Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help, I think My Computer is Infected [Closed]


  • This topic is locked This topic is locked

#1
aaronb24

aaronb24

    New Member

  • Member
  • Pip
  • 2 posts

Hello geeks to go, hope u can help me, my browsers (IE, firefox, chrome) can't open some websites, and I can't download from some websites too, even when I try to open FB, the CSS isn't loaded.. even my Steam browser doesn't load any CSS, so it's just some text...

FIrst I thought maybe the internet connection, but when I try it from another computer in the same network, it works. So I think it is only on my computer..

Actually, I'm not really sure if this is because of a malware or something like that, my friend tell me this must be because of a bloatware,

so I'm trying to get some help here..

 

Thx before, :laughing:

Aaron

 

 

 

 

 

 

this is my FRST.txt result:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Home (administrator) on HOME-PC on 05-06-2015 14:10:58
Running from C:\Users\Home\Downloads\Programs
Loaded Profiles: Home (Available Profiles: Home & Administrator & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe
() C:\Program Files\dnscrypt-proxy-win32-full\bin\dnscrypt-proxy.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
Failed to access process -> WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Home\AppData\Local\Akamai\netsession_win.exe
(Brio) C:\Program Files\FolderSize\FolderSize.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Akamai Technologies, Inc.) C:\Users\Home\AppData\Local\Akamai\netsession_win.exe
() C:\SkinPack\RocketDock\RocketDock.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(BitTorrent Inc.) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
(OpenDNS) C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSInterface.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\ECTaskScheduler.exe
(Symbian Ltd.) C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\Elogerr.exe
() C:\Program Files (x86)\Mountain Lion Skin Pack\UberIcon\UberIcon.exe
(VirtuaWin) C:\Program Files (x86)\Mountain Lion Skin Pack\VirtuaWin\VirtuaWin.exe
() C:\Program Files (x86)\Mountain Lion Skin Pack\Winroll\winroll.exe
() C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\BroadcastProxy.exe
() C:\Program Files (x86)\Mountain Lion Skin Pack\VirtuaWin\modules\WinList.exe
(Symbian Ltd.) C:\Program Files (x86)\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(xwidget.com) C:\Program Files (x86)\Mountain Lion Skin Pack\Xwidget\xwidget.exe
(Y'z) C:\Program Files (x86)\Mountain Lion Skin Pack\YzShadow\YzShadow.exe
(Symbian Ltd.) C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\SCRFS.exe
(Dropbox, Inc.) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
Failed to access process -> WmiPrvSE.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
Failed to access process -> dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3425688 2011-09-08] (Tonec Inc.)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-05] (Valve Corporation)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Home\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-13] (Brio)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [RocketDock] => C:\SkinPack\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [uTorrent] => C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [396800 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\MountPoints2: {38414e47-d893-11e2-b47c-f46d04ed47dd} - H:\AutoRun.exe
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-08-04]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenDNSCrypt.lnk [2014-08-14]
ShortcutTarget: OpenDNSCrypt.lnk -> C:\Windows\Installer\{DEF3592F-0751-4632-9875-8BF9AD602898}\_60ADE4ADDDB9C7178BB901.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PCSuiteForNokiaN-Gage TS.lnk [2014-07-18]
ShortcutTarget: PCSuiteForNokiaN-Gage TS.lnk -> C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\ectaskscheduler.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkinPackMenu.lnk [2012-03-22]
ShortcutTarget: SkinPackMenu.lnk -> C:\Program Files (x86)\Mountain Lion Skin Pack\SP.exe (skin pack)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UberIcon.lnk [2012-03-22]
ShortcutTarget: UberIcon.lnk -> C:\Program Files (x86)\Mountain Lion Skin Pack\UberIcon\UberIcon.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VirtuaWin.lnk [2012-03-22]
ShortcutTarget: VirtuaWin.lnk -> C:\Program Files (x86)\Mountain Lion Skin Pack\VirtuaWin\VirtuaWin.exe (VirtuaWin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Winroll.lnk [2012-03-22]
ShortcutTarget: Winroll.lnk -> C:\Program Files (x86)\Mountain Lion Skin Pack\Winroll\winroll.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\xwidget.lnk [2012-03-22]
ShortcutTarget: xwidget.lnk -> C:\Program Files (x86)\Mountain Lion Skin Pack\Xwidget\xwidget.exe (xwidget.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk [2012-03-22]
ShortcutTarget: YzShadow.lnk -> C:\Program Files (x86)\Mountain Lion Skin Pack\YzShadow\YzShadow.exe (Y'z)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2011-11-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-06] (AVAST Software)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2012-05-28] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2012-05-28] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2012-05-28] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2011-05-30] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{bf0bfe4a-d00a-4a75-b989-a8e5e3b8b032} <======= ATTENTION (Policy restriction on IP)
HKU\S-1-5-21-3533201534-3151003976-604284548-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-3533201534-3151003976-604284548-1000 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2011-08-01] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll No File
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll No File
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll No File
BHO-x32: Groove GFS Browser Helper -> {12DB2EA6-0BB3-01EB-26E9-41BB5AF16DF1} -> C:\Windows\SysWow64\pngfilllllllllllllllt.dll [2013-08-28] ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D02DF646-31A2-4BAF-9CB9-BD8BF7E8A4E1} http://hunterblade.b...hinawebctrl.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\..\Interfaces\{1A0FE36E-6B87-4B5E-8300-2191D6D2AC57}: [NameServer] 127.0.0.1
Tcpip\..\Interfaces\{74F1D621-EDEE-44EC-A2BC-5665A6C33D72}: [NameServer] 127.0.0.1
Tcpip\..\Interfaces\{A73D24AD-45A2-4272-94A8-9669AEFBEE02}: [NameServer] 127.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\du748vt5.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-05] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-23] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2011-08-22] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3533201534-3151003976-604284548-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-3533201534-3151003976-604284548-1000: @talk.google.com/O1DPlugin -> C:\Users\Home\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-3533201534-3151003976-604284548-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll [2014-08-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-3533201534-3151003976-604284548-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll [2014-08-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-3533201534-3151003976-604284548-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3533201534-3151003976-604284548-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-05-29] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Home\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Home\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Extension: IDM CC - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\du748vt5.default\Extensions\[email protected] [2015-05-23]
FF Extension: Super Start - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\du748vt5.default\Extensions\[email protected] [2015-06-05]
FF Extension: CSS Reloader - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\du748vt5.default\Extensions\[email protected] [2015-06-05]
FF Extension: UI Fixer - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\du748vt5.default\Extensions\[email protected] [2015-06-05]
FF Extension: Magnet Fixer For Anonymouse - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\du748vt5.default\Extensions\[email protected] [2015-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-06-25]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-11-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-06]
