000 ____D () C:\Users\Darke\AppData\Local\UnrealEngineLauncher
2015-04-09 05:12 - 2015-04-09 06:03 - 00000000 ____D () C:\Users\Darke\Desktop\Old Firefox Data
2015-04-09 05:08 - 2015-04-09 05:08 - 02347384 _____ (ESET) C:\Users\Darke\Downloads\esetsmartinstaller_enu.exe
2015-04-09 05:07 - 2015-04-09 05:08 - 159716632 _____ (Microsoft Corporation) C:\Users\Darke\Downloads\msert.exe
2015-04-09 04:55 - 2015-04-09 04:55 - 40866864 _____ () C:\Users\Darke\Downloads\Firefox Setup 37.0.1.exe
2015-04-08 18:03 - 2015-04-08 18:03 - 00001167 _____ () C:\Users\Public\Desktop\Distant Star Revenant Fleet.lnk
2015-04-08 18:03 - 2015-04-08 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blazing Griffin Ltd
2015-04-08 12:00 - 2015-04-08 12:00 - 05587656 _____ () C:\Users\Darke\Downloads\HDRSample.zip
2015-04-08 11:54 - 2015-04-08 11:54 - 05850698 _____ () C:\Users\Darke\Downloads\MotionBlurSample (1).zip
2015-04-08 11:54 - 2015-04-08 11:54 - 00000000 ____D () C:\Users\Darke\Downloads\MotionBlurSample (1)
2015-04-08 06:16 - 2015-04-08 06:16 - 49797120 _____ () C:\Users\Darke\Downloads\S2011_SecretsCryENGINE3Tech.ppt
2015-04-07 18:47 - 2015-04-09 11:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 05:53 - 2015-04-06 05:53 - 00000000 ____D () C:\Users\Darke\Documents\Heroes of the Storm
2015-04-06 05:13 - 2015-04-06 05:13 - 03081784 _____ (Blizzard Entertainment) C:\Users\Darke\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2015-04-06 04:38 - 2015-04-06 04:38 - 00000000 ____D () C:\Users\Darke\Downloads\Shallow_Space_PC_x86_0.7.01
2015-04-05 01:16 - 2015-04-05 01:17 - 00000000 ____D () C:\Users\Darke\Downloads\MegaParticlesDemo
2015-04-05 01:16 - 2015-04-05 01:16 - 01672365 _____ () C:\Users\Darke\Downloads\MegaParticlesDemo.zip
2015-04-04 14:02 - 2015-04-04 14:25 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-04-04 14:02 - 2015-04-04 14:22 - 00018262 ____H () C:\ProgramData\adskflex_00691b00_tsf.bck
2015-04-04 14:02 - 2015-04-04 14:19 - 00018262 _____ () C:\ProgramData\adskflex_00691b00_tsf.data_backup.001
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\Documents\Colossal Order
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Colossal Order
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\.mono
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\AppData\Local\Colossal Order
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\ProgramData\.mono
2015-04-01 23:51 - 2015-04-01 23:51 - 21564040 _____ (SUPERAntiSpyware) C:\Users\Darke\Downloads\Unconfirmed 145037.crdownload
2015-04-01 23:51 - 2015-04-01 23:51 - 21564040 _____ (SUPERAntiSpyware) C:\Users\Darke\Downloads\SUPERAntiSpyware (1).exe
2015-04-01 23:36 - 2015-04-01 23:36 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Darke\Downloads\mbam-setup-2.1.4.1018(1).exe
2015-04-01 23:35 - 2015-04-01 23:35 - 00000627 _____ () C:\Users\Darke\Desktop\JRT.txt
2015-04-01 23:26 - 2015-04-01 23:26 - 00040263 _____ () C:\ComboFix.txt
2015-04-01 23:20 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-01 23:20 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-01 23:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-01 23:19 - 2015-04-01 23:26 - 00000000 ____D () C:\Qoobox
2015-04-01 23:19 - 2015-04-01 23:24 - 00000000 ____D () C:\Windows\erdnt
2015-04-01 23:19 - 2015-04-01 23:19 - 05617096 ____R (Swearware) C:\Users\Darke\Downloads\ComboFix.exe
2015-04-01 23:17 - 2015-04-01 21:35 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw85C.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw9F6.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00271200 _____ () C:\Windows\system32\Drivers\aswA16.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswAD3.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw8BA.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw9B6.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00065736 _____ () C:\Windows\system32\Drivers\asw9D6.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00029168 _____ () C:\Windows\system32\Drivers\asw996.tmp
2015-04-01 21:34 - 2015-04-09 11:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-01 21:34 - 2015-04-01 21:34 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Darke\Downloads\avast_free_antivirus_setup_online.exe
2015-04-01 21:20 - 2015-04-01 21:20 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-VOIDSTORM-Windows-7-Ultimate-(64-bit).dat
2015-04-01 21:20 - 2015-04-01 21:20 - 00000000 ____D () C:\RegBackup
2015-04-01 20:48 - 2015-04-01 20:48 - 03032229 _____ (Thisisu) C:\Users\Darke\Downloads\JRT(1).exe
2015-04-01 20:48 - 2015-04-01 20:48 - 02208768 _____ () C:\Users\Darke\Downloads\adwcleaner_4.200.exe
2015-04-01 20:05 - 2015-04-01 20:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Darke\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-01 19:03 - 2015-04-01 20:40 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-01 18:03 - 2015-04-01 21:41 - 00000000 ____D () C:\Program Files (x86)\dr games
2015-04-01 05:24 - 2015-04-01 05:24 - 00000743 _____ () C:\Users\Darke\Desktop\Cities Skylines.lnk
2015-04-01 05:24 - 2015-04-01 05:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2015-03-31 16:03 - 2015-03-31 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU
2015-03-31 04:36 - 2015-03-31 04:36 - 00001503 _____ () C:\Users\Darke\AppData\Local\recently-used.xbel
2015-03-30 21:53 - 2015-03-30 21:53 - 00000000 ____D () C:\Users\Darke\Documents\KoeiTecmo
2015-03-30 21:23 - 2015-03-30 21:23 - 00000613 _____ () C:\Users\Public\Desktop\DEAD OR ALIVE 5 Last Round.lnk
2015-03-30 21:23 - 2015-03-30 21:23 - 00000613 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEAD OR ALIVE 5 Last Round.lnk
2015-03-29 23:41 - 2015-03-29 23:41 - 00058757 _____ () C:\Users\Darke\Downloads\MatCapBakerv1_7.zip
2015-03-29 23:41 - 2015-03-29 23:41 - 00000000 ____D () C:\Users\Darke\Downloads\MatCapBakerv1_7
2015-03-29 22:58 - 2015-03-31 02:51 - 00000000 ____D () C:\Users\Darke\Documents\xNormal
2015-03-29 22:58 - 2015-03-29 22:58 - 00001125 _____ () C:\Users\Public\Desktop\xNormal 3.18.10 (x64).lnk
2015-03-29 22:58 - 2015-03-29 22:58 - 00000000 ____D () C:\ProgramData\Sun
2015-03-29 22:58 - 2015-03-29 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-29 22:58 - 2015-03-29 22:57 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-29 22:57 - 2015-04-01 21:31 - 00000000 ____D () C:\Program Files\Santiago Orgaz
2015-03-29 22:57 - 2015-03-29 22:57 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-29 22:57 - 2015-03-29 22:57 - 00000000 ____D () C:\Program Files\Java
2015-03-28 17:43 - 2015-03-28 17:43 - 12638059 _____ () C:\Users\Darke\Downloads\FastBlurs.zip
2015-03-28 17:43 - 2015-03-28 17:43 - 00000000 ____D () C:\Users\Darke\Downloads\FastBlurs
2015-03-27 22:17 - 2015-03-27 22:17 - 00000862 _____ () C:\Users\Public\Desktop\Pillars of Eternity.lnk
2015-03-26 04:00 - 2015-03-26 04:00 - 00456704 _____ () C:\Users\Darke\Downloads\A150210_VEN_024_DANE_2014C.XLS
2015-03-25 05:39 - 2015-03-25 05:39 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\MiKTeX
2015-03-25 05:39 - 2015-03-25 05:39 - 00000000 ____D () C:\Users\Darke\AppData\Local\MiKTeX
2015-03-25 05:38 - 2015-03-25 05:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2015-03-25 05:37 - 2015-03-25 05:37 - 00000000 ____D () C:\ProgramData\MiKTeX
2015-03-25 05:37 - 2015-03-25 05:37 - 00000000 ____D () C:\Program Files (x86)\MiKTeX 2.9
2015-03-25 05:36 - 2015-03-25 05:37 - 171108104 _____ (MiKTeX.org) C:\Users\Darke\Downloads\basic-miktex-2.9.5105.exe
2015-03-23 19:40 - 2015-03-23 19:40 - 11377972 _____ () C:\Users\Darke\Downloads\MonoGame-develop.zip
2015-03-22 23:52 - 2015-03-22 23:52 - 18518646 _____ (InstallShield Software Corporation) C:\Users\Darke\Downloads\Photoshop_Plugins_x64_8.55.0109.1800(1).exe
2015-03-20 14:27 - 2015-03-20 14:30 - 00000000 ____D () C:\Users\Darke\Documents\GitHub
2015-03-20 14:27 - 2015-03-20 14:27 - 00000000 ____D () C:\Users\Darke\.ssh
2015-03-20 14:26 - 2015-03-27 17:43 - 00000000 ____D () C:\Users\Darke\AppData\Local\GitHub
2015-03-20 14:26 - 2015-03-27 17:20 - 00002142 _____ () C:\Users\Darke\Desktop\Git Shell.lnk
2015-03-20 14:26 - 2015-03-27 17:20 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\GitHub
2015-03-20 14:26 - 2015-03-20 14:26 - 00000308 _____ () C:\Users\Darke\Desktop\GitHub.appref-ms
2015-03-20 14:26 - 2015-03-20 14:26 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-03-20 14:24 - 2015-03-20 14:25 - 00675936 _____ () C:\Users\Darke\Downloads\GitHubSetup.exe
2015-03-20 14:16 - 2015-03-20 14:16 - 00002306 _____ () C:\Users\Darke\Downloads\SearchTex.dds
2015-03-20 14:12 - 2015-03-20 14:12 - 00000000 ____D () C:\Users\Darke\Downloads\smaa-master(1)
2015-03-20 14:11 - 2015-03-20 14:12 - 15225574 _____ () C:\Users\Darke\Downloads\smaa-master(1).zip
2015-03-20 14:07 - 2015-03-20 14:07 - 15225574 _____ () C:\Users\Darke\Downloads\smaa-master.zip
2015-03-20 14:07 - 2015-03-20 14:07 - 00000000 ____D () C:\Users\Darke\Downloads\smaa-master
2015-03-20 02:45 - 2015-03-20 02:45 - 00000000 ____D () C:\Users\Darke\Downloads\CMAA1.3_26March2014
2015-03-20 02:44 - 2015-03-20 02:45 - 80513591 _____ () C:\Users\Darke\Downloads\CMAA1.3_26March2014.7z
2015-03-13 20:45 - 2015-03-13 20:45 - 06720088 _____ () C:\Users\Darke\Downloads\wordpress-4.1.1.zip
2015-03-12 22:55 - 2015-03-12 22:55 - 00771462 _____ () C:\Users\Darke\Downloads\depthrecovery.zip
2015-03-12 22:55 - 2015-03-12 22:55 - 00000000 ____D () C:\Users\Darke\Downloads\depthrecovery
2015-03-12 02:12 - 2015-03-12 02:12 - 01334628 _____ () C:\Users\Darke\Downloads\wp-theme-html5-boilerplate-master.zip
2015-03-12 01:58 - 2015-03-12 01:58 - 00104371 _____ () C:\Users\Darke\Downloads\html5-boilerplate_v5.0.0.zip
2015-03-12 01:58 - 2015-03-12 01:58 - 00000000 ____D () C:\Users\Darke\Downloads\html5-boilerplate_v5.0.0
2015-03-12 01:56 - 2015-03-12 01:57 - 00030315 _____ () C:\Users\Darke\Downloads\WordPress-Plugin-Boilerplate-master.zip
2015-03-10 17:43 - 2015-03-10 17:43 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\com.ohnoo.Tormentum
2015-03-10 03:01 - 2015-03-10 03:01 - 00000036 _____ () C:\Users\Darke\Documents\a.txt
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-09 11:44 - 2014-05-18 14:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-09 11:33 - 2009-01-01 00:38 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Skype
2015-04-09 11:17 - 2014-06-29 18:33 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-09 11:10 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 11:10 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-09 11:08 - 2009-07-14 07:13 - 00872704 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 11:05 - 2014-05-16 01:13 - 01843368 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 11:03 - 2014-06-29 18:33 - 00000000 ____D () C:\Users\Darke\AppData\Local\LogMeIn Hamachi
2015-04-09 11:03 - 2014-05-17 21:44 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Dropbox
2015-04-09 11:02 - 2014-06-29 18:33 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-09 11:02 - 2014-05-16 01:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-09 11:02 - 2010-11-21 05:47 - 00772542 _____ () C:\Windows\PFRO.log
2015-04-09 11:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 11:02 - 2009-07-14 06:51 - 00134115 _____ () C:\Windows\setupact.log
2015-04-09 11:02 - 2009-01-01 00:04 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-04-09 11:00 - 2014-07-09 21:09 - 00000000 ____D () C:\Users\Darke\AppData\Local\Battle.net
2015-04-09 10:57 - 2014-11-09 20:19 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2015-04-09 10:57 - 2014-05-25 19:28 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243830967-3492521458-558565078-1000UA.job
2015-04-09 10:57 - 2014-05-25 19:28 - 00000000 ____D () C:\Users\Darke\AppData\Local\Google
2015-04-09 10:57 - 2014-05-16 01:21 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Mozilla
2015-04-09 10:55 - 2014-06-03 20:26 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Solveig Multimedia
2015-04-09 08:35 - 2014-05-18 13:30 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\vlc
2015-04-09 08:22 - 2014-05-17 12:42 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\uTorrent
2015-04-09 07:18 - 2015-01-07 10:17 - 00000000 ____D () C:\Users\Darke\AppData\Local\Deployment
2015-04-09 07:18 - 2014-09-21 22:40 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Seznam.cz
2015-04-09 07:18 - 2014-09-21 22:40 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-04-09 07:17 - 2015-01-21 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSC.Software
2015-04-09 07:14 - 2014-10-12 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-04-09 05:19 - 2014-05-18 22:55 - 00000000 ____D () C:\ProgramData\Epic
2015-04-09 04:14 - 2014-05-19 15:32 - 00000985 _____ () C:\Users\Darke\Desktop\Dropbox.lnk
2015-04-09 04:14 - 2014-05-17 21:44 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 04:13 - 2014-08-04 10:59 - 00000000 ____D () C:\Users\Darke\AppData\Local\Adobe
2015-04-08 14:57 - 2014-05-25 19:28 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243830967-3492521458-558565078-1000Core.job
2015-04-08 11:56 - 2014-05-24 18:51 - 00000000 ____D () C:\Users\Darke\Documents\Visual Studio 2010
2015-04-08 11:34 - 2014-05-21 02:04 - 00000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe PNG Format CC Prefs
2015-04-08 11:29 - 2014-05-23 02:25 - 00001456 _____ () C:\Users\Darke\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-04-07 11:18 - 2014-09-30 17:02 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-06 22:20 - 2014-06-23 14:57 - 00000000 ____D () C:\Users\Darke\Documents\MATLAB
2015-04-06 05:53 - 2014-07-09 21:09 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-04-05 01:52 - 2014-12-23 21:19 - 00000000 ____D () C:\Users\Darke\Documents\Visual Studio 2012
2015-04-03 21:18 - 2014-06-29 18:33 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-01 23:32 - 2014-09-30 14:44 - 00000000 ____D () C:\AdwCleaner
2015-04-01 23:26 - 2015-01-07 10:17 - 00000000 ____D () C:\Users\Darke\AppData\Local\Apps\2.0
2015-04-01 23:24 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-01 21:41 - 2015-01-07 10:24 - 00000000 ____D () C:\Users\Darke\Downloads\wpepro09mod (2)
2015-04-01 21:41 - 2014-09-11 12:57 - 00000000 ____D () C:\Users\Darke\Documents\launcher2
2015-04-01 21:41 - 2014-08-17 00:34 - 00000000 ____D () C:\Program Files (x86)\Lazy Nezumi Pro
2015-04-01 21:33 - 2014-09-30 19:02 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2015-03-31 05:14 - 2014-09-16 01:21 - 00000000 ____D () C:\Users\Darke\.gimp-2.8
2015-03-30 19:23 - 2015-02-03 12:43 - 00000000 ____D () C:\Users\Darke\AppData\Local\EpicGamesLauncher
2015-03-30 15:25 - 2014-06-29 18:33 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-29 22:57 - 2014-05-17 22:35 - 00115566 _____ () C:\Windows\DirectX.log
2015-03-27 22:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-27 17:20 - 2014-05-16 01:12 - 00000000 ____D () C:\Users\Darke
2015-03-26 05:07 - 2014-05-18 23:45 - 00000000 ____D () C:\Users\Darke\Documents\Unreal Projects
2015-03-25 03:01 - 2014-05-24 16:56 - 00000000 ____D () C:\Users\Darke\AppData\Local\licensecb
2015-03-25 02:59 - 2014-05-24 16:56 - 00000000 ____D () C:\ProgramData\licensecb
2015-03-22 23:52 - 2015-02-24 00:37 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll
2015-03-22 23:52 - 2015-02-24 00:37 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll
2015-03-10 02:23 - 2015-03-09 23:47 - 00000404 _____ () C:\Users\Darke\Documents\t1.txt
 