FF HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Home\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Home\AppData\Roaming\IDM\idmmzcc5 [2011-11-09]
FF HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Home\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Beautiful landscape) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2012-09-21]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-26]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-26]
CHR Extension: (Bookmark Manager) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Play Capsa) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgccknddajajgpkijemnhijahahjnppj [2012-02-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Earn to Die Superwheel) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocahecmbdeggfmiljapgkcpibnaapllk [2013-12-14]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)
S3 DAUpdaterSvc; D:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-16] (BioWare)
R2 DNSCrypt; C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe [14336 2012-08-03] () [File not signed]
R2 dnscrypt-proxy; C:\Program Files\dnscrypt-proxy-win32-full\bin\dnscrypt-proxy.exe [258062 2013-09-15] () [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-11-02] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8919 2013-01-30] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3270600 2014-06-16] (INCA Internet Co., Ltd.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-04] ()
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675200 2012-07-26] (Microsoft Corporation) [File not signed]
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2012-03-22] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2014-01-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [35624 2007-08-08] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-12-06] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)
S3 cpuz134; No ImagePath
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-11-09] (DT Soft Ltd)
R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-12-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 nmgmsFltr; C:\Windows\System32\drivers\nmgms.sys [14592 2009-11-13] ()
R3 nmgmsFltr; C:\Windows\SysWOW64\drivers\nmgms.sys [12544 2009-11-13] () [File not signed]
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2011-11-07] ()
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [194048 2013-02-18] (SANDBOXIE L.T.D)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-22] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-02] ()
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 14:04 - 2015-06-05 14:11 - 00000000 ____D C:\FRST
2015-06-05 13:47 - 2015-06-05 13:47 - 00001889 _____ C:\Users\Home\Desktop\CIntRep_x64.exe - Shortcut.lnk
2015-06-05 12:19 - 2015-06-05 12:19 - 00003236 _____ C:\Windows\System32\Tasks\{35FD067A-DD3B-4ECF-B9BC-3634A8096188}
2015-06-05 07:40 - 2015-06-05 07:40 - 00002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-04 17:07 - 2015-06-04 17:07 - 00000000 ____D C:\Users\Home\Downloads\Metnum
2015-06-04 15:59 - 2015-06-04 15:59 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-04 15:59 - 2015-06-04 15:59 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-04 15:57 - 2015-06-04 15:57 - 00243408 _____ C:\Users\Home\Downloads\Firefox Setup Stub 38.0.5.exe
2015-06-04 15:56 - 2015-06-04 16:04 - 342723997 _____ C:\Users\Home\Downloads\OBB CHR3 apakrchive.com.part3.rar
2015-06-04 15:36 - 2015-06-04 15:55 - 1047527424 _____ C:\Users\Home\Downloads\OBB CHR3 apakrchive.com.part2.rar
2015-06-04 15:05 - 2015-06-04 15:05 - 06694730 _____ C:\Users\Home\Downloads\net.kairosoft.android.mujin_en-1.0.5-www.apk2m.com.apk
2015-06-04 15:03 - 2015-06-04 15:24 - 1047527424 _____ C:\Users\Home\Downloads\OBB CHR3 apakrchive.com.part1.rar
2015-06-04 01:38 - 2015-06-04 01:38 - 00197412 _____ C:\Users\Home\Downloads\mbam-setup-2.0.1.1004.rar
2015-06-01 00:12 - 2015-06-01 00:12 - 00000000 ____D C:\Windows\SysWOW64\3038
2015-05-31 16:20 - 2015-05-31 16:20 - 00000745 _____ C:\Users\Home\Desktop\BLADESTORM Nightmare.lnk
2015-05-29 16:54 - 2015-05-29 16:54 - 00012170 _____ C:\Users\Home\Downloads\[kat.cr]the.escapists.v1.05.windows.viruz.torrent
2015-05-28 18:40 - 2015-05-28 18:40 - 00072006 _____ C:\Users\Home\Downloads\ANS - Sunday Celebration 1 March 2015 - Message.[bleep]
2015-05-27 17:55 - 2015-06-05 13:55 - 00004950 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-PC-Home Home-PC
2015-05-25 10:58 - 2015-05-25 11:01 - 00000000 ____D C:\Users\Home\AppData\Local\SystemsNominal
2015-05-25 01:30 - 2015-05-25 01:30 - 00012104 _____ C:\Users\Home\Downloads\Battle_Raper_2.7z (1).torrent
2015-05-25 00:12 - 2015-06-01 00:12 - 00000000 ____D C:\Windows\SysWOW64\3037
2015-05-24 23:13 - 2015-05-24 23:13 - 00013919 _____ C:\Users\Home\Downloads\[kat.cr]systems.nominal.1.0.torrent
2015-05-24 21:20 - 2015-05-24 21:20 - 00017152 _____ C:\Users\Home\Downloads\[kat.cr]not.a.hero.gog.torrent
2015-05-24 12:21 - 2015-05-24 12:21 - 00006104 _____ C:\Users\Home\Downloads\ITIP 2012 Session 5 - Thinking to Break Limitations (Prt1).txt
2015-05-21 11:57 - 2015-05-21 11:57 - 00012818 _____ C:\Users\Home\Downloads\A91024D9F7D04F49D247E43767A5AB3252591593.torrent
2015-05-21 11:19 - 2015-05-21 11:19 - 00002079 _____ C:\Users\Home\Desktop\Sexy Beach ZERO.lnk
2015-05-21 01:21 - 2015-05-21 01:21 - 00001085 _____ C:\Users\Public\Desktop\SBZ Illusion Wizzard.lnk
2015-05-21 01:21 - 2015-05-21 01:21 - 00000913 _____ C:\Users\Public\Desktop\Sexy Beach ZERO.lnk
2015-05-21 01:21 - 2015-05-21 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ILLUSION
2015-05-21 01:16 - 2015-05-27 12:37 - 00000254 _____ C:\Windows\valsetup.ini
2015-05-20 14:59 - 2015-05-20 14:59 - 00000746 _____ C:\Users\Home\Desktop\Valkyria Chronicles.lnk
2015-05-20 14:59 - 2015-05-20 14:59 - 00000000 ____D C:\Users\Home\AppData\Roaming\Valkyria Chronicles
2015-05-19 22:52 - 2015-05-19 22:52 - 00087179 _____ C:\Users\Home\Downloads\[kat.cr]valkyria.chronicles.update.3.4.dlc.2014.pc.repack.rg.mechanics.torrent
2015-05-19 20:22 - 2015-05-19 20:22 - 00069008 _____ C:\Users\Home\Downloads\[kickass.to]mortal.kombat.x.premium.edition.freedom.torrent
2015-05-18 00:12 - 2015-05-25 00:12 - 00000000 ____D C:\Windows\SysWOW64\3036
2015-05-17 15:15 - 2015-05-17 15:15 - 01267729 _____ C:\Users\Home\Downloads\Freedom v1.0.7a Google Play in-App Purchase.apk
2015-05-16 20:20 - 2015-05-16 20:20 - 00000884 _____ C:\Users\Home\Desktop\Fallout New Vegas - Ultimate Edition.lnk
2015-05-16 20:20 - 2015-05-16 20:20 - 00000000 ____D C:\Users\Home\AppData\Roaming\Fallout New Vegas - Ultimate Edition
2015-05-16 20:19 - 2015-05-16 20:19 - 00000000 ____D C:\Users\Home\AppData\Local\FalloutNV
2015-05-15 16:25 - 2015-05-15 16:26 - 00000000 ____D C:\Users\Home\Documents\How To Survive Saves
2015-05-15 16:17 - 2015-05-15 16:17 - 00000815 _____ C:\Users\Public\Desktop\How to Survive.lnk
2015-05-15 16:17 - 2015-05-15 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\505 Games
2015-05-15 14:04 - 2015-05-15 14:04 - 00015118 _____ C:\Users\Home\Downloads\[kat.cr]fallout.new.vegas.ultimate.edition.2012.pc.repack.by.r.g.mechanics.torrent
2015-05-13 00:39 - 2015-05-13 00:39 - 00000000 ____D C:\Users\Home\Documents\Gamepires
2015-05-13 00:24 - 2015-05-13 00:24 - 00000860 _____ C:\Users\Public\Desktop\Full Metal Zombie (x64).lnk
2015-05-13 00:24 - 2015-05-13 00:24 - 00000860 _____ C:\Users\Public\Desktop\Full Metal Zombie (x32).lnk
2015-05-12 22:24 - 2015-05-12 22:24 - 00031475 _____ C:\Users\Home\Downloads\[kickass.to]gas.guzzlers.extreme.v.1.0.5.2.dlc.2013.pc.repack.от.r.g.games.torrent
2015-05-12 17:00 - 2015-05-12 17:00 - 00000000 ____D C:\Users\Home\AppData\Local\BANDAI NAMCO Games
2015-05-12 16:57 - 2015-05-12 16:57 - 00000519 _____ C:\Users\Public\Desktop\Play Dragon Ball Xenoverse.lnk
2015-05-12 16:57 - 2015-05-12 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandai Namco
2015-05-12 02:25 - 2015-05-12 02:25 - 00000000 ____D C:\Users\Home\AppData\Roaming\REAL
2015-05-12 02:13 - 2015-05-12 02:13 - 00000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAL
2015-05-12 02:13 - 2015-05-12 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAL
2015-05-11 20:39 - 2015-05-11 20:39 - 00009431 _____ C:\Users\Home\Downloads\Daftar CAR Life Salah.xlsx
2015-05-11 00:12 - 2015-05-18 00:12 - 00000000 ____D C:\Windows\SysWOW64\3035