==================== Files in the root of some directories =======
 
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC
2014-09-12 15:21 - 2014-12-14 13:43 - 0000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe BMP Format CC Prefs
2014-05-21 02:04 - 2015-04-08 11:34 - 0000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe PNG Format CC Prefs
2015-01-05 18:55 - 2015-01-05 18:57 - 0000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe Targa Format CC Prefs
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Darke\AppData\Roaming\DJJWBUH
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Darke\AppData\Roaming\YSISC
2014-05-23 02:25 - 2015-04-08 11:29 - 0001456 _____ () C:\Users\Darke\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-06-03 20:26 - 2014-09-08 14:37 - 0010752 _____ () C:\Users\Darke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-05 06:41 - 2014-11-05 06:41 - 0000000 ___SH () C:\Users\Darke\AppData\Local\LumaEmu
2015-03-31 04:36 - 2015-03-31 04:36 - 0001503 _____ () C:\Users\Darke\AppData\Local\recently-used.xbel
2014-05-18 20:52 - 2015-01-30 04:25 - 0007626 _____ () C:\Users\Darke\AppData\Local\Resmon.ResmonCfg
2015-04-04 14:02 - 2015-04-04 14:22 - 0018262 ____H () C:\ProgramData\adskflex_00691b00_tsf.bck
2015-04-04 14:02 - 2015-04-04 14:19 - 0018262 _____ () C:\ProgramData\adskflex_00691b00_tsf.data_backup.001
 