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 14:10 - 2014-08-31 06:06 - 00000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
2015-06-05 14:04 - 2011-11-09 07:49 - 00000000 ____D C:\Users\Home\AppData\Roaming\DMCache
2015-06-05 14:02 - 2012-02-26 15:12 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533201534-3151003976-604284548-1000UA.job
2015-06-05 14:00 - 2009-07-14 11:45 - 00019888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-05 14:00 - 2009-07-14 11:45 - 00019888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-05 13:57 - 2012-10-07 16:58 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-05 13:56 - 2011-11-09 21:32 - 01754425 _____ C:\Windows\WindowsUpdate.log
2015-06-05 13:55 - 2014-05-27 00:45 - 00000000 ____D C:\Users\Home\AppData\Roaming\Raptr
2015-06-05 13:55 - 2011-11-27 19:18 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-05 13:53 - 2011-11-09 07:53 - 00000000 ____D C:\Users\Home\AppData\Roaming\Dropbox
2015-06-05 13:52 - 2014-08-04 00:58 - 00000000 ____D C:\Users\Home\Documents\temp
2015-06-05 13:51 - 2013-06-05 11:09 - 00001008 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-05 13:51 - 2012-01-25 20:54 - 00000000 ____D C:\Users\Home\AppData\Local\LogMeIn Hamachi
2015-06-05 13:51 - 2011-12-01 00:59 - 00000342 _____ C:\Windows\Tasks\RegistryBooster.job
2015-06-05 13:49 - 2014-11-26 09:30 - 00020125 _____ C:\Windows\setupact.log
2015-06-05 13:49 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-05 13:48 - 2014-08-02 14:03 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-06-05 13:44 - 2011-11-09 07:49 - 00000000 ____D C:\Users\Home\AppData\Roaming\IDM
2015-06-05 13:33 - 2013-06-05 11:09 - 00001012 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-05 13:23 - 2011-11-09 07:49 - 00000000 ____D C:\Users\Home\Downloads\Compressed
2015-06-05 12:48 - 2012-05-20 21:50 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-05 12:48 - 2011-11-11 12:09 - 00000000 ____D C:\Users\Home\AppData\Local\Adobe
2015-06-05 12:48 - 2011-11-09 07:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-05 12:26 - 2015-02-07 16:46 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 12:18 - 2011-11-09 07:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-05 12:05 - 2011-11-15 20:18 - 00000000 ____D C:\Users\Home\AppData\Local\Skyrim
2015-06-05 07:40 - 2013-06-05 11:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-05 02:44 - 2011-12-04 00:09 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AFF8480A-ED94-48F9-8935-824FF9547CDB}
2015-06-05 02:26 - 2013-07-08 19:55 - 00000000 ____D C:\Users\Home\Documents\BitLord
2015-06-05 01:02 - 2012-02-26 15:12 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533201534-3151003976-604284548-1000Core.job
2015-06-05 00:05 - 2015-01-02 23:26 - 00000000 ____D C:\Users\Home\AppData\Roaming\Aegisub
2015-06-04 15:59 - 2013-11-21 12:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-03 18:58 - 2011-11-09 07:49 - 00000000 ____D C:\Users\Home\Downloads\Video
2015-06-01 10:18 - 2012-04-15 10:36 - 01255190 _____ C:\Windows\PFRO.log
2015-06-01 00:12 - 2015-01-05 01:35 - 00000414 _____ C:\Windows\Tasks\At1.job
2015-05-31 18:09 - 2015-04-08 21:47 - 00000000 ____D C:\Users\Home\Documents\KoeiTecmo
2015-05-31 18:09 - 2014-09-03 16:18 - 00000000 ____D C:\Users\Home\AppData\Roaming\Steam
2015-05-31 00:28 - 2011-11-09 23:25 - 00000000 ____D C:\Users\Home\Documents\Aaron
2015-05-28 15:53 - 2009-07-14 12:13 - 00973680 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-26 16:34 - 2014-11-22 16:20 - 00002104 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-26 11:13 - 2009-07-14 12:08 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-25 10:57 - 2013-04-06 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-25 10:57 - 2009-07-14 12:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-25 01:38 - 2014-12-17 01:49 - 00000000 ____D C:\illusion
2015-05-20 14:58 - 2012-04-15 12:27 - 00404355 _____ C:\Windows\DirectX.log
2015-05-20 00:19 - 2012-01-12 02:08 - 00000056 _____ C:\Windows\kgt2k.INI
2015-05-19 22:28 - 2013-06-05 11:09 - 00004008 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 22:28 - 2013-06-05 11:09 - 00003756 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 12:06 - 2014-05-27 00:45 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-05-16 21:50 - 2011-11-09 23:14 - 00000000 ____D C:\Users\Home\Documents\My Games
2015-05-15 16:25 - 2011-11-20 22:13 - 00000000 ____D C:\Users\Home\AppData\Local\SKIDROW
2015-05-13 00:31 - 2013-12-17 18:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-12 17:57 - 2014-12-19 13:10 - 00143960 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-12 17:56 - 2012-04-13 14:31 - 00008224 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-05-12 16:59 - 2011-11-09 07:03 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-12 12:07 - 2014-12-10 16:10 - 00143960 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-05-12 12:07 - 2014-08-14 17:46 - 00000000 ____D C:\ProgramData\OpenDNS
2015-05-11 16:49 - 2015-02-15 23:50 - 00000000 ____D C:\Users\Administrator.Home-PC\AppData\Roaming\Raptr
2015-05-11 16:49 - 2014-04-23 23:13 - 00000000 ____D C:\Users\Administrator.Home-PC\AppData\Local\LogMeIn Hamachi
2015-05-11 00:12 - 2015-04-20 00:12 - 00000000 ____D C:\Windows\SysWOW64\3034
2015-05-09 13:16 - 2011-11-09 07:54 - 00000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-07 19:33 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\NDF
2015-05-07 02:05 - 2015-02-03 16:07 - 00000000 ____D C:\Users\Home\AppData\Roaming\vlc
2015-05-07 02:04 - 2015-02-03 15:42 - 00000000 ____D C:\Users\Home\Documents\Readon Player

==================== Files in the root of some directories =======

2014-03-08 14:07 - 2013-07-27 05:46 - 1807272 _____ (Valve Corporation) C:\Program Files (x86)\Steam.exe
2011-11-27 18:04 - 2011-11-27 18:04 - 0000272 _____ () C:\Users\Home\AppData\Roaming\.backup.dm
2013-01-21 03:10 - 2014-08-18 16:17 - 0000132 _____ () C:\Users\Home\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-08-18 19:45 - 2014-08-18 19:45 - 0000132 _____ () C:\Users\Home\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2012-10-19 14:47 - 2012-10-19 15:09 - 0000132 _____ () C:\Users\Home\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-01-18 09:39 - 2015-01-18 09:39 - 0002298 _____ () C:\Users\Home\AppData\Roaming\ASSDraw3.cfg
2013-07-08 20:00 - 2015-02-07 16:19 - 0000000 _____ () C:\Users\Home\AppData\Roaming\bitlord_log.txt
2013-07-31 00:09 - 2014-07-15 17:46 - 0000371 _____ () C:\Users\Home\AppData\Roaming\burnaware.ini
2013-01-07 14:05 - 2015-01-06 17:43 - 0001456 _____ () C:\Users\Home\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-06-21 02:05 - 2014-06-21 02:05 - 0000000 ___SH () C:\Users\Home\AppData\Local\LumaEmu
2015-02-07 16:19 - 2015-02-07 16:19 - 0000218 _____ () C:\Users\Home\AppData\Local\recently-used.xbel
2012-01-14 22:06 - 2014-10-08 16:24 - 0007599 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
2014-10-04 13:19 - 2014-10-04 16:20 - 0015648 _____ () C:\ProgramData\hpzinstall.log
2014-10-09 22:26 - 2014-10-09 22:26 - 0004138 _____ () C:\ProgramData\updkbqqg.iqa