Some content of TEMP:
====================
C:\Users\Darke\AppData\Local\Temp\AcDeltree.exe
C:\Users\Darke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp754ryk.dll
C:\Users\Darke\AppData\Local\Temp\SpyHunter.exe
C:\Users\Darke\AppData\Local\Temp\Uninstall.exe
C:\Users\Darke\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-04 00:25
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Darke at 2015-04-09 11:48:13
Running from C:\Users\Darke\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
Allegorithmic Bitmap2Material 3.0.1 (HKLM-x32\...\bitmap2material_3_x) (Version: 3.0.1 build 14565 (2014-10-21) - Allegorithmic)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ASUS Xonar DX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - Canon Inc.)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Distant Star Revenant Fleet (HKLM-x32\...\Distant Star Revenant Fleet_is1) (Version:  - )
Divinity Original Sin (HKLM-x32\...\RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1) (Version: 1 - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dragon Age Inquisition DELUXE EDITION version 1.2 (HKLM-x32\...\{969CF72C-033C-47A6-A767-65B26AFEF0FC}_is1) (Version: 1.2 - BioWare)
Dropbox (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dying Light Update v1.2.1 (HKLM-x32\...\RHlpbmdMaWdodA==_is1) (Version: 1 - )
Emscripten SDK 64-bit (HKLM\...\Emscripten) (Version:  - )
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
finalRender R3.5 SP7a for 3ds Max 2012x64 (HKLM\...\{A35B9024-BEA3-40F5-AD37-78B0102AF22A}) (Version: 3.5.8 - cebas VISUAL TECHNOLOGY Inc.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FumeFX 3.5.4 R2012 64-bit (HKLM-x32\...\{5C07567F-6784-406D-B9C9-DBDED85FFBAD}) (Version:  - )
GitHub (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\5f7eb300e2ea4ebf) (Version: 2.12.1.3 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
ICQ 8.2 (verze 7138) (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\ICQ) (Version: 8.2.7138.0 - ICQ)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
IP-Clamp Service (HKLM-x32\...\{6BC52438-5DE4-4102-846E-64C225A0A04E}) (Version: 1.2.0 - cebas VISUAL TECHNOLOGY Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Kolor Autopano Giga 3.7 (HKLM\...\AutopanoGiga3.7) (Version: V3.7.0 - Kolor)
Lazy Nezumi Pro 14.2.5.1214 (HKLM-x32\...\Lazy Nezumi Pro_is1) (Version: 14.2.5.1214 - Guillaume Stordeur)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31125 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{f9024a51-ab45-4a46-b597-ce12f74963c7}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft WebMatrix 3 (HKLM-x32\...\{4C1CB8FA-89A5-476A-89B6-C69BDC668A9F}) (Version: 2.0.1932 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Miranda IM (HKLM-x32\...\Miranda IM) (Version: 0.10.24 - Miranda IM Project)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-75a211df-250b-4ce9-952b-ead2810b30f4) (Version:  - Epic Games, Inc.)
Myth II: Soulblighter version 1.7.1 (HKLM-x32\...\{52B9E460-AE08-4DA0-9952-2A1542519B69}_is1) (Version: 1.7.1 - Bungie Software)
Myth III: The Wolf Age version 1.3.1 (HKLM-x32\...\{139D63A3-A9DC-48CC-97DA-2963038975DC}_is1) (Version: 1.3.1 - MumboJumbo)
Myth: The Fallen Lords version 1.5 (HKLM-x32\...\{3B537865-547A-4245-AFE1-53353C744D80}_is1) (Version: 1.5 - Eidos Interactive)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Nsight Tegra v1.5, Visual Studio Edition (HKLM-x32\...\{E9DC4484-7E49-4060-A858-27E2B1DE6BD7}) (Version: 1.5.0.14062 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Tegra Android Development Pack 2.0r8 (HKLM-x32\...\NVIDIA Tegra Android Development Pack 2.0r8) (Version: 2.0r8 - NVIDIA Corporation)
Patran 2013 64-Bit (HKLM-x32\...\{CE86A41E-641E-4437-8C26-555ADD2DE4BF}) (Version: 20.0.0 - MSC.Software Corporation)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Phoenix FD for 3ds Max 2012 for x64 (HKLM\...\Phoenix FD for 3ds Max 2012 for x64) (Version: 2.10.10 - Chaos Software Ltd)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
PoserFusion 2014 for 3ds Max (HKLM-x32\...\PoserFusion 2014 for 3ds Max_is1) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RayFire 1.62 - 3ds Max 2012 - 64 bit - Demo (HKLM-x32\...\RayFire) (Version: 1.62 - 3ds Max 2012 - 64 bit - Demo - Mir Vadim)
RivaTuner Statistics Server 5.2.0 (HKLM-x32\...\RTSS) (Version: 5.2.0 - Unwinder)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedTree for Unreal Engine 4 Subscription version 7.0.7 (HKLM\...\{20F180DA-2BAF-4D84-BE0C-70F0DB1DABB7}_is1) (Version: 7.0.7 - )
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
TexturePacker (HKLM\...\{33C1B8B0-32CE-42BE-ABBA-7B0A23AC4210}) (Version: 3.4.0 - code-and-web.de)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Unity Web Player (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Unreal Engine (HKLM\...\{0EB63BF4-FE9C-4F79-AF61-A2711CA7FD30}) (Version: 1.1.2.0 - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
V-Ray for 3dsmax 2012 for x64 (HKLM\...\V-Ray for 3dsmax 2012 for x64) (Version: 2.40.03 - Chaos Software Ltd)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{83B0E426-D4EE-11D4-BEDF-BAB7F1EEA455}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2012\addflow4.ocx (Lassalle Technologies)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
04-04-2015 00:29:17 Scheduled Checkpoint
09-04-2015 07:14:56 Removed Dassault Systemes Software VC9 Prerequisites x86-x64
09-04-2015 07:15:14 Removed MSC Nastran
09-04-2015 07:17:56 Removed Nokia Connectivity Cable Driver
09-04-2015 07:30:49 Installed SpyHunter
09-04-2015 07:34:06 Removed SpyHunter
09-04-2015 07:34:38 Removed SpyHunter
09-04-2015 07:42:39 avast! antivirus system restore point
09-04-2015 10:56:26 Removed Dotfuscator Software Services - Community Edition
09-04-2015 10:57:35 Removed Google Talk Plugin
09-04-2015 10:58:13 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2015-04-09 07:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0A21C15F-30F4-4E2D-AFCF-3B8342028847} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {22863B74-F049-4FEF-A709-5224EC02BC7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {31B66A52-B82B-4CF6-9A7F-DCDE2CCC23DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3819C210-2698-4593-9DEF-CD355D916234} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {3D7ECFC9-0AE5-4615-A4C4-CD3F4A6FEE25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4B1861AC-70BA-427C-BED6-ADE80A481A3F} - System32\Tasks\{C08842DC-DAC5-4544-BE6D-495B9CD05979} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
Task: {52B33883-87D2-4D52-9DB0-92E648697019} - \SPDriver No Task File <==== ATTENTION
Task: {5BDF76CA-B108-4375-9E31-2C2C796A2104} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1243830967-3492521458-558565078-1000UA => C:\Users\Darke\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {6893BB6A-2BE3-454A-B015-D21A75CD174F} - \ShopperPro No Task File <==== ATTENTION
Task: {7C1018EE-55B6-4632-A495-6423A9895192} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {8598D19F-FB0B-482B-BE40-8E4F8C0610C3} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: {85E011F6-94A9-4637-888B-447BACE81CD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {8FA1966F-9D00-4E91-A52F-C68A011762A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {9AA663E4-B16E-4BB7-B04C-1426915373A7} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {AD79D4EE-90A1-4B66-8733-DBF62F91E6E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1243830967-3492521458-558565078-1000Core => C:\Users\Darke\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {C8D2F78D-6A9B-4616-9CA6-E8E076B4CF6B} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {DDB4F44F-7947-4AAD-880B-38B795C1DB43} - \SPBIW_UpdateTask_Time_313139303631393030312d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: {E5E7D62F-302D-4017-B2AB-2038CBDE5061} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-13] ()
Task: {E86FC039-B44B-4468-8061-5B010194D6F8} - System32\Tasks\AdobeAAMUpdater-1.0-Voidstorm-Darke => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243830967-3492521458-558565078-1000Core.job => C:\Users\Darke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243830967-3492521458-558565078-1000UA.job => C:\Users\Darke\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-05-16 01:27 - 2015-01-10 01:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () b:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-05-18 12:51 - 2013-07-24 10:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-05-18 12:51 - 2013-08-13 20:55 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2009-01-01 00:03 - 2014-05-16 01:30 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2009-01-01 00:03 - 2014-05-16 01:30 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2014-02-11 20:21 - 2014-02-11 20:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-05-18 12:46 - 2013-06-04 11:41 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2013-07-01 10:21 - 2013-07-01 10:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-07-01 01:16 - 2013-07-01 01:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2007-11-20 11:52 - 2007-11-20 11:52 - 00045700 _____ () C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
2013-07-01 10:21 - 2013-07-01 10:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2014-05-20 23:39 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2015-04-09 11:05 - 2015-04-09 11:05 - 02868848 _____ () C:\Users\Darke\Downloads\bitdefender_tsecurity.exe
2014-05-18 12:52 - 2013-08-07 08:21 - 01007896 _____ () C:\ProgramData\ASUS\AI Suite III\Setup.exe
2014-05-21 17:35 - 2014-04-01 08:07 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-05-21 17:35 - 2014-04-01 08:07 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-05-18 12:50 - 2013-08-07 19:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-05-18 12:51 - 2013-08-13 20:46 - 02745344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-05-18 12:51 - 2013-08-29 15:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-05-18 12:51 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
2014-05-18 12:50 - 2013-06-04 11:41 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-05-18 12:50 - 2013-08-07 19:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-05-18 12:51 - 2013-07-31 20:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-05-18 12:51 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2009-01-01 00:03 - 2014-05-16 01:30 - 00143360 ____N () C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll
2015-04-09 11:02 - 2015-04-09 11:02 - 00043008 _____ () c:\users\darke\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp754ryk.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-05-18 12:46 - 2015-04-09 11:02 - 00028672 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-05-18 12:46 - 2013-06-04 11:41 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-03 21:18 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-03 21:18 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-03 21:18 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2014-05-18 12:47 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-09 11:05 - 2013-09-03 14:29 - 00095088 _____ () C:\Users\Darke\AppData\Local\Temp\RarSFX0\BDMetrics.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Microsoft:A7x6gYnKEBY9hWJ6c7o9hyJ
AlternateDataStreams: C:\ProgramData\Microsoft:bGingG0carK7usY4asYmx1
AlternateDataStreams: C:\ProgramData\Microsoft:GEw5n19l1MPU0mwvg3BWQXkL
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\Darke\AppData\Local\Temporary Internet Files:8vRiAaOhq7jCkdQLS0CvP3Ij
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 94.74.192.252 - 94.74.192.244
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SketchBook Snapshot.lnk => C:\Windows\pss\SketchBook Snapshot.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\Darke\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: icq => C:\Users\Darke\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1243830967-3492521458-558565078-500 - Administrator - Disabled)
Darke (S-1-5-21-1243830967-3492521458-558565078-1000 - Administrator - Enabled) => C:\Users\Darke
Guest (S-1-5-21-1243830967-3492521458-558565078-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Shrew Soft Virtual Adapter #2
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/09/2015 11:17:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 4b8
 
Start Time: 01d072a5c6c589ce
 
Termination Time: 5
 
Application Path: C:\Users\Darke\Downloads\OTL.exe
 
Report Id:
 
Error: (04/09/2015 11:04:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 07:58:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: game.exe, version: 1.0.0.0, time stamp: 0x55191420
Faulting module name: game.exe, version: 1.0.0.0, time stamp: 0x55191420
Exception code: 0xc0000005
Fault offset: 0x003bfe28
Faulting process id: 0x1a14
Faulting application start time: 0xgame.exe0
Faulting application path: game.exe1
Faulting module path: game.exe2
Report Id: game.exe3
 
Error: (04/09/2015 07:43:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 07:35:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (04/09/2015 07:32:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SpyHunter4.exe version 4.1.11.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 18d0
 
Start Time: 01d072865e1bf3d5
 
Termination Time: 4
 
Application Path: C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
 
Report Id:
 
Error: (04/09/2015 07:14:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 07:03:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 05:08:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (04/09/2015 04:56:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (04/09/2015 11:02:10 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (04/03/2015 10:11:25 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
 
Microsoft Office Sessions:
=========================
Error: (04/09/2015 11:17:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OTL.exe3.2.69.04b801d072a5c6c589ce5C:\Users\Darke\Downloads\OTL.exe
 
Error: (04/09/2015 11:04:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 07:58:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: game.exe1.0.0.055191420game.exe1.0.0.055191420c0000005003bfe281a1401d0728866bbbdb3B:\Program Files (x86)\DEAD OR ALIVE 5 Last Round\game.exeB:\Program Files (x86)\DEAD OR ALIVE 5 Last Round\game.exe60439a12-de7d-11e4-a9a3-bcee7bdfe6c0
 
Error: (04/09/2015 07:43:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 07:35:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Darke\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/09/2015 07:32:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SpyHunter4.exe4.1.11.018d001d072865e1bf3d54C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
 
Error: (04/09/2015 07:14:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 07:03:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 05:08:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Darke\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/09/2015 04:56:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 24%
Total physical RAM: 16321.61 MB
Available physical RAM: 12272.48 MB
Total Pagefile: 32641.42 MB
Available Pagefile: 28233.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive a: (Inferno) (Fixed) (Total:931.41 GB) (Free:335.83 GB) NTFS
Drive b: (Void) (Fixed) (Total:931.51 GB) (Free:60.71 GB) NTFS
Drive c: (System) (Fixed) (Total:232.88 GB) (Free:79.5 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 74F68EE8)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 74F68EEC)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=931.4 GB) - (Type=42)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 34003BE0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edited by Darke, 09 April 2015 - 03:50 AM.

  • 0

Advertisements

#2
Essexboy
Posted 09 April 2015 - 08:53 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, lets see if we can get to the bottom of this. You currently have two antiviruses running, you should uninstall the one you do not intend to use

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR Extension: (ikknnkomiokeodcdkknnhgjmncfiefmn) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn [2015-04-01]
2015-04-09 07:30 - 2015-04-09 07:34 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU
2015-04-07 11:18 - 2014-09-30 17:02 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Darke\AppData\Roaming\DJJWBUH
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Darke\AppData\Roaming\YSISC
Task: {4B1861AC-70BA-427C-BED6-ADE80A481A3F} - System32\Tasks\{C08842DC-DAC5-4544-BE6D-495B9CD05979} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
Task: {52B33883-87D2-4D52-9DB0-92E648697019} - \SPDriver No Task File <==== ATTENTION
Task: {6893BB6A-2BE3-454A-B015-D21A75CD174F} - \ShopperPro No Task File <==== ATTENTION
Task: {9AA663E4-B16E-4BB7-B04C-1426915373A7} - \ShopperProJSUpd No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Microsoft:A7x6gYnKEBY9hWJ6c7o9hyJ
AlternateDataStreams: C:\ProgramData\Microsoft:bGingG0carK7usY4asYmx1
AlternateDataStreams: C:\ProgramData\Microsoft:GEw5n19l1MPU0mwvg3BWQXkL
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\Darke\AppData\Local\Temporary Internet Files:8vRiAaOhq7jCkdQLS0CvP3Ij
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
Darke
Posted 11 April 2015 - 10:06 AM

Darke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Thank a lot for your help, issues sadly still persists:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Darke at 2015-04-11 17:56:53 Run:1
Running from C:\Users\Darke\Downloads\New folder
Loaded Profiles: Darke (Available profiles: Darke)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR Extension: (ikknnkomiokeodcdkknnhgjmncfiefmn) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn [2015-04-01]
2015-04-09 07:30 - 2015-04-09 07:34 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU
2015-04-07 11:18 - 2014-09-30 17:02 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Darke\AppData\Roaming\DJJWBUH
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Darke\AppData\Roaming\YSISC
Task: {4B1861AC-70BA-427C-BED6-ADE80A481A3F} - System32\Tasks\{C08842DC-DAC5-4544-BE6D-495B9CD05979} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
Task: {52B33883-87D2-4D52-9DB0-92E648697019} - \SPDriver No Task File <==== ATTENTION
Task: {6893BB6A-2BE3-454A-B015-D21A75CD174F} - \ShopperPro No Task File <==== ATTENTION
Task: {9AA663E4-B16E-4BB7-B04C-1426915373A7} - \ShopperProJSUpd No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Microsoft:A7x6gYnKEBY9hWJ6c7o9hyJ
AlternateDataStreams: C:\ProgramData\Microsoft:bGingG0carK7usY4asYmx1
AlternateDataStreams: C:\ProgramData\Microsoft:GEw5n19l1MPU0mwvg3BWQXkL
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\Darke\AppData\Local\Temporary Internet Files:8vRiAaOhq7jCkdQLS0CvP3Ij
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
"HKU\S-1-5-21-1243830967-3492521458-558565078-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn directory not found.
C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP => Moved successfully.
C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC => Moved successfully.
C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU => Moved successfully.
C:\ProgramData\boost_interprocess => Moved successfully.
"C:\Users\Darke\AppData\Roaming\89KMWaYoA0VXndn7ITuqrZVjRYC" => File/Directory not found.
C:\Users\Darke\AppData\Roaming\DJJWBUH => Moved successfully.
"C:\Users\Darke\AppData\Roaming\fSjOm5kkOQy8BoRsU" => File/Directory not found.
C:\Users\Darke\AppData\Roaming\YSISC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B1861AC-70BA-427C-BED6-ADE80A481A3F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B1861AC-70BA-427C-BED6-ADE80A481A3F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C08842DC-DAC5-4544-BE6D-495B9CD05979} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C08842DC-DAC5-4544-BE6D-495B9CD05979}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{52B33883-87D2-4D52-9DB0-92E648697019}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52B33883-87D2-4D52-9DB0-92E648697019}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6893BB6A-2BE3-454A-B015-D21A75CD174F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6893BB6A-2BE3-454A-B015-D21A75CD174F}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AA663E4-B16E-4BB7-B04C-1426915373A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AA663E4-B16E-4BB7-B04C-1426915373A7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd => Key not found. 
C:\ProgramData\Microsoft => ":A7x6gYnKEBY9hWJ6c7o9hyJ" ADS removed successfully.
C:\ProgramData\Microsoft => ":bGingG0carK7usY4asYmx1" ADS removed successfully.
C:\ProgramData\Microsoft => ":GEw5n19l1MPU0mwvg3BWQXkL" ADS removed successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
"C:\Users\Darke\AppData\Local\Temporary Internet Files" => ":8vRiAaOhq7jCkdQLS0CvP3Ij" ADS not found.
"HKU\S-1-5-19\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-19\Software\Classes\.exe" => Key deleted successfully.
HKU\S-1-5-19\Software\Classes\exefile => Key not found. 
"HKU\S-1-5-20\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-20\Software\Classes\.exe" => Key deleted successfully.
HKU\S-1-5-20\Software\Classes\exefile => Key not found. 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
 
 
========= End of RemoveProxy: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
No operation can be performed on Tunngle while it has its media disconnected.
 
Ethernet adapter Tunngle:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::85a4:a1b7:8197:ffa2%11
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Hamachi:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2620:9b::1994:6e51
   Link-local IPv6 Address . . . . . : fe80::8b7:40bd:6558:7062%17
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
 
Tunnel adapter isatap.{A1DD2095-2521-4E8E-82B8-654629B0E994}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:28ea:8c5:4350:d091
   Link-local IPv6 Address . . . . . : fe80::28ea:8c5:4350:d091%12
   Default Gateway . . . . . . . . . : 
 
Tunnel adapter isatap.{A43BBA1E-2F95-4C88-9A0C-1C77D656EFAB}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.riomail.cz:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
No operation can be performed on Tunngle while it has its media disconnected.
 
Ethernet adapter Tunngle:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : riomail.cz
   Link-local IPv6 Address . . . . . : fe80::85a4:a1b7:8197:ffa2%11
   IPv4 Address. . . . . . . . . . . : 188.175.47.110
   Subnet Mask . . . . . . . . . . . : 255.255.254.0
   Default Gateway . . . . . . . . . : 188.175.46.1
 
Ethernet adapter Hamachi:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2620:9b::1994:6e51
   Link-local IPv6 Address . . . . . : fe80::8b7:40bd:6558:7062%17
   IPv4 Address. . . . . . . . . . . : 25.148.110.81
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
 
Tunnel adapter isatap.{A1DD2095-2521-4E8E-82B8-654629B0E994}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:28ea:8c5:4350:d091
   Link-local IPv6 Address . . . . . : fe80::28ea:8c5:4350:d091%12
   Default Gateway . . . . . . . . . : 
 
Tunnel adapter isatap.{A43BBA1E-2F95-4C88-9A0C-1C77D656EFAB}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.riomail.cz:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : riomail.cz
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 1.9 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 17:57:43 ====
 
 
# AdwCleaner v4.201 - Logfile created 11/04/2015 at 18:00:38
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Darke - VOIDSTORM
# Running from : C:\Users\Darke\Downloads\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v37.0.1 (x86 en-US)
 
 
-\\ Google Chrome v41.0.2272.118
 
 
*************************
 
AdwCleaner[R0].txt - [1118 bytes] - [30/09/2014 14:44:53]
AdwCleaner[R1].txt - [5762 bytes] - [01/04/2015 20:48:46]
AdwCleaner[R2].txt - [5634 bytes] - [01/04/2015 23:31:35]
AdwCleaner[R3].txt - [1244 bytes] - [10/04/2015 12:42:24]
AdwCleaner[R4].txt - [1210 bytes] - [11/04/2015 17:59:44]
AdwCleaner[S0].txt - [1149 bytes] - [30/09/2014 14:45:39]
AdwCleaner[S1].txt - [5672 bytes] - [01/04/2015 23:32:11]
AdwCleaner[S2].txt - [1315 bytes] - [10/04/2015 15:13:05]
AdwCleaner[S3].txt - [1136 bytes] - [11/04/2015 18:00:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1195  bytes] ##########
 

  • 0

#4
Essexboy
Posted 11 April 2015 - 11:11 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are they still appearing in Firefox only ?

Could I have a fresh FRST scan please
  • 0

#5
Darke
Posted 11 April 2015 - 02:52 PM

Darke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Yes, still Firefox only, tho I´ve seen strange extension in Chrome, I am pretty sure it wasnt there two days ago, bunch of random chars.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Darke (administrator) on VOIDSTORM on 11-04-2015 22:50:40
Running from C:\Users\Darke\Downloads\New folder
Loaded Profiles: Darke (Available profiles: Darke)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ANSYS, Inc.) B:\Shared Files\Licensing\winx64\ansysli_server.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
(Dropbox, Inc.) C:\Users\Darke\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Power Software Ltd) B:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(LogMeIn Inc.) B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) B:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) B:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ANSYS, Inc.) B:\Shared Files\Licensing\winx64\ansysli_monitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Flexera Software LLC) B:\Shared Files\Licensing\winx64\lmgrd.exe
(ANSYS, Inc.) B:\Shared Files\Licensing\winx64\ansyslmd.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(BitTorrent, Inc.) C:\Users\Darke\AppData\Roaming\uTorrent\utorrent.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\tray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2014-05-16] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2014-05-16] ()
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PWRISOVM.EXE] => b:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Run: [icq] => C:\Users\Darke\AppData\Roaming\ICQM\icq.exe [35239432 2014-11-05] (ICQ)
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-10] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\system: [DisableLockWorkstationMythBackup] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\Users\Darke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1243830967-3492521458-558565078-1000 -> {03CE1DFA-B2FA-4674-A3C9-93C69997D703} URL = http://tv.seznam.cz/...ickSearch_13415
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-03-29] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-03-29] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> B:\Program Files (x86)\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> B:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{8CEBE121-3759-4E2B-83B1-704D40A8F162}: [NameServer] 158.196.149.9,158.196.162.8
 