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some files in TEMP:
====================
C:\Users\Home\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprvwvwg.dll
C:\Users\Home\AppData\Local\Temp\msvcp120.dll
C:\Users\Home\AppData\Local\Temp\msvcr120.dll
C:\Users\Home\AppData\Local\Temp\pc-decrapifier.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2012-03-24 21:31] - [2011-02-25 13:19] - 2822656 ____A (Microsoft Corporation) 4A605AA82D92A0C5AE92FF6394334889

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 20:12

==================== End of log ============================

 

 

 

 

 

And this is the Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Home at 2015-06-05 14:11:42
Running from C:\Users\Home\Downloads\Programs
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3533201534-3151003976-604284548-500 - Administrator - Enabled) => C:\Users\Administrator.Home-PC
ASPNET (S-1-5-21-3533201534-3151003976-604284548-1009 - Limited - Enabled)
Guest (S-1-5-21-3533201534-3151003976-604284548-501 - Limited - Disabled)
Home (S-1-5-21-3533201534-3151003976-604284548-1000 - Administrator - Enabled) => C:\Users\Home

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Tropico 5" (HKLM-x32\...\{CDDE3C4F-0CB3-4E5D-9A7D-138AA1D79A02}_is1) (Version: 1.1.0.0 - )
.sol Editor 1.1.0.1 (HKLM-x32\...\.sol Editor) (Version: 1.1.0.1 - alexisisaac.net)
µTorrent (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe After Effects CS5 Third Party Content (HKLM-x32\...\{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}) (Version: 10 - Adobe Systems Incorporated)
Adobe After Effects CS5 Third Party Royalty Content (HKLM-x32\...\{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}) (Version: 10 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5 Third Party Royalty Content (HKLM-x32\...\{565DE707-5798-4FC3-8DF6-0F58A348A9B0}) (Version: 5.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.0.1) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Adobe Soundbooth CS5 Codecs (HKLM-x32\...\{DE5DE662-2ECB-4D93-967B-221FBCC8A736}) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Soundbooth CS5 Royalty Codecs (HKLM-x32\...\{F319804F-E3A4-4C02-8AEC-CB39A4F6447E}) (Version: 3.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AIDA64 Extreme v4.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.50 - FinalWire Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AmiBroker 5.70.2 x64 (HKLM\...\AmiBroker64_is1) (Version: 5.70 - AmiBroker.com)
Any Video Converter Professional 3.2.5 (HKLM-x32\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{21F3F7EC-CD32-D678-63AD-305F556D7BC9}) (Version: 2.0.4399.36214 - Advanced Micro Devices, Inc.)
Arsenal Club Manager (HKLM-x32\...\InstallShield_{AE6E68AF-F3BE-48E1-8240-4C44F795B491}) (Version: 1.00.00000 - Just Football)
Arsenal Club Manager (x32 Version: 1.00.00000 - Just Football) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Babel Rising (HKLM-x32\...\Babel Rising_is1) (Version:  - )
Battlefield 2™ (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.0-276 - House of Life)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
BLADESTORM Nightmare (HKLM-x32\...\BLADESTORM Nightmare_is1) (Version:  - )
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{80194F84-21CE-44CF-A46E-38D8CE448856}) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)
Bof4 (HKLM-x32\...\{44A9CADE-5329-4501-ACF0-C72E1C7EBF79}) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BurnAware Free 6.4 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Car Mechanic Simulator 2015 (HKLM-x32\...\Car Mechanic Simulator 2015_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version:  - Dark Byte)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CleanGenius 3.0.5 (HKLM-x32\...\{47C1AE40-7ED8-4743-83C3-C76F76C754A9}_is1) (Version:  - Acebyte, Inc.)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x32 Version: 16.0 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CursorFX (HKLM-x32\...\CursorFX) (Version:  - Stardock Corporation)
CursorFX (x32 Version: 2.00 - Stardock Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
DEAD OR ALIVE 5 Last Round (HKLM-x32\...\REVBRE9SQUxJVkU1TGFzdFJvdW5k_is1) (Version: 1 - )
DiskAid 5.09 (HKLM-x32\...\DiskAid_is1) (Version: 5.09 - DigiDNA)
DiskAid 6.5.4.0 (HKLM\...\DiskAid_is1) (Version: 6.5.4.0 - DigiDNA)
Disketch Disc Label Software (HKLM-x32\...\Disketch) (Version: 3.24 - NCH Software)
DNSCrypt (HKLM-x32\...\{DEF3592F-0751-4632-9875-8BF9AD602898}) (Version: 0.0.6 - OpenDNS)
DomDomSoft Manga Downloader (remove only) (HKLM-x32\...\DomDomSoft Manga Downloader) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Dragon Age Redesigned © Morrigan) (Version:  - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Dragon Ball Xenoverse version 1.0.0 (HKLM-x32\...\Dragon Ball Xenoverse_is1) (Version: 1.0.0 - Bandai Namco)
Dropbox (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Edraw Max 7.7 (HKLM-x32\...\Edraw Max_is1) (Version:  - EdrawSoft)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
EPSON L350 Series Printer Uninstall (HKLM\...\EPSON L350 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON T13 T22E Series Printer Uninstall (HKLM\...\EPSON T13 T22E Series) (Version:  - SEIKO EPSON Corporation)
Epson User's Guide L350 Series (HKLM-x32\...\L350 Series Useg) (Version:  - )
e-Sword (HKLM-x32\...\{118071AB-6572-4FAD-A1FD-67264C994350}) (Version: 10.01.0000 - Rick Meyers)
Euro Truck Simulator 2 version 1.3.1.43709 (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: 1.3.1.43709 - )
Evil Genius (HKLM-x32\...\Evil Genius_is1) (Version:  - GOG.com)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.72 - NCH Software)
ExtremeCopy (HKLM\...\{DFCE9296-5A54-468F-A0A9-98B978DFCD26}) (Version: 2.1.0000 - Easersoft)
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fallout New Vegas - Ultimate Edition (HKLM-x32\...\Fallout New Vegas - Ultimate Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Feudalism 2 (HKLM-x32\...\Feudalism 2_is1) (Version:  - Vitaly Zaborov)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2014 Font Manager (HKLM-x32\...\FontExpert 2014) (Version: 12.0.0.2 - Proxima Software)
Free Video to DVD Converter version 5.0.30.1029 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Freemake Audio Converter version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter version 3.0.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.0.2 - Ellora Assets Corporation)
From Dust (HKLM-x32\...\{578485F8-60F3-4C61-9183-0698E581B902}) (Version: 1.0.0 - Ubisoft)
GameCenter (HKLM-x32\...\GameCenter) (Version:  - )
GamingMouse (HKLM-x32\...\{4F2CBB98-A9AB-4A7A-9DDC-00E340E42B9F}) (Version: 1.00 - GamingMouse)
Gas Guzzlers Extreme / RePack by Baracuda (HKLM-x32\...\Gas Guzzlers Extreme_is1) (Version: 1.0.5 - )
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.50.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.50.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (by Hommy Games) (HKLM-x32\...\{3E74CDB4-8B8F-4640-BE71-4B66886615F7}_is1) (Version: Update 1 Crack V2 - )
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Haunt the House Terrortown (HKLM-x32\...\Haunt the House Terrortown_is1) (Version:  - )
Hex Workshop v6.7 (HKLM\...\{A47DAFC0-AF57-4462-BD40-B3F02F33CB40}) (Version: 6.7.3.5308 - BreakPoint Software)
HF pAppLoc version 1.0 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.0 - Inquisitor)
How to Survive (HKLM-x32\...\How to Survive_is1) (Version:  - )
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam (HKLM-x32\...\iFunBox 2014_is1) (Version: v3.1.562.425 - )
ILLUSION Sexy Beach ZERO (HKLM-x32\...\{19661D1F-932A-4845-A562-10907870E8D1}_is1) (Version: 1.0.0.0 - randompirate)
ImageConverter Plus 7.1 (HKLM-x32\...\ImageConverter Plus_is1) (Version:  - fCoder, Ltd.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Insaniquarium Deluxe 1.0 (HKLM-x32\...\Insaniquarium_Deluxe_1.0) (Version:  - )
InstaTrader (HKLM-x32\...\InstaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - )
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java™ SE Development Kit 6 Update 1 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Java™ SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
JCreator LE 5.00 (HKLM-x32\...\JCreator LE_is1) (Version:  - Xinox Software)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Kerbal Space Program_is1) (Version:  - )
Knights of Pen and Paper (HKLM-x32\...\Knights of Pen and Paper_is1) (Version:  - Paradox Interactive)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
LINE (HKLM-x32\...\LINE) (Version: 4.0.0.278 - LINE Corporation)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.7.1.9 - Hermann Schinagl)
Livestream for Producers (HKLM-x32\...\{53466613-9260-4814-AE66-7F3A3FA978D3}) (Version: 0.0.64 - Livestream)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