FireFox:
========
FF ProfilePath: C:\Users\Darke\AppData\Roaming\Mozilla\Firefox\Profiles\iu8fwyqf.Test
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-03-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-03-29] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-01-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> B:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1243830967-3492521458-558565078-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Darke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-20] (Apple Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=16805
CHR Profile: C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (YouTube) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google Search) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-25]
CHR Extension: (AdBlock Plus) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\kphmpbcadbchedbfdpcimhcddhbfhpjp [2014-10-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (SmoothScroll) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2015-04-11]
CHR Extension: (Google Wallet) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-29]
CHR Extension: (Adblock Plus Chrome) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\omihghdlmaedmkipdikamnejbeecjcim [2014-10-25]
CHR Extension: (Gmail) - C:\Users\Darke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-06-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2014-05-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-13] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-06] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708104 2015-04-10] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 IPClampService; C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe [45700 2007-11-20] () [File not signed]
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.)
R2 ANSYS, Inc. License Manager; "B:\Shared Files\Licensing\winx64\ansysli_server.exe" -nodaemon -k runservice [X]
R2 Hamachi2Svc; "B:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]
S3 wampapache64; "B:\wamp\bin\apache\apache2.4.9\bin\httpd.exe" -k runservice [X]
S3 wampmysqld64; B:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-05-17] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1266688 2014-05-16] (C-Media Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VSPerfDrv100; \??\B:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] ()
S3 VSPerfDrv110; \??\B:\Program Files (x86)\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-11 20:21 - 2015-04-11 20:21 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2015-04-11 20:21 - 2015-04-11 20:21 - 00001896 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-04-11 20:21 - 2015-04-11 20:21 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Garmin
2015-04-11 20:21 - 2015-04-11 20:21 - 00000000 ____D () C:\Users\Darke\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-11 20:21 - 2015-04-11 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-04-11 20:21 - 2015-04-11 20:21 - 00000000 ____D () C:\ProgramData\Garmin
2015-04-11 20:21 - 2015-04-11 20:21 - 00000000 ____D () C:\Program Files\DIFX
2015-04-11 20:21 - 2015-04-11 20:21 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-04-11 20:20 - 2015-04-11 20:21 - 40379624 _____ (Garmin Ltd or its subsidiaries) C:\Users\Darke\Downloads\GarminExpressInstaller.exe
2015-04-11 18:42 - 2015-04-11 18:42 - 00000710 _____ () C:\Users\Darke\Desktop\StarDrive 2.lnk
2015-04-11 18:42 - 2015-04-11 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarDrive 2
2015-04-11 18:03 - 2015-04-11 18:03 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-11 18:03 - 2015-04-11 18:03 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-11 18:03 - 2015-04-11 18:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-11 17:56 - 2015-04-11 22:50 - 00000000 ____D () C:\Users\Darke\Downloads\New folder
2015-04-11 14:05 - 2015-04-11 14:06 - 00002366 _____ () C:\Windows\IE11_main.log
2015-04-11 14:05 - 2015-04-11 14:05 - 02077392 _____ (Microsoft Corporation) C:\Users\Darke\Downloads\IE11-Windows6.1.exe
2015-04-11 12:00 - 2015-04-11 13:44 - 00000000 ____D () C:\Users\Darke\Documents\MuseExport
2015-04-11 08:56 - 2015-04-11 08:17 - 265906662 _____ () C:\Users\Darke\Documents\PanoTisk.psd
2015-04-11 02:41 - 2015-04-11 02:41 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\AdobeMuse
2015-04-10 15:32 - 2015-04-10 15:32 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\com.adobe.AdobeMuseCC.2014.1
2015-04-10 12:42 - 2015-04-10 12:42 - 02217984 _____ () C:\Users\Darke\Downloads\adwcleaner_4.201.exe
2015-04-10 12:37 - 2015-04-10 12:37 - 00000579 _____ () C:\Users\Public\Desktop\Adobe Muse CC 2014.lnk
2015-04-10 12:37 - 2015-04-10 12:37 - 00000579 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2014.lnk
2015-04-10 11:42 - 2015-04-10 11:42 - 00175280 _____ () C:\Users\Darke\Downloads\StarDrive.2-CODEX.torrent
2015-04-09 14:13 - 2015-04-09 14:13 - 00000000 ____D () C:\Users\Darke\Documents\VOIDSTORM
2015-04-09 14:12 - 2015-04-09 14:12 - 00011937 _____ () C:\Users\Darke\Downloads\The.Big.Bang.Theory.S08E19.HDTV.x264-LOL (1).torrent
2015-04-09 14:11 - 2015-04-09 14:11 - 00011937 _____ () C:\Users\Darke\Downloads\The.Big.Bang.Theory.S08E19.HDTV.x264-LOL.torrent
2015-04-09 14:10 - 2015-04-09 14:10 - 00000756 _____ () C:\Users\Darke\Desktop\Abyss Odyssey.lnk
2015-04-09 14:10 - 2015-04-09 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abyss Odyssey
2015-04-09 14:01 - 2015-04-09 14:01 - 00012743 _____ () C:\Users\Darke\Downloads\[kickass.to]abyss.odyssey.codex.torrent
2015-04-09 13:26 - 2015-04-09 13:28 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Nidhogg
2015-04-09 13:26 - 2015-04-09 13:26 - 00000561 _____ () C:\Users\Public\Desktop\Nidhogg v1.004.lnk
2015-04-09 13:26 - 2015-04-09 13:26 - 00000561 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nidhogg v1.004.lnk
2015-04-09 13:13 - 2015-04-09 13:13 - 00123240 _____ () C:\Users\Darke\Downloads\TL-0day.JAN24-2014.torrent
2015-04-09 12:09 - 2015-04-09 12:09 - 00000000 ____D () C:\Users\Darke\AppData\Local\UnrealEngineLauncher
2015-04-09 11:45 - 2015-04-09 11:13 - 05198336 _____ (AVAST Software) C:\Users\Darke\Downloads\Unconfirmed 566022 - Copy.crdownload
2015-04-09 11:34 - 2015-04-09 11:34 - 40866864 _____ () C:\Users\Darke\Downloads\Firefox Setup 37.0.1 (1).exe
2015-04-09 11:22 - 2015-04-11 22:50 - 00000000 ____D () C:\FRST
2015-04-09 11:22 - 2015-04-09 11:48 - 00056799 _____ () C:\Users\Darke\Downloads\Addition.txt
2015-04-09 11:22 - 2015-04-09 11:48 - 00056035 _____ () C:\Users\Darke\Downloads\FRST.txt
2015-04-09 11:20 - 2015-04-09 11:20 - 00129400 _____ () C:\Users\Darke\Downloads\OTL.Txt
2015-04-09 11:20 - 2015-04-09 11:20 - 00083114 _____ () C:\Users\Darke\Downloads\Extras.Txt
2015-04-09 11:13 - 2015-04-09 11:13 - 05198336 _____ (AVAST Software) C:\Users\Darke\Downloads\Unconfirmed 566022.crdownload
2015-04-09 11:05 - 2015-04-09 11:05 - 02868848 _____ () C:\Users\Darke\Downloads\bitdefender_tsecurity.exe
2015-04-09 11:05 - 2015-04-09 11:05 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-04-09 07:30 - 2015-04-09 07:30 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2015-04-09 05:22 - 2015-04-09 05:22 - 00000000 _____ () C:\autoexec.bat
2015-04-09 05:12 - 2015-04-09 06:03 - 00000000 ____D () C:\Users\Darke\Desktop\Old Firefox Data
2015-04-09 05:08 - 2015-04-09 05:08 - 02347384 _____ (ESET) C:\Users\Darke\Downloads\esetsmartinstaller_enu.exe
2015-04-09 05:07 - 2015-04-09 05:08 - 159716632 _____ (Microsoft Corporation) C:\Users\Darke\Downloads\msert.exe
2015-04-09 04:55 - 2015-04-09 04:55 - 40866864 _____ () C:\Users\Darke\Downloads\Firefox Setup 37.0.1.exe
2015-04-08 18:03 - 2015-04-08 18:03 - 00001167 _____ () C:\Users\Public\Desktop\Distant Star Revenant Fleet.lnk
2015-04-08 18:03 - 2015-04-08 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blazing Griffin Ltd
2015-04-08 12:00 - 2015-04-08 12:00 - 05587656 _____ () C:\Users\Darke\Downloads\HDRSample.zip
2015-04-08 11:54 - 2015-04-08 11:54 - 05850698 _____ () C:\Users\Darke\Downloads\MotionBlurSample (1).zip
2015-04-08 11:54 - 2015-04-08 11:54 - 00000000 ____D () C:\Users\Darke\Downloads\MotionBlurSample (1)
2015-04-08 06:16 - 2015-04-08 06:16 - 49797120 _____ () C:\Users\Darke\Downloads\S2011_SecretsCryENGINE3Tech.ppt
2015-04-07 18:47 - 2015-04-11 18:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 05:53 - 2015-04-06 05:53 - 00000000 ____D () C:\Users\Darke\Documents\Heroes of the Storm
2015-04-06 05:13 - 2015-04-06 05:13 - 03081784 _____ (Blizzard Entertainment) C:\Users\Darke\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2015-04-06 04:38 - 2015-04-06 04:38 - 00000000 ____D () C:\Users\Darke\Downloads\Shallow_Space_PC_x86_0.7.01
2015-04-05 01:16 - 2015-04-05 01:17 - 00000000 ____D () C:\Users\Darke\Downloads\MegaParticlesDemo
2015-04-05 01:16 - 2015-04-05 01:16 - 01672365 _____ () C:\Users\Darke\Downloads\MegaParticlesDemo.zip
2015-04-04 14:02 - 2015-04-04 14:25 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-04-04 14:02 - 2015-04-04 14:22 - 00018262 ____H () C:\ProgramData\adskflex_00691b00_tsf.bck
2015-04-04 14:02 - 2015-04-04 14:19 - 00018262 _____ () C:\ProgramData\adskflex_00691b00_tsf.data_backup.001
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\Documents\Colossal Order
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Colossal Order
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\.mono
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\Users\Darke\AppData\Local\Colossal Order
2015-04-02 00:22 - 2015-04-02 00:22 - 00000000 ____D () C:\ProgramData\.mono
2015-04-01 23:51 - 2015-04-01 23:51 - 21564040 _____ (SUPERAntiSpyware) C:\Users\Darke\Downloads\Unconfirmed 145037.crdownload
2015-04-01 23:51 - 2015-04-01 23:51 - 21564040 _____ (SUPERAntiSpyware) C:\Users\Darke\Downloads\SUPERAntiSpyware (1).exe
2015-04-01 23:36 - 2015-04-01 23:36 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Darke\Downloads\mbam-setup-2.1.4.1018(1).exe
2015-04-01 23:35 - 2015-04-01 23:35 - 00000627 _____ () C:\Users\Darke\Desktop\JRT.txt
2015-04-01 23:26 - 2015-04-01 23:26 - 00040263 _____ () C:\ComboFix.txt
2015-04-01 23:20 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-01 23:20 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-01 23:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-01 23:20 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-01 23:19 - 2015-04-01 23:26 - 00000000 ____D () C:\Qoobox
2015-04-01 23:19 - 2015-04-01 23:24 - 00000000 ____D () C:\Windows\erdnt
2015-04-01 23:19 - 2015-04-01 23:19 - 05617096 ____R (Swearware) C:\Users\Darke\Downloads\ComboFix.exe
2015-04-01 23:17 - 2015-04-01 21:35 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw85C.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw9F6.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00271200 _____ () C:\Windows\system32\Drivers\aswA16.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswAD3.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw8BA.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw9B6.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00065736 _____ () C:\Windows\system32\Drivers\asw9D6.tmp
2015-04-01 23:17 - 2015-04-01 21:35 - 00029168 _____ () C:\Windows\system32\Drivers\asw996.tmp
2015-04-01 21:34 - 2015-04-09 11:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-01 21:34 - 2015-04-01 21:34 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Darke\Downloads\avast_free_antivirus_setup_online.exe
2015-04-01 21:20 - 2015-04-01 21:20 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-VOIDSTORM-Windows-7-Ultimate-(64-bit).dat
2015-04-01 21:20 - 2015-04-01 21:20 - 00000000 ____D () C:\RegBackup
2015-04-01 20:48 - 2015-04-01 20:48 - 03032229 _____ (Thisisu) C:\Users\Darke\Downloads\JRT(1).exe
2015-04-01 20:48 - 2015-04-01 20:48 - 02208768 _____ () C:\Users\Darke\Downloads\adwcleaner_4.200.exe
2015-04-01 20:05 - 2015-04-01 20:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Darke\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-01 19:03 - 2015-04-01 20:40 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-01 05:24 - 2015-04-01 05:24 - 00000743 _____ () C:\Users\Darke\Desktop\Cities Skylines.lnk
2015-04-01 05:24 - 2015-04-01 05:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2015-03-31 16:03 - 2015-03-31 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-31 04:36 - 2015-03-31 04:36 - 00001503 _____ () C:\Users\Darke\AppData\Local\recently-used.xbel
2015-03-30 21:53 - 2015-03-30 21:53 - 00000000 ____D () C:\Users\Darke\Documents\KoeiTecmo
2015-03-30 21:23 - 2015-03-30 21:23 - 00000613 _____ () C:\Users\Public\Desktop\DEAD OR ALIVE 5 Last Round.lnk
2015-03-30 21:23 - 2015-03-30 21:23 - 00000613 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEAD OR ALIVE 5 Last Round.lnk
2015-03-29 23:41 - 2015-03-29 23:41 - 00058757 _____ () C:\Users\Darke\Downloads\MatCapBakerv1_7.zip
2015-03-29 23:41 - 2015-03-29 23:41 - 00000000 ____D () C:\Users\Darke\Downloads\MatCapBakerv1_7
2015-03-29 22:58 - 2015-03-31 02:51 - 00000000 ____D () C:\Users\Darke\Documents\xNormal
2015-03-29 22:58 - 2015-03-29 22:58 - 00001125 _____ () C:\Users\Public\Desktop\xNormal 3.18.10 (x64).lnk
2015-03-29 22:58 - 2015-03-29 22:58 - 00000000 ____D () C:\ProgramData\Sun
2015-03-29 22:58 - 2015-03-29 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-29 22:58 - 2015-03-29 22:57 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-29 22:57 - 2015-04-01 21:31 - 00000000 ____D () C:\Program Files\Santiago Orgaz
2015-03-29 22:57 - 2015-03-29 22:57 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-29 22:57 - 2015-03-29 22:57 - 00000000 ____D () C:\Program Files\Java
2015-03-28 17:43 - 2015-03-28 17:43 - 12638059 _____ () C:\Users\Darke\Downloads\FastBlurs.zip
2015-03-28 17:43 - 2015-03-28 17:43 - 00000000 ____D () C:\Users\Darke\Downloads\FastBlurs
2015-03-27 22:17 - 2015-03-27 22:17 - 00000862 _____ () C:\Users\Public\Desktop\Pillars of Eternity.lnk
2015-03-26 04:00 - 2015-03-26 04:00 - 00456704 _____ () C:\Users\Darke\Downloads\A150210_VEN_024_DANE_2014C.XLS
2015-03-25 05:39 - 2015-03-25 05:39 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\MiKTeX
2015-03-25 05:39 - 2015-03-25 05:39 - 00000000 ____D () C:\Users\Darke\AppData\Local\MiKTeX
2015-03-25 05:38 - 2015-03-25 05:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2015-03-25 05:37 - 2015-03-25 05:37 - 00000000 ____D () C:\ProgramData\MiKTeX
2015-03-25 05:37 - 2015-03-25 05:37 - 00000000 ____D () C:\Program Files (x86)\MiKTeX 2.9
2015-03-25 05:36 - 2015-03-25 05:37 - 171108104 _____ (MiKTeX.org) C:\Users\Darke\Downloads\basic-miktex-2.9.5105.exe
2015-03-23 19:40 - 2015-03-23 19:40 - 11377972 _____ () C:\Users\Darke\Downloads\MonoGame-develop.zip
2015-03-22 23:52 - 2015-03-22 23:52 - 18518646 _____ (InstallShield Software Corporation) C:\Users\Darke\Downloads\Photoshop_Plugins_x64_8.55.0109.1800(1).exe
2015-03-20 14:27 - 2015-03-20 14:30 - 00000000 ____D () C:\Users\Darke\Documents\GitHub
2015-03-20 14:27 - 2015-03-20 14:27 - 00000000 ____D () C:\Users\Darke\.ssh
2015-03-20 14:26 - 2015-03-27 17:43 - 00000000 ____D () C:\Users\Darke\AppData\Local\GitHub
2015-03-20 14:26 - 2015-03-27 17:20 - 00002142 _____ () C:\Users\Darke\Desktop\Git Shell.lnk
2015-03-20 14:26 - 2015-03-27 17:20 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\GitHub
2015-03-20 14:26 - 2015-03-20 14:26 - 00000308 _____ () C:\Users\Darke\Desktop\GitHub.appref-ms
2015-03-20 14:26 - 2015-03-20 14:26 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-03-20 14:24 - 2015-03-20 14:25 - 00675936 _____ () C:\Users\Darke\Downloads\GitHubSetup.exe
2015-03-20 14:16 - 2015-03-20 14:16 - 00002306 _____ () C:\Users\Darke\Downloads\SearchTex.dds
2015-03-20 14:12 - 2015-03-20 14:12 - 00000000 ____D () C:\Users\Darke\Downloads\smaa-master(1)
2015-03-20 14:11 - 2015-03-20 14:12 - 15225574 _____ () C:\Users\Darke\Downloads\smaa-master(1).zip
2015-03-20 14:07 - 2015-03-20 14:07 - 15225574 _____ () C:\Users\Darke\Downloads\smaa-master.zip
2015-03-20 14:07 - 2015-03-20 14:07 - 00000000 ____D () C:\Users\Darke\Downloads\smaa-master
2015-03-20 02:45 - 2015-03-20 02:45 - 00000000 ____D () C:\Users\Darke\Downloads\CMAA1.3_26March2014
2015-03-20 02:44 - 2015-03-20 02:45 - 80513591 _____ () C:\Users\Darke\Downloads\CMAA1.3_26March2014.7z
2015-03-13 20:45 - 2015-03-13 20:45 - 06720088 _____ () C:\Users\Darke\Downloads\wordpress-4.1.1.zip
2015-03-12 22:55 - 2015-03-12 22:55 - 00771462 _____ () C:\Users\Darke\Downloads\depthrecovery.zip
2015-03-12 22:55 - 2015-03-12 22:55 - 00000000 ____D () C:\Users\Darke\Downloads\depthrecovery
2015-03-12 02:12 - 2015-03-12 02:12 - 01334628 _____ () C:\Users\Darke\Downloads\wp-theme-html5-boilerplate-master.zip
2015-03-12 01:58 - 2015-03-12 01:58 - 00104371 _____ () C:\Users\Darke\Downloads\html5-boilerplate_v5.0.0.zip
2015-03-12 01:58 - 2015-03-12 01:58 - 00000000 ____D () C:\Users\Darke\Downloads\html5-boilerplate_v5.0.0
2015-03-12 01:56 - 2015-03-12 01:57 - 00030315 _____ () C:\Users\Darke\Downloads\WordPress-Plugin-Boilerplate-master.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-11 22:50 - 2014-05-17 12:42 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\uTorrent
2015-04-11 22:45 - 2009-01-01 00:38 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Skype
2015-04-11 22:44 - 2014-05-18 14:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-11 22:17 - 2014-06-29 18:33 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-11 20:22 - 2014-05-16 01:13 - 01868168 _____ () C:\Windows\WindowsUpdate.log
2015-04-11 20:21 - 2014-05-21 17:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 19:56 - 2009-07-14 06:51 - 00136267 _____ () C:\Windows\setupact.log
2015-04-11 18:08 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 18:08 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 18:07 - 2009-07-14 07:13 - 00872704 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-11 18:04 - 2014-09-30 14:44 - 00000000 ____D () C:\AdwCleaner
2015-04-11 18:01 - 2014-06-29 18:33 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-11 18:01 - 2014-06-29 18:33 - 00000000 ____D () C:\Users\Darke\AppData\Local\LogMeIn Hamachi
2015-04-11 18:01 - 2014-05-17 21:44 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Dropbox
2015-04-11 18:01 - 2014-05-16 01:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-11 18:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-11 17:59 - 2010-11-21 05:47 - 00775836 _____ () C:\Windows\PFRO.log
2015-04-11 17:39 - 2014-05-21 02:04 - 00000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe PNG Format CC Prefs
2015-04-11 11:40 - 2014-05-23 02:25 - 00001456 _____ () C:\Users\Darke\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-04-11 02:00 - 2014-08-04 10:59 - 00000000 ____D () C:\Users\Darke\AppData\Local\Adobe
2015-04-10 15:33 - 2014-05-16 01:12 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Adobe
2015-04-09 14:13 - 2014-05-28 02:10 - 00000000 ____D () C:\Users\Darke\Documents\My Games
2015-04-09 12:09 - 2014-05-18 22:55 - 00000000 ____D () C:\ProgramData\Epic
2015-04-09 11:57 - 2014-05-25 19:28 - 00000000 ____D () C:\Users\Darke\AppData\Local\Google
2015-04-09 11:02 - 2009-01-01 00:04 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-04-09 11:00 - 2014-07-09 21:09 - 00000000 ____D () C:\Users\Darke\AppData\Local\Battle.net
2015-04-09 10:57 - 2014-11-09 20:19 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2015-04-09 10:57 - 2014-05-16 01:21 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Mozilla
2015-04-09 10:55 - 2014-06-03 20:26 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Solveig Multimedia
2015-04-09 08:35 - 2014-05-18 13:30 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\vlc
2015-04-09 07:18 - 2015-01-07 10:17 - 00000000 ____D () C:\Users\Darke\AppData\Local\Deployment
2015-04-09 07:18 - 2014-09-21 22:40 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Seznam.cz
2015-04-09 07:18 - 2014-09-21 22:40 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-04-09 07:17 - 2015-01-21 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSC.Software
2015-04-09 07:14 - 2014-10-12 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-04-09 04:14 - 2014-05-19 15:32 - 00000985 _____ () C:\Users\Darke\Desktop\Dropbox.lnk
2015-04-09 04:14 - 2014-05-17 21:44 - 00000000 ____D () C:\Users\Darke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-08 11:56 - 2014-05-24 18:51 - 00000000 ____D () C:\Users\Darke\Documents\Visual Studio 2010
2015-04-06 22:20 - 2014-06-23 14:57 - 00000000 ____D () C:\Users\Darke\Documents\MATLAB
2015-04-06 05:53 - 2014-07-09 21:09 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-04-05 01:52 - 2014-12-23 21:19 - 00000000 ____D () C:\Users\Darke\Documents\Visual Studio 2012
2015-04-03 21:18 - 2014-06-29 18:33 - 00002189 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-01 23:26 - 2015-01-07 10:17 - 00000000 ____D () C:\Users\Darke\AppData\Local\Apps\2.0
2015-04-01 23:24 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-01 21:41 - 2015-01-07 10:24 - 00000000 ____D () C:\Users\Darke\Downloads\wpepro09mod (2)
2015-04-01 21:41 - 2014-09-11 12:57 - 00000000 ____D () C:\Users\Darke\Documents\launcher2
2015-04-01 21:41 - 2014-08-17 00:34 - 00000000 ____D () C:\Program Files (x86)\Lazy Nezumi Pro
2015-04-01 21:33 - 2014-09-30 19:02 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2015-03-31 05:14 - 2014-09-16 01:21 - 00000000 ____D () C:\Users\Darke\.gimp-2.8
2015-03-30 19:23 - 2015-02-03 12:43 - 00000000 ____D () C:\Users\Darke\AppData\Local\EpicGamesLauncher
2015-03-30 15:25 - 2014-06-29 18:33 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-29 22:57 - 2014-05-17 22:35 - 00115566 _____ () C:\Windows\DirectX.log
2015-03-27 22:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-27 17:20 - 2014-05-16 01:12 - 00000000 ____D () C:\Users\Darke
2015-03-26 05:07 - 2014-05-18 23:45 - 00000000 ____D () C:\Users\Darke\Documents\Unreal Projects
2015-03-25 03:01 - 2014-05-24 16:56 - 00000000 ____D () C:\Users\Darke\AppData\Local\licensecb
2015-03-25 02:59 - 2014-05-24 16:56 - 00000000 ____D () C:\ProgramData\licensecb
2015-03-22 23:52 - 2015-02-24 00:37 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll
2015-03-22 23:52 - 2015-02-24 00:37 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll
 
==================== Files in the root of some directories =======
 
2014-09-12 15:21 - 2014-12-14 13:43 - 0000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe BMP Format CC Prefs
2014-05-21 02:04 - 2015-04-11 17:39 - 0000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe PNG Format CC Prefs
2015-01-05 18:55 - 2015-01-05 18:57 - 0000132 _____ () C:\Users\Darke\AppData\Roaming\Adobe Targa Format CC Prefs
2014-05-23 02:25 - 2015-04-11 11:40 - 0001456 _____ () C:\Users\Darke\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-06-03 20:26 - 2014-09-08 14:37 - 0010752 _____ () C:\Users\Darke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-05 06:41 - 2014-11-05 06:41 - 0000000 ___SH () C:\Users\Darke\AppData\Local\LumaEmu
2015-03-31 04:36 - 2015-03-31 04:36 - 0001503 _____ () C:\Users\Darke\AppData\Local\recently-used.xbel
2014-05-18 20:52 - 2015-01-30 04:25 - 0007626 _____ () C:\Users\Darke\AppData\Local\Resmon.ResmonCfg
2015-04-04 14:02 - 2015-04-04 14:22 - 0018262 ____H () C:\ProgramData\adskflex_00691b00_tsf.bck
2015-04-04 14:02 - 2015-04-04 14:19 - 0018262 _____ () C:\ProgramData\adskflex_00691b00_tsf.data_backup.001
 