London 2012 The Official Video Game of the Olympic Games (HKLM-x32\...\London 2012 The Official Video Game of the Olympic Games_is1) (Version: London 2012 The Official Video Game of the Olympic Games - )
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Mercenaries 2: World in Flames™ (HKLM\...\{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}) (Version: 2.0.1.0 - Electronic Arts)
Mercenaries 2: World in Flames™ (HKLM-x32\...\{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}) (Version: 2.0.1.0 - Electronic Arts)
Messenger Plus! 5 (HKLM-x32\...\Messenger Plus!) (Version: 5.01.0.706 - Yuna Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition with SP1 - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60830 (HKLM\...\{122B909F-9DCF-360E-91E7-0679E033FBE1}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60830 (HKLM\...\{083808D6-6235-37A8-82C1-98D226EB681F}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.6.2 (HKLM-x32\...\Minecraft1.6.2) (Version:  - )
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
Mixlr version 2.0.11 (HKLM-x32\...\{F021F776-6BD4-4301-985D-0C1D27EEC8ED}_is1) (Version: 2.0.11 - Mixlr, Ltd.)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.002.03.23.03 - Huawei Technologies Co.,Ltd)
Monopoly (HKLM-x32\...\Monopoly) (Version:  - PopCap Games)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version:  - )
Mount&Blade With Fire and Sword (HKLM-x32\...\Mount&Blade With Fire and Sword) (Version:  - )
Mountain Lion Skin Pack 1.0-X64 (HKLM-x32\...\Mountain Lion Skin Pack) (Version: 1.0-X64 - Publisher)
Movavi Video Converter 14 (HKLM-x32\...\Movavi Video Converter 14) (Version: 14.0.0 - Movavi)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Moyea Free Flash Downloader version  1.3.0.0 (HKLM-x32\...\{8ED5BF38-B9BF-4F2D-AF42-9037574A254F}_is1) (Version: 1.3.0.0 - Moyea Software Co., LTD)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MPC-BE x64 1.4.4.199 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.4.4.199 - MPC-BE Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MySQL Server 5.5 (HKLM\...\{6150345A-1382-4713-B38B-482388DC7E7B}) (Version: 5.5.29 - Oracle Corporation)
MySQL Workbench 5.2 CE (HKLM-x32\...\{FF0815E9-0ECC-48B5-AF2C-47F3601CEC2E}) (Version: 5.2.45 - Oracle Corporation)
NBA 2K15 (HKLM-x32\...\NBA 2K15_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
NBA 2K15 Update 2 (HKLM-x32\...\TkJBMksxNQ==_is1) (Version: 1 - )
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
New Star GP 1.25 DEMO (HKLM-x32\...\{2AC22CBC-1E34-4942-BC27-890E5DD3F8BC}}_is1) (Version:  - New Star Games Ltd)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
Nokia PC Connectivity SDK 3.0 (x32 Version: 1.00.034 - Nokia) Hidden
Not A Hero (HKLM-x32\...\1429698467_is1) (Version: 2.0.0.1 - GOG.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Omerta - City of Gangsters (HKLM-x32\...\GOGPACKOMERTA_is1) (Version: 2.0.0.4 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
PC Suite äëÿ Nokia N-Gage (HKLM-x32\...\{0C0B2375-5373-4AF9-AF2E-43F15AEDE97F}) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Plants vs Zombies Game Of The Year Edition 1.00 (HKLM-x32\...\Plants vs Zombies Game Of The Year Edition 1.00) (Version:  - )
PoorSakura - Desktop (HKLM-x32\...\PoorSakura - Desktop1.0) (Version: 1.0 - 7thDream)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RAR Password Recovery v1.1 RC16 (remove only) (HKLM-x32\...\Intelore - RAR Password Recovery) (Version:  - )
Readon TV Movie Radio Player 7.6.0.0 (HKLM-x32\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Reload Icons Cache 1.00 (HKLM-x32\...\Reload Icons Cache 1.00) (Version: 1.00 - Mr Blade Design's)
Reus 1.0 (HKLM-x32\...\Reus 1.0) (Version: 1.0 - Cat-A-Cat)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
RTKXI (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\InstallShield_{64893225-ADBA-469E-B114-F3B2C1FBBA77}) (Version: 1.00.0000 - Koei)
RTKXI (x32 Version: 1.00.0000 - Koei) Hidden
s3pe - Sims3 Package Editor (HKLM-x32\...\s3pe) (Version: 13-1112-2033 - Peter L Jones)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SAMURAI WARRIORS 2 (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\InstallShield_{798D4714-71DA-4871-87B5-E2D02C0FFC2B}) (Version: 1.00.0000 - Koei)
SAMURAI WARRIORS 2 (x32 Version: 1.00.0000 - Koei) Hidden
Sandboxie 3.76 (64-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)
Scaedumar Beta 0.4 (HKLM-x32\...\Scaedumar Beta) (Version: 0.4 - )
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
Setup - Dynasty Warriors 8 Empires ... (HKLM-x32\...\Setup - Dynasty Warriors 8 Empires ...) (Version: ... - Omega Force)
SkinPack Dark Yosemite 1.0 (HKLM-x32\...\SkinPack) (Version: Dark Yosemite 1.0 - SkinPack)
Skyrim NPC Editor (HKLM-x32\...\{5BA9357B-E876-4FB2-8F1B-C7E63AC90E6F}) (Version: 0.75.1 - foretrenty)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Spintires (HKLM-x32\...\{A241621A-4B53-2B42-48D3-7FDF1A862439}_is1) (Version: 1.0 - )
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
SSIII Solo Ultratus 1.1 (HKLM-x32\...\SSIII Solo Ultratus) (Version: 1.1 - 3RDsense)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
State of Decay (HKLM-x32\...\State of Decay_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Street Racing Syndicate ™ (HKLM-x32\...\{1CC535A8-BD37-4AD5-BF85-1C366873BA47}) (Version: 1.00.0000 - )
SubtitleCreator (HKLM-x32\...\SubtitleCreator) (Version: V2.3rc1 - Erik Vullings)
Superpower 2 (HKLM-x32\...\InstallShield_{CFB9F7A0-A7ED-43A9-9551-EC1F319F971A}) (Version: 1.00.0000 - Dreamcatcher)
Superpower 2 (x32 Version: 1.00.0000 - Dreamcatcher) Hidden
Swords and Sandals 2 2.0 (HKLM-x32\...\Swords and Sandals 2) (Version: 2.0 - 3RDsense)
Swords and Sandals Full Pack (HKLM-x32\...\Swords and Sandals Full Pack) (Version:  - )
Syncios version 3.0.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.5 - Anvsoft, Inc.)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
The Sims 4 - Get to Work (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims 4 Deluxe Edition version 1.2.16.10 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.2.16.10 - Mr DJ)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.7.4 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.5.4 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.10.4 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.2.4 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.14.4 - Electronic Arts)
Tinker (HKLM-x32\...\GFWL_{584109EB-4A5E-4467-B3C4-5C1000008300}) (Version: 1.0.0000.131 - Microsoft Corporation)
Tinker (x32 Version: 1.0.0000.131 - Microsoft Corporation) Hidden
Tinker (x32 Version: 1.0.0001.131 - Microsoft Corporation) Hidden
Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.00.00000 - Ubisoft)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
Tomb Raider 1 + 2 + 3 (HKLM-x32\...\Tomb Raider 1 + 2 + 3_is1) (Version:  - GOG.com)
TSR Workshop (HKLM-x32\...\{33100EE2-5EDF-4AB1-BF08-D767E3AED642}) (Version: 2.0.86 - The Sims Resource)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Typer Shark Deluxe 1.01 (HKLM-x32\...\Typer Shark Deluxe 1.01) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UK Truck Simulator 1.02 (HKLM-x32\...\UK Truck Simulator) (Version: 1.02 - )
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.4.0.0 - Manuel Hoefs (Zottel))
Uniblue DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version:  - Uniblue Systems Ltd)
Uniblue PowerSuite (HKLM-x32\...\{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1) (Version:  - Uniblue Systems Ltd)
Uniblue RegistryBooster (HKLM-x32\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version:  - Uniblue Systems Ltd)
Unity Web Player (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Uplink (HKLM-x32\...\Uplink) (Version:  - )
Valkyria Chronicles (HKLM-x32\...\Valkyria Chronicles_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Virtual Villagers - New Believers Just For Fun Games (HKLM-x32\...\Virtual Villagers - New Believers Just For Fun Games) (Version:  - )
Virtual Villagers 3 - The Secret City Fixed (HKLM-x32\...\Virtual Villagers 3 - The Secret City Fixed1.0) (Version: 1.0 - Bigfish Games)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRAR Password Cracker (HKLM-x32\...\{8B40599F-FE33-4A1E-A19D-9D8763CDE329}) (Version: 4.2.0.0 - iWesoft)
WinSetupFromUSB (HKU\S-1-5-21-3533201534-3151003976-604284548-1000\...\WinSetupFromUSB) (Version:  - )
Wise Registry Cleaner 8.03 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.03 - WiseCleaner.com, Inc.)
XviD MPEG-4 Video Codec (HKLM-x32\...\XviD_is1) (Version: XviD-1.0.3-20122004 - XviD Team (Koepi))
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION
真・三國無双6 with 猛将伝 (HKLM-x32\...\InstallShield_{A804968F-4F32-4E02-98B2-5864EEB42903}) (Version: 1.00.0000 - TecmoKoei)
真・三國無双6 with 猛将伝 (x32 Version: 1.00.0000 - TecmoKoei) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3533201534-3151003976-604284548-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Home\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

05-06-2015 02:00:42 Scheduled Checkpoint
05-06-2015 12:17:19 Removed LG United Mobile Driver
05-06-2015 13:24:07 Manual Restore Point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-11-14 09:50 - 2014-11-14 14:40 - 00000865 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0141E709-7C17-41F1-AA64-AC840D481733} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {2464992C-DC04-4263-A99E-E4715679F5DC} - System32\Tasks\RegistryBooster => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2010-07-27] (Uniblue Systems Limited)
Task: {247B789D-D45B-4E6D-BABB-4BD32F298BF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3533201534-3151003976-604284548-1000UA => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-26] (Google Inc.)
Task: {27AC694D-311E-4ABB-8364-2A6C4C7FFF25} - System32\Tasks\{35FD067A-DD3B-4ECF-B9BC-3634A8096188} => pcalua.exe -a "C:\Windows\PoorSakura - Desktop\uninstall.exe" -c "/U:C:\Program Files (x86)\PoorSakura - Desktop\Uninstall\uninstall.xml"
Task: {27DE99F7-C589-462C-8904-664FD2765A1A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3533201534-3151003976-604284548-1000Core => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-26] (Google Inc.)
Task: {4A399786-816E-48DD-8047-D4AF46428532} - System32\Tasks\{AAD9B0A9-0A77-44DC-9F9F-0476242B49B2} => pcalua.exe -a "D:\Games\Watch Dogs\support\VCRedist\VS_2008_vcredist_sp1_x64.exe" -d "D:\Games\Watch Dogs\support\VCRedist"
Task: {4E4FA811-435D-48FC-8000-B07463C28062} - System32\Tasks\At1 => C:\Windows\SysWOW64\ieUnattt.exe [2013-08-28] () <==== ATTENTION
Task: {5781405E-818E-4E73-ABC2-D1C29A033D5A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {59DDA0F5-C4EA-4460-B9A9-67DF665561B3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {93ECC636-B06B-4D58-9D0F-2437B262E9F4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {ABC5BB78-A60A-4BC3-A358-4BF143A09B5D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B1D0BBF3-873A-4FCA-A8C1-46A0CF87A29E} - System32\Tasks\{D6A2DAC1-0038-4344-88DA-3D146C0EF098} => pcalua.exe -a "C:\Users\Home\Downloads\Compressed\Setup Super Speed Internet V.1.38 - Final\Setup Super Speed Internet V.1.38 - Final.exe" -d "C:\Users\Home\Downloads\Compressed\Setup Super Speed Internet V.1.38 - Final"
Task: {B936AD63-5FED-43AB-A2D2-5B4665D00532} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {BE2665DD-3358-435F-A9B7-51D89CEAFD1D} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\Program Files (x86)\Rising\RAV\rsdelaylauncher.exe
Task: {BEEC0702-8EE5-4B39-8A9E-62DE464F12F1} - System32\Tasks\{39A5009D-23E0-4C6D-88CB-A3C58752E7F1} => pcalua.exe -a "C:\Users\Home\Documents\BitLord\Seduce Me Setup.exe" -d C:\Users\Home\Documents\BitLord
Task: {D479498C-74AB-496B-AF31-2802AC6613C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {D7F322EB-88ED-488F-8C62-D16218EB0B5E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-PC-Home Home-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {D7F8FDD4-E658-47B1-8497-9B04D055ECEF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E0B869C9-1F06-42E7-AA8C-12C3E526C064} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: C:\Windows\Tasks\At1.job => C:\Windows\SysWOW64\ieUnattt.exe C:\Windows\SysWOW64\appmgrr.dll
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533201534-3151003976-604284548-1000Core.job => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3533201534-3151003976-604284548-1000UA.job => C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegistryBooster.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