Some content of TEMP:
====================
C:\Users\Darke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqnqzrz.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-04 00:25
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Darke at 2015-04-11 22:50:57
Running from C:\Users\Darke\Downloads\New folder
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Abyss Odyssey (HKLM-x32\...\Abyss Odyssey_is1) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Muse CC 2014 (HKLM\...\{0A030E99-7CFB-4F35-B1A8-B495F8B36E7A}) (Version: 2014.1.1.6 - Adobe Systems, Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
Allegorithmic Bitmap2Material 3.0.1 (HKLM-x32\...\bitmap2material_3_x) (Version: 3.0.1 build 14565 (2014-10-21) - Allegorithmic)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Assassin's Creed Unity (HKLM-x32\...\Assassin's Creed Unity_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
ASUS Xonar DX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\Autodesk 3ds Max 2012 64-bit - English) (Version: 14.2.0.375 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.2.0.375 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English SP2 (HKLM-x32\...\Autodesk 3ds Max 2012 64-bit - English SP2) (Version: 14.2.0.375 - Autodesk)
Autodesk 3ds Max 2012 Subscription Advantage Pack 1 64-bit - English (HKLM\...\{829AF00A-4B92-0409-B4FC-246EFD2338A3}) (Version: 1 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 2.2.12.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version:  - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - Canon Inc.)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version:  - )
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DEAD OR ALIVE 5 Last Round (HKLM-x32\...\REVBRE9SQUxJVkU1TGFzdFJvdW5k_is1) (Version: 1 - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Distant Star Revenant Fleet (HKLM-x32\...\Distant Star Revenant Fleet_is1) (Version:  - )
Divinity Original Sin (HKLM-x32\...\RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1) (Version: 1 - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dragon Age Inquisition DELUXE EDITION version 1.2 (HKLM-x32\...\{969CF72C-033C-47A6-A767-65B26AFEF0FC}_is1) (Version: 1.2 - BioWare)
Dropbox (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dying Light Update v1.2.1 (HKLM-x32\...\RHlpbmdMaWdodA==_is1) (Version: 1 - )
Elevated Installer (x32 Version: 4.0.16.0 - Garmin Ltd or its subsidiaries) Hidden
Emscripten SDK 64-bit (HKLM\...\Emscripten) (Version:  - )
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
finalRender R3.5 SP7a for 3ds Max 2012x64 (HKLM\...\{A35B9024-BEA3-40F5-AD37-78B0102AF22A}) (Version: 3.5.8 - cebas VISUAL TECHNOLOGY Inc.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FumeFX 3.5.4 R2012 64-bit (HKLM-x32\...\{5C07567F-6784-406D-B9C9-DBDED85FFBAD}) (Version:  - )
Garmin Express (HKLM-x32\...\{01b90f4a-c495-47c4-a33b-1391f41398ce}) (Version: 4.0.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.16.0 - Garmin Ltd or its subsidiaries) Hidden
GitHub (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\5f7eb300e2ea4ebf) (Version: 2.12.1.3 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
ICQ 8.2 (verze 7138) (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\ICQ) (Version: 8.2.7138.0 - ICQ)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
IP-Clamp Service (HKLM-x32\...\{6BC52438-5DE4-4102-846E-64C225A0A04E}) (Version: 1.2.0 - cebas VISUAL TECHNOLOGY Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Kolor Autopano Giga 3.7 (HKLM\...\AutopanoGiga3.7) (Version: V3.7.0 - Kolor)
Lazy Nezumi Pro 14.2.5.1214 (HKLM-x32\...\Lazy Nezumi Pro_is1) (Version: 14.2.5.1214 - Guillaume Stordeur)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31125 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{f9024a51-ab45-4a46-b597-ce12f74963c7}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft WebMatrix 3 (HKLM-x32\...\{4C1CB8FA-89A5-476A-89B6-C69BDC668A9F}) (Version: 2.0.1932 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Miranda IM (HKLM-x32\...\Miranda IM) (Version: 0.10.24 - Miranda IM Project)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-75a211df-250b-4ce9-952b-ead2810b30f4) (Version:  - Epic Games, Inc.)
Myth II: Soulblighter version 1.7.1 (HKLM-x32\...\{52B9E460-AE08-4DA0-9952-2A1542519B69}_is1) (Version: 1.7.1 - Bungie Software)
Myth III: The Wolf Age version 1.3.1 (HKLM-x32\...\{139D63A3-A9DC-48CC-97DA-2963038975DC}_is1) (Version: 1.3.1 - MumboJumbo)
Myth: The Fallen Lords version 1.5 (HKLM-x32\...\{3B537865-547A-4245-AFE1-53353C744D80}_is1) (Version: 1.5 - Eidos Interactive)
Nidhogg v1.004 (HKLM-x32\...\TmlkaG9nZ3YxMDA0_is1) (Version: 1 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Nsight Tegra v1.5, Visual Studio Edition (HKLM-x32\...\{E9DC4484-7E49-4060-A858-27E2B1DE6BD7}) (Version: 1.5.0.14062 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Tegra Android Development Pack 2.0r8 (HKLM-x32\...\NVIDIA Tegra Android Development Pack 2.0r8) (Version: 2.0r8 - NVIDIA Corporation)
Patran 2013 64-Bit (HKLM-x32\...\{CE86A41E-641E-4437-8C26-555ADD2DE4BF}) (Version: 20.0.0 - MSC.Software Corporation)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Phoenix FD for 3ds Max 2012 for x64 (HKLM\...\Phoenix FD for 3ds Max 2012 for x64) (Version: 2.10.10 - Chaos Software Ltd)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
PoserFusion 2014 for 3ds Max (HKLM-x32\...\PoserFusion 2014 for 3ds Max_is1) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RayFire 1.62 - 3ds Max 2012 - 64 bit - Demo (HKLM-x32\...\RayFire) (Version: 1.62 - 3ds Max 2012 - 64 bit - Demo - Mir Vadim)
RivaTuner Statistics Server 5.2.0 (HKLM-x32\...\RTSS) (Version: 5.2.0 - Unwinder)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedTree for Unreal Engine 4 Subscription version 7.0.7 (HKLM\...\{20F180DA-2BAF-4D84-BE0C-70F0DB1DABB7}_is1) (Version: 7.0.7 - )
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
StarDrive 2 (HKLM-x32\...\StarDrive 2_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
TexturePacker (HKLM\...\{33C1B8B0-32CE-42BE-ABBA-7B0A23AC4210}) (Version: 3.4.0 - code-and-web.de)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Unity Web Player (HKU\S-1-5-21-1243830967-3492521458-558565078-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Unreal Engine (HKLM\...\{0EB63BF4-FE9C-4F79-AF61-A2711CA7FD30}) (Version: 1.1.2.0 - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
V-Ray for 3dsmax 2012 for x64 (HKLM\...\V-Ray for 3dsmax 2012 for x64) (Version: 2.40.03 - Chaos Software Ltd)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{83B0E426-D4EE-11D4-BEDF-BAB7F1EEA455}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2012\addflow4.ocx (Lassalle Technologies)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1243830967-3492521458-558565078-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Darke\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
09-04-2015 07:14:56 Removed Dassault Systemes Software VC9 Prerequisites x86-x64
09-04-2015 07:15:14 Removed MSC Nastran
09-04-2015 07:17:56 Removed Nokia Connectivity Cable Driver
09-04-2015 07:30:49 Installed SpyHunter
09-04-2015 07:34:06 Removed SpyHunter
09-04-2015 07:34:38 Removed SpyHunter
09-04-2015 07:42:39 avast! antivirus system restore point
09-04-2015 10:56:26 Removed Dotfuscator Software Services - Community Edition
09-04-2015 10:57:35 Removed Google Talk Plugin
09-04-2015 10:58:13 avast! antivirus system restore point
10-04-2015 12:32:25 Installed Adobe Muse CC 2014
11-04-2015 17:56:53 Restore Point Created by FRST
11-04-2015 20:21:14 Garmin Express
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2015-04-09 07:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0A21C15F-30F4-4E2D-AFCF-3B8342028847} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {22863B74-F049-4FEF-A709-5224EC02BC7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {31B66A52-B82B-4CF6-9A7F-DCDE2CCC23DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3819C210-2698-4593-9DEF-CD355D916234} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {3D7ECFC9-0AE5-4615-A4C4-CD3F4A6FEE25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7C1018EE-55B6-4632-A495-6423A9895192} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {8598D19F-FB0B-482B-BE40-8E4F8C0610C3} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: {85AD5386-3FE7-4B82-B5D9-93E5F6A1C194} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-04-10] ()
Task: {85E011F6-94A9-4637-888B-447BACE81CD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29] (Google Inc.)
Task: {8FA1966F-9D00-4E91-A52F-C68A011762A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {C8D2F78D-6A9B-4616-9CA6-E8E076B4CF6B} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {DDB4F44F-7947-4AAD-880B-38B795C1DB43} - \SPBIW_UpdateTask_Time_313139303631393030312d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: {E5E7D62F-302D-4017-B2AB-2038CBDE5061} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-13] ()
Task: {E86FC039-B44B-4468-8061-5B010194D6F8} - System32\Tasks\AdobeAAMUpdater-1.0-Voidstorm-Darke => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-05-16 01:27 - 2015-01-10 01:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () b:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-05-18 12:51 - 2013-07-24 10:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-05-18 12:51 - 2013-08-13 20:55 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2009-01-01 00:03 - 2014-05-16 01:30 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2009-01-01 00:03 - 2014-05-16 01:30 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2014-02-11 20:21 - 2014-02-11 20:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-05-18 12:46 - 2013-06-04 11:41 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2013-07-01 10:21 - 2013-07-01 10:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-07-01 01:16 - 2013-07-01 01:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2007-11-20 11:52 - 2007-11-20 11:52 - 00045700 _____ () C:\Program Files (x86)\cebas\ip-clamp\ipclamp.exe
2013-07-01 10:21 - 2013-07-01 10:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2014-05-20 23:39 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2014-05-21 17:35 - 2014-04-01 08:07 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-05-21 17:35 - 2014-04-01 08:07 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-05-18 12:50 - 2013-08-07 19:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-05-18 12:51 - 2013-08-13 20:46 - 02745344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-05-18 12:51 - 2013-08-29 15:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-05-18 12:51 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
2014-05-18 12:50 - 2013-06-04 11:41 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-05-18 12:50 - 2013-08-07 19:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-05-18 12:51 - 2013-07-31 20:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-05-18 12:51 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-05-18 12:51 - 2013-08-13 20:55 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2009-01-01 00:03 - 2014-05-16 01:30 - 00143360 ____N () C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll
2015-04-11 18:01 - 2015-04-11 18:01 - 00043008 _____ () c:\users\darke\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqnqzrz.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Darke\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-05-18 12:46 - 2015-04-11 18:01 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-05-18 12:46 - 2013-06-04 11:41 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-05-18 12:47 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-10 14:00 - 2015-04-10 14:00 - 00412160 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2015-04-03 21:18 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-03 21:18 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-03 21:18 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Darke\AppData\Local\Temporary Internet Files:8vRiAaOhq7jCkdQLS0CvP3Ij
AlternateDataStreams: C:\Users\Darke\Documents\PanoTisk.psd:com.dropbox.attributes
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1243830967-3492521458-558565078-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 94.74.192.252 - 94.74.192.244
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SketchBook Snapshot.lnk => C:\Windows\pss\SketchBook Snapshot.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\Darke\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: icq => C:\Users\Darke\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1243830967-3492521458-558565078-500 - Administrator - Disabled)
Darke (S-1-5-21-1243830967-3492521458-558565078-1000 - Administrator - Enabled) => C:\Users\Darke
Guest (S-1-5-21-1243830967-3492521458-558565078-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Shrew Soft Virtual Adapter #2
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/11/2015 06:03:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/11/2015 05:56:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {91bcf43f-284a-47c1-85f8-059cc9b24461}
 
Error: (04/11/2015 05:56:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (04/11/2015 08:56:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/11/2015 00:30:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/10/2015 03:32:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/10/2015 03:15:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/10/2015 00:40:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/10/2015 10:34:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 04:42:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (04/11/2015 06:00:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (04/11/2015 06:00:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ASUS Com Service service failed to start due to the following error: 
%%1053
 
Error: (04/11/2015 06:00:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ASUS Com Service service to connect.
 
Error: (04/11/2015 06:00:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/11/2015 06:00:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (04/11/2015 06:00:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server VSS Writer service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/11/2015 06:00:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Skype Updater service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/11/2015 06:00:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/11/2015 06:00:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/11/2015 06:00:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server (SQLEXPRESS) service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (04/11/2015 06:03:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/11/2015 05:56:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {91bcf43f-284a-47c1-85f8-059cc9b24461}
 
Error: (04/11/2015 05:56:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Darke\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/11/2015 08:56:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/11/2015 00:30:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
Error: (04/10/2015 03:32:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/10/2015 03:15:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/10/2015 00:40:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/10/2015 10:34:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/09/2015 04:42:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Darke\downloads\esetsmartinstaller_enu.exe
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 17%
Total physical RAM: 16321.61 MB
Available physical RAM: 13411.78 MB
Total Pagefile: 32641.42 MB
Available Pagefile: 29087.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive a: (Inferno) (Fixed) (Total:931.41 GB) (Free:335.51 GB) NTFS
Drive b: (Void) (Fixed) (Total:931.51 GB) (Free:49.52 GB) NTFS
Drive c: (System) (Fixed) (Total:232.88 GB) (Free:71.5 GB) NTFS
Drive d: (StarDrive 2) (CDROM) (Total:2.3 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 74F68EE8)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 74F68EEC)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=931.4 GB) - (Type=42)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 34003BE0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edited by Darke, 11 April 2015 - 02:52 PM.

  • 0

#6
Essexboy
Posted 11 April 2015 - 03:19 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Unfortunately it is well hidden in Firefox and chrome so the easiest way to do this is to reset them

FIREFOX :

1.Click the menu button and then click help .
2.From the Help menu choose Troubleshooting Information. ...
3.Click the Reset Firefox button in the upper-right corner of the Troubleshooting Information page.
4.To continue, click Reset Firefox in the confirmation window that opens.

CHROME :

1.Click the icon that looks like three stacked lines at the top right of the browser window. ...
2.Select 'Settings' in the drop-down menu. ...
3.Click on 'Show advanced settings' at the bottom of the Web page. ...
4.Select 'Reset browser settings' at the bottom of the page.


Let me know if that removes the ads
  • 0

#7
Darke
Posted 12 April 2015 - 02:23 AM

Darke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Still there :(... I did reset process few times during my attempts to remove this.

 

But, if reinstall firefox into new folder it is alright. I am alright with this solution, I am just afraid of some background process still going on.

 

Note: Also new profile doest help.

 

Edit: What is PUP helper / helper King... is PUP some general classification or something specific? 


Edited by Darke, 12 April 2015 - 02:47 AM.

  • 0

#8
Essexboy
Posted 12 April 2015 - 04:13 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets see if we can reveal any hidden extensions

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
NSIS_extraction.png
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.
  • Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
    3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


    Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

  • 0

#9
Darke
Posted 12 April 2015 - 05:10 AM

Darke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

I´ve run comboFix sometime before, when I was trying to solve this issue... before I wrote my first post, should I run it anyway?