==================== Loaded Modules (Whitelisted) ==============

2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2004-10-01 01:15 - 2004-10-01 01:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2007-09-02 17:28 - 2007-09-02 17:28 - 00495616 _____ () C:\SkinPack\RocketDock\RocketDock.exe
2014-07-18 07:27 - 2003-07-03 15:23 - 00258112 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\ectaskscheduler.exe
2007-08-17 22:40 - 2007-08-17 22:40 - 00159744 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\UberIcon\UberIcon.exe
2006-01-02 05:27 - 2006-01-02 05:27 - 00015872 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\Winroll\winroll.exe
2014-07-18 07:27 - 2003-07-03 15:18 - 00098304 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\BroadcastProxy.exe
2009-09-10 21:51 - 2009-09-10 21:51 - 00014848 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\VirtuaWin\modules\WinList.exe
2007-03-10 10:09 - 2007-03-10 10:09 - 00090112 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\UberIcon\UberIcon.dll
2004-04-06 23:00 - 2004-04-06 23:00 - 00008704 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\Winroll\winroll.dll
2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2007-09-02 17:27 - 2007-09-02 17:27 - 00069632 _____ () C:\SkinPack\RocketDock\RocketDock.dll
2014-04-14 18:18 - 2015-04-17 00:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 10:02 - 2015-04-23 09:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-21 10:02 - 2015-04-23 09:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 10:02 - 2015-04-23 09:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 10:41 - 2015-06-05 01:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 17:54 - 2014-12-02 04:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 17:54 - 2014-12-02 04:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 17:54 - 2014-12-02 04:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 17:54 - 2014-12-02 04:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 17:54 - 2014-12-02 04:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-04-14 18:18 - 2015-06-05 01:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-06 20:51 - 2014-08-06 20:51 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-06 20:51 - 2014-08-06 20:51 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-18 07:27 - 2003-07-03 15:19 - 00159744 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\Wswitch.dll
2014-07-18 07:27 - 2003-07-03 15:31 - 00155648 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\UnifyTrigger.dll
2014-07-18 07:27 - 2003-07-03 15:23 - 00249856 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\ectui.dll
2014-07-18 07:27 - 2003-07-03 15:26 - 00180224 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\ConnectionTrigger.dll
2014-07-18 07:27 - 2003-07-03 15:31 - 00184320 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\TimeTrigger.dll
2014-07-18 07:27 - 2003-07-03 15:12 - 00086016 _____ () C:\Program Files (x86)\Nokia\PC Suite for Nokia N-Gage\SCRFSProxy.dll
2006-07-18 02:45 - 2006-07-18 02:45 - 00057344 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\UberIcon\Plugins\iZoom\fx.dll
2009-08-12 15:39 - 2009-08-12 15:39 - 00077824 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\Xwidget\Res\Lib\lib.dll
2009-03-21 19:49 - 2009-03-21 19:49 - 00040960 _____ () C:\Program Files (x86)\Mountain Lion Skin Pack\YzShadow\Languages\English.lang
2015-06-05 13:52 - 2015-06-05 13:52 - 00043008 _____ () c:\users\home\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprvwvwg.dll
2015-03-05 04:45 - 2015-03-05 04:45 - 00750080 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 04:45 - 2015-03-05 04:45 - 00047616 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 04:45 - 2015-03-05 04:45 - 00865280 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 04:45 - 2015-03-05 04:45 - 00200704 _____ () C:\Users\Home\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2010-11-23 05:56 - 2010-11-23 05:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 06:26 - 2014-05-14 06:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 06:26 - 2014-05-14 06:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 06:26 - 2014-05-14 06:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 06:26 - 2014-05-14 06:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 05:57 - 2010-11-23 05:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 05:56 - 2010-11-23 05:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 05:57 - 2010-11-23 05:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 05:57 - 2010-11-23 05:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-16 01:17 - 2011-02-16 01:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 05:57 - 2010-11-23 05:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 06:26 - 2014-05-14 06:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 07:37 - 2014-08-14 07:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 07:37 - 2014-08-14 07:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 07:05 - 2013-11-21 07:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 05:56 - 2010-11-23 05:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 05:57 - 2010-11-23 05:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 05:56 - 2010-11-23 05:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2014-04-14 18:18 - 2015-05-12 02:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2010-11-23 05:57 - 2010-11-23 05:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 07:56 - 2014-06-18 07:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-16 01:17 - 2011-02-16 01:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 06:06 - 2010-11-23 06:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 06:52 - 2013-05-10 06:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 06:52 - 2013-05-10 06:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 06:52 - 2013-05-10 06:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-04 01:57 - 2013-05-04 01:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-04 01:56 - 2013-05-04 01:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-04 01:56 - 2013-05-04 01:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-04 01:57 - 2013-05-04 01:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-04 01:56 - 2013-05-04 01:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-04 01:57 - 2013-05-04 01:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-04 01:57 - 2013-05-04 01:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-04 01:57 - 2013-05-04 01:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-04 01:57 - 2013-05-04 01:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-05-14 16:22 - 2015-05-12 02:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2015-06-05 12:48 - 2015-06-05 12:48 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\System:DVT313707QXOECFteCcBM6aK
AlternateDataStreams: C:\ProgramData\Microsoft:bmMA8Zg5vlwGwrlAg9iSlntDgrrC3
AlternateDataStreams: C:\ProgramData\Microsoft:hNWaDknxzPcIroJh4eLPM2af
AlternateDataStreams: C:\ProgramData\TEMP:9A78FF1A
AlternateDataStreams: C:\Users\Home\Cookies:07VQHjoMN9EgUO3r0Xa
AlternateDataStreams: C:\Users\Home\Cookies:NBvEigLrifvi0YUTy3ndti
AlternateDataStreams: C:\Users\Home\AppData\Local\Temp:FZP1B43jtYYCJ97kFYsUesZax

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3533201534-3151003976-604284548-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 127.0.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DeskDrive.lnk => C:\Windows\pss\DeskDrive.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Finderbar.lnk => C:\Windows\pss\Finderbar.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PCSuiteForNokiaN-Gage Detect.lnk => C:\Windows\pss\PCSuiteForNokiaN-Gage Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk => C:\Windows\pss\RocketDock.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe => C:\Windows\pss\PowerReg Scheduler V3.exe.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CleanGeniusTray => "C:\Program Files (x86)\CleanGenius 3\CleanGeniusTray.exe" -startup
MSCONFIG\startupreg: CursorFX => "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: FontExpertType1Loader => C:\Program Files (x86)\FontExpert\Type1Loader.exe
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\GamingMouse\mousehid.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iFunBox Price Watch => C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Nokia Tray Application => C:\Program Files (x86)\Common Files\Nokia\NCLTools\NclTray.exe
MSCONFIG\startupreg: PowerSuite => "C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe" delay 20000  -m
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RISTRAY => "C:\Program Files (x86)\Rising\RIS\RSTRAY.EXE" -system
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\Mountain Lion Skin Pack\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: RSDTRAY => "C:\Program Files (x86)\Rising\RSD\popwndexe.exe"
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Serverx => C:\Windows\system32\Serverx.exe
MSCONFIG\startupreg: ServiceLayer => C:\Program Files (x86)\Common Files\Nokia\Services\ServiceLayer.exe
MSCONFIG\startupreg: SpeedUpMyPC => "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3516F0AA-38F2-426E-8092-E7A43E549EBC}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{2E3FB54B-B13E-45ED-B663-9B16A5C3C87F}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{47E989AD-F288-4378-9A06-AD2979F0D367}] => (Allow) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B930E3E6-46BB-46C8-B6CC-C1750F8EA471}] => (Allow) C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{723739DE-9E85-4FF7-9C11-384DDA74BFEF}] => (Allow) LPort=5353
FirewallRules: [{800D8542-FD59-4C36-AD10-288EC885D83D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E7F59959-0A83-4458-BD27-5C852DBE907F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{255A5A5F-6BDC-448B-A4A1-4E50FC125022}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{56728382-A9A1-4D7B-BAD9-6E2BCC69B0EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66F66786-51F1-4CC1-A9AB-433B85024728}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6B02B350-D3F9-441E-9425-2AA8080BF001}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{52D9B2D9-FF40-4068-86A6-4231E80157DC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C88F72C3-A69D-43A8-A014-A5B008BC56FA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{3650BD67-FD21-4A9D-B73E-F8D9771E60C8}C:\users\home\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\home\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0A1CFC26-32BB-449E-9C59-F2C9DBA0A71F}C:\users\home\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\home\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{D2C0B9E2-AA85-4B04-9811-87067A610DD9}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{4A834EFB-56A5-4505-93A3-FFB0F674967C}H:\games\warcraft iii\war3.exe] => (Allow) H:\games\warcraft iii\war3.exe
FirewallRules: [UDP Query User{C37A37F6-2092-40A6-AC89-E3593F788235}H:\games\warcraft iii\war3.exe] => (Allow) H:\games\warcraft iii\war3.exe
FirewallRules: [TCP Query User{8E1B2C96-E29C-4B6E-B8D3-1DF0710A71AF}D:\games\mount&blade warband\mb_warband.exe] => (Allow) D:\games\mount&blade warband\mb_warband.exe
FirewallRules: [UDP Query User{F71FDEEC-288E-458C-A993-AB57A9793B55}D:\games\mount&blade warband\mb_warband.exe] => (Allow) D:\games\mount&blade warband\mb_warband.exe
FirewallRules: [{A23BF697-6949-4364-B31F-BDFF42A15437}] => (Allow) C:\Program Files (x86)\Microsoft Corporation\Tinker\Tinker.exe
FirewallRules: [{D5B3DE76-B91C-4284-A019-499B3A0A01E2}] => (Allow) C:\Program Files (x86)\Microsoft Corporation\Tinker\Tinker.exe
FirewallRules: [{162EB094-90DC-409D-819A-EBC79BB5651E}] => (Allow) D:\Games\Age of Empires III\age3x.exe
FirewallRules: [{2B8C5949-E115-457E-8334-9DA9FCB72407}] => (Allow) D:\Games\Age of Empires III\age3x.exe
FirewallRules: [{8FDFCB33-29ED-4FC2-8D6E-9CB368DE28F7}] => (Allow) D:\Games\Age of Empires III\age3y.exe
FirewallRules: [{0BD551A7-A311-4F89-B202-D34A1A7F5661}] => (Allow) D:\Games\Age of Empires III\age3y.exe
FirewallRules: [{DE074D1A-BA0B-4E0F-B28A-6C9980A50175}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD901DB9-B6C0-4831-9A4B-E509092FFE13}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD77337E-B777-46E7-BB6C-ED5A0A903A8F}] => (Allow) D:\Games\Virtua Tennis 4\VT4.exe
FirewallRules: [{46BC7F21-961F-492E-8AB8-F1BD5D509590}] => (Allow) D:\Games\Virtua Tennis 4\VT4.exe
FirewallRules: [{93E2C9C6-B5DC-4207-ADBB-045B77628B30}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{ED9D623C-8EC6-4A9B-91EF-40D83454CB51}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{399846CE-339C-422A-9863-D132F2F6EDB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\Common\dota 2 beta\dota.exe
FirewallRules: [{CE78375A-8E51-4A0F-A765-3F2F15B0F36B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\Common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{B5E57E9E-DAE0-46F1-80E2-8AEA171AA0AB}D:\games\karateka\binaries\karateka.exe] => (Allow) D:\games\karateka\binaries\karateka.exe
FirewallRules: [UDP Query User{79D6739E-B2EA-479A-A78C-7C7867090112}D:\games\karateka\binaries\karateka.exe] => (Allow) D:\games\karateka\binaries\karateka.exe
FirewallRules: [{B2CA76DC-92D9-40DE-B5B4-1B37B77B0D2E}] => (Allow) D:\Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{0E574AF2-BD0E-418E-8DE4-DCD9CEA9DE6E}] => (Allow) D:\Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{92EEAACF-1451-4B8B-A28E-495D46756FB5}] => (Allow) D:\Games\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{4C0002C6-9BAD-4D43-878F-B817461A584B}] => (Allow) D:\Games\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{9111A59A-7CF6-4B12-861C-1BB9150E6C9E}] => (Allow) C:\Users\Home\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{2AB4C87D-C6FB-447B-99C4-C570FFD81587}] => (Allow) C:\Users\Home\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9494399E-1402-4C1A-AEB4-AAA10B333D74}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4834A2E6-A998-44D5-B64A-D7298DAA9535}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E7234C74-21E2-4883-BC32-F687ACA4A4EC}C:\users\home\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\home\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{26CF50C6-DB2D-401E-9C5C-575406DCE5AD}C:\users\home\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\home\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{17F6BFAE-FD67-4BD7-B4C5-5900E43C9EFA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E8390792-120F-42EA-A5FA-7D366F64D601}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A9B8D4C2-5765-49A9-80CB-D57D95B28703}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6E0EA167-F70E-47BC-8EF0-EC28AB6193C2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2594CCA1-0D10-4A5D-9B4F-56A593F4FB2A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D23BA177-4E75-447A-AAB6-9E20C8A0F308}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{223E691F-77BC-4F8D-9CC5-3A097798BDB3}] => (Block) %ProgramFiles% (x86)\DigiDNA\DiskAid\DiskAid.exe
FirewallRules: [{887F66F3-3A4E-470C-9749-9700D8982CE8}] => (Block) %ProgramFiles% (x86)\DigiDNA\DiskAid\DiskAid.exe
FirewallRules: [TCP Query User{574203C8-62F7-4432-BD44-508AC333F998}C:\users\home\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\home\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C0263FAA-B97F-4754-944A-82B322BCEB39}C:\users\home\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\home\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{FB2FA374-C313-4CD8-B942-0EE880944BA5}D:\games\gta sa\samp03x_svr_r2_win32\samp-server.exe] => (Allow) D:\games\gta sa\samp03x_svr_r2_win32\samp-server.exe
FirewallRules: [UDP Query User{2F696E65-3EF6-4C79-AEA7-EC9DF617962B}D:\games\gta sa\samp03x_svr_r2_win32\samp-server.exe] => (Allow) D:\games\gta sa\samp03x_svr_r2_win32\samp-server.exe
FirewallRules: [TCP Query User{18A12EE3-0DB9-46CC-A543-B6637489469A}D:\games\wrc 4 fia world rally championship\wrc4.exe] => (Allow) D:\games\wrc 4 fia world rally championship\wrc4.exe
FirewallRules: [UDP Query User{E5C9948E-CAC4-47E8-A57D-6F51485BEC52}D:\games\wrc 4 fia world rally championship\wrc4.exe] => (Allow) D:\games\wrc 4 fia world rally championship\wrc4.exe
FirewallRules: [{EF585CB9-A9A6-4F8B-9DDB-A7CAE3936DE5}] => (Block) D:\games\wrc 4 fia world rally championship\wrc4.exe
FirewallRules: [{50E0D36F-E3B6-483E-B151-67C75ADF2F8F}] => (Block) D:\games\wrc 4 fia world rally championship\wrc4.exe
FirewallRules: [TCP Query User{E9B2BB68-40B0-4EB4-991A-4E69B07E83BF}D:\games\total war rome ii\rome2.exe] => (Allow) D:\games\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{06EA9378-AF96-4EDB-89CA-FAC8DF1D5D59}D:\games\total war rome ii\rome2.exe] => (Allow) D:\games\total war rome ii\rome2.exe
FirewallRules: [{A733BA67-B209-4A0A-9948-FA8166C16178}] => (Block) D:\games\total war rome ii\rome2.exe
FirewallRules: [{D64AD2D8-1BF9-4FF5-A255-FDB23F332CC0}] => (Block) D:\games\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{9DC8003C-4CEA-4916-B3AB-B8D88C1851A3}D:\download\psp\ppsspp_win\ppsspp\adhocserverproonline\adhocsever.exe] => (Allow) D:\download\psp\ppsspp_win\ppsspp\adhocserverproonline\adhocsever.exe
FirewallRules: [UDP Query User{C2882A5A-D13D-4F50-B293-5E022CD73698}D:\download\psp\ppsspp_win\ppsspp\adhocserverproonline\adhocsever.exe] => (Allow) D:\download\psp\ppsspp_win\ppsspp\adhocserverproonline\adhocsever.exe
FirewallRules: [{C9B8A8D9-EAD9-4F7E-B5A8-D9EC559B7330}] => (Block) D:\download\psp\ppsspp_win\ppsspp\adhocserverproonline\adhocsever.exe
FirewallRules: [{4B492820-6231-4CE3-A139-136CCB9D9D39}] => (Block) D:\download\psp\ppsspp_win\ppsspp\adhocserverproonline\adhocsever.exe
FirewallRules: [TCP Query User{1931E071-0E65-4BB9-A99D-901EB92D5D2A}D:\download\psp\ppsspp_win\ppsspp\ppssppwindows64.exe] => (Allow) D:\download\psp\ppsspp_win\ppsspp\ppssppwindows64.exe
FirewallRules: [UDP Query User{996FD163-E89A-4156-9F4B-AAB8DF04EBE1}D:\download\psp\ppsspp_win\ppsspp\ppssppwindows64.exe] => (Allow) D:\download\psp\ppsspp_win\ppsspp\ppssppwindows64.exe
FirewallRules: [{378648CF-D7B7-43E1-9F4C-3BFD2BF72434}] => (Block) D:\download\psp\ppsspp_win\ppsspp\ppssppwindows64.exe
FirewallRules: [{03848A38-41E6-4B8D-8716-241D5884FC92}] => (Block) D:\download\psp\ppsspp_win\ppsspp\ppssppwindows64.exe
FirewallRules: [TCP Query User{C969466E-C020-431D-8C0E-6CC042DE278C}D:\download\new folder\vbalink172l\vbaserver.exe] => (Allow) D:\download\new folder\vbalink172l\vbaserver.exe
FirewallRules: [UDP Query User{AD201D10-5430-4BAF-B2BF-1567405E9