  • 0

#10
Essexboy
Posted 12 April 2015 - 05:19 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes please as it will show data that it does not remove
  • 0

Advertisements

#11
Darke
Posted 15 April 2015 - 11:03 AM

Darke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Please do not lock the thread, give me one more day, I am kinda overwhelmed with my job at the moment, I will run combofix tomorrow.


  • 0

#12
Essexboy
Posted 15 April 2015 - 11:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No problem :)
  • 0

#13
Darke
Posted 19 April 2015 - 05:09 AM

Darke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Here it is, sorry for delay

 

Edit: [bleep] it, I forget I have Windows defender active, dunno even why, should I run it again without it?

 

ComboFix 15-04-16.01 - Darke 19.04.2015  12:41:49.2.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.420.1033.18.16322.13222 [GMT 2:00]
Spuštěný z: c:\users\Darke\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvořen nový Bod Obnovení
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2015-03-19 do 2015-04-19  )))))))))))))))))))))))))))))))
.
.
2015-04-19 10:43 . 2015-04-19 10:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-18 17:44 . 2015-04-18 17:44 -------- d-----w- c:\users\Darke\AppData\Local\UnrealEngineLauncher
2015-04-14 21:44 . 2015-04-14 21:44 -------- d-----w- c:\users\Darke\AppData\Roaming\MK10
2015-04-14 09:27 . 2015-04-14 09:27 -------- d-----w- c:\users\Darke\AppData\Local\Rockstar Games
2015-04-14 00:41 . 2015-04-14 00:41 -------- d-----w- c:\users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-14 00:41 . 2015-04-14 00:41 -------- d-----w- c:\users\Default\AppData\Roaming\Garmin
2015-04-14 00:02 . 2015-04-14 00:02 -------- d-----w- c:\program files (x86)\Rockstar Games
2015-04-14 00:02 . 2015-04-14 00:02 -------- d-----w- c:\program files\Rockstar Games
2015-04-13 10:08 . 2015-04-13 10:08 -------- d-----w- c:\users\Darke\Tracing
2015-04-12 08:24 . 2015-04-18 17:18 -------- d-----w- c:\programdata\boost_interprocess
2015-04-11 18:21 . 2015-04-11 18:21 -------- d-----w- c:\program files\DIFX
2015-04-11 18:21 . 2015-04-11 18:21 -------- d-----w- c:\users\Darke\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-11 18:21 . 2015-04-11 18:21 -------- d-----w- c:\users\Darke\AppData\Roaming\Garmin
2015-04-11 18:21 . 2015-04-11 18:21 -------- d-----w- c:\programdata\Garmin
2015-04-11 18:21 . 2015-04-14 00:41 -------- d-----w- c:\program files (x86)\Garmin
2015-04-11 16:03 . 2015-04-11 16:03 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-04-11 00:41 . 2015-04-11 00:41 -------- d-----w- c:\users\Darke\AppData\Roaming\AdobeMuse
2015-04-10 13:32 . 2015-04-10 13:32 -------- d-----w- c:\users\Darke\AppData\Roaming\com.adobe.AdobeMuseCC.2014.1
2015-04-09 11:26 . 2015-04-09 11:28 -------- d-----w- c:\users\Darke\AppData\Roaming\Nidhogg
2015-04-09 09:22 . 2015-04-11 20:51 -------- d-----w- C:\FRST
2015-04-09 09:05 . 2015-04-09 09:05 -------- d-----w- c:\program files\Common Files\Bitdefender
2015-04-09 05:30 . 2015-04-09 05:30 -------- d-----w- c:\program files (x86)\Enigma Software Group
2015-04-04 12:02 . 2015-04-04 12:25 -------- d-----w- c:\programdata\FLEXnet
2015-04-01 22:22 . 2015-04-01 22:22 -------- d-----w- c:\users\Darke\AppData\Roaming\.mono
2015-04-01 22:22 . 2015-04-01 22:22 -------- d-----w- c:\programdata\.mono
2015-04-01 22:22 . 2015-04-01 22:22 -------- d-----w- c:\users\Darke\AppData\Roaming\Colossal Order
2015-04-01 22:22 . 2015-04-01 22:22 -------- d-----w- c:\users\Darke\AppData\Local\Colossal Order
2015-04-01 21:17 . 2015-04-01 19:35 136752 ----a-w- c:\windows\system32\drivers\aswAD3.tmp
2015-04-01 21:17 . 2015-04-01 19:35 93528 ----a-w- c:\windows\system32\drivers\asw8BA.tmp
2015-04-01 21:17 . 2015-04-01 19:35 88408 ----a-w- c:\windows\system32\drivers\asw9B6.tmp
2015-04-01 21:17 . 2015-04-01 19:35 65736 ----a-w- c:\windows\system32\drivers\asw9D6.tmp
2015-04-01 21:17 . 2015-04-01 19:35 442264 ----a-w- c:\windows\system32\drivers\asw9F6.tmp
2015-04-01 21:17 . 2015-04-01 19:35 29168 ----a-w- c:\windows\system32\drivers\asw996.tmp
2015-04-01 21:17 . 2015-04-01 19:35 271200 ----a-w- c:\windows\system32\drivers\aswA16.tmp
2015-04-01 21:17 . 2015-04-01 19:35 1047320 ----a-w- c:\windows\system32\drivers\asw85C.tmp
2015-04-01 21:17 . 2015-04-01 21:17 -------- d-s---w- c:\windows\SysWow64\Microsoft
2015-04-01 19:34 . 2015-04-09 09:02 -------- d-----w- c:\programdata\AVAST Software
2015-04-01 19:20 . 2015-04-01 19:20 -------- d-----w- C:\RegBackup
2015-03-29 20:58 . 2015-03-29 20:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-03-29 20:58 . 2015-03-29 20:57 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-03-29 20:57 . 2015-03-29 20:57 -------- d-----w- c:\programdata\Oracle
2015-03-29 20:57 . 2015-03-29 20:57 -------- d-----w- c:\program files\Java
2015-03-29 20:57 . 2015-04-01 19:31 -------- d-----w- c:\program files\Santiago Orgaz
2015-03-25 03:39 . 2015-03-25 03:39 -------- d-----w- c:\users\Darke\AppData\Roaming\MiKTeX
2015-03-25 03:39 . 2015-03-25 03:39 -------- d-----w- c:\users\Darke\AppData\Local\MiKTeX
2015-03-25 03:37 . 2015-03-25 03:37 -------- d-----w- c:\programdata\MiKTeX
2015-03-25 03:37 . 2015-03-25 03:37 -------- d-----w- c:\program files (x86)\MiKTeX 2.9
2015-03-20 12:27 . 2015-03-20 12:27 -------- d-----w- c:\users\Darke\.ssh
2015-03-20 12:26 . 2015-03-27 15:43 -------- d-----w- c:\users\Darke\AppData\Local\GitHub
2015-03-20 12:26 . 2015-03-27 15:20 -------- d-----w- c:\users\Darke\AppData\Roaming\GitHub
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 19:44 . 2014-05-18 12:30 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 19:44 . 2014-05-18 12:30 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-30 13:25 . 2014-06-29 16:33 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-22 21:52 . 2015-02-23 22:37 61440 ----a-w- c:\windows\SysWow64\nvPhotoshopUtil.dll
2015-03-22 21:52 . 2015-02-23 22:37 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2015-02-23 22:37 . 2015-02-23 22:37 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-03-25 31682144]
"icq"="c:\users\Darke\AppData\Roaming\ICQM\icq.exe" [2014-11-05 35239432]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\tray.exe" [2015-04-12 1010008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="b:\program files (x86)\PowerISO\PWRISOVM.EXE" [2013-10-23 337432]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
"LogMeIn Hamachi Ui"="b:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\tray.exe" [2015-04-12 1010008]
.
c:\users\Darke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Darke\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-4-2 43382072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0bootdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.;c:\program files (x86)\cebas\ip-clamp\ipclamp.exe;c:\program files (x86)\cebas\ip-clamp\ipclamp.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\SYSNATIVE\drivers\bxdiaga.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys;c:\windows\SYSNATIVE\drivers\Xeno7x64.sys [x]
R3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys;c:\windows\SYSNATIVE\drivers\bxfcoe.sys [x]
R3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\SYSNATIVE\drivers\bxois.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]
R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;b:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;b:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 wampapache64;wampapache64;b:\wamp\bin\apache\apache2.4.9\bin\httpd.exe;b:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [x]
R3 wampmysqld64;wampmysqld64;b:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64;b:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
S2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager;b:\shared files\Licensing\winx64\ansysli_server.exe;b:\shared files\Licensing\winx64\ansysli_server.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [x]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;b:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;b:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 iked;ShrewSoft IKE Daemon;c:\program files\ShrewSoft\VPN Client\iked.exe;c:\program files\ShrewSoft\VPN Client\iked.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\ShrewSoft\VPN Client\ipsecd.exe;c:\program files\ShrewSoft\VPN Client\ipsecd.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 cmudaxp;ASUS Xonar DX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-16 20:18 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-18 19:44]
.
2015-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29 16:33]
.
2015-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-29 16:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Darke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2014-05-15 8761344]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2014-05-15 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2014-05-15 282112]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-04-15 10396440]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-09-19 557768]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-01-16 2585928]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-01-16 1514528]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
TCP: Interfaces\{8CEBE121-3759-4E2B-83B1-704D40A8F162}: NameServer = 158.196.149.9,158.196.162.8
FF - ProfilePath - c:\users\Darke\AppData\Roaming\Mozilla\Firefox\Profiles\4g0r2juz.default-1428552186018\
.
.
------- Asociace souborů -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Abyss Odyssey_is1 - b:\abyss odyssey\unins000.exe
AddRemove-Cities Skylines_is1 - b:\program files (x86)\Cities Skylines\unins000.exe
AddRemove-REVBRE9SQUxJVkU1TGFzdFJvdW5k_is1 - b:\program files (x86)\DEAD OR ALIVE 5 Last Round\unins000.exe
AddRemove-RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1 - b:\program files (x86)\Divinity Original Sin\unins000.exe
AddRemove-RHlpbmdMaWdodA==_is1 - b:\program files (x86)\Dying Light\unins000.exe
AddRemove-TmlkaG9nZ3YxMDA0_is1 - b:\program files (x86)\Nidhogg v1.004\unins000.exe
AddRemove-{139D63A3-A9DC-48CC-97DA-2963038975DC}_is1 - b:\program files (x86)\Myth III\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:5b,65,a9,5d,15,e6,21,91,23,e5,77,60,62,5f,4c,f8,b3,e5,cb,1a,c0,
   46,72,41,7f,c3,a3,2f,6b,ef,f2,69,cd,c0,dc,9a,bf,2a,87,3d,90,39,90,e9,96,ac,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-04-19  12:44:55
ComboFix-quarantined-files.txt  2015-04-19 10:44
ComboFix2.txt  2015-04-01 21:26
.
Před spuštěním: 72 187 203 584 bytes free
Po spuštění: 72 429 916 160 bytes free
.
- - End Of File - - E8D9BE6CE1265BF36C0BE44036D962E3
A36C5E4F47E84449FF07ED3517B43A31

Edited by Darke, 19 April 2015 - 05:09 AM.

  • 0

#14
Essexboy
Posted 19 April 2015 - 06:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

No revelations there either.  You say that a new Firefox profile works OK

 

Does it appear on any particular site or any

 

If the new profile is good then we can just delete the old one


  • 0

#15
Darke
Posted 19 April 2015 - 06:10 AM

Darke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Nah, I said (at least I hope I did) that new profile didnt help, only thing that help was reinstalling firefox into new location (different HDD). It appears on most of the sites, even on my own site, seems like typical overlay injection, just this one... I dont know, I honestly never seen such well hidden adware, I am still tempted to pay for SpyHunter, any experience with this? Is it reliable software or just scam?

 

I could also post some scan results from SpyHunter, trial version just wont let me to remove them.


Edited by Darke, 19 April 2015 - 06:13 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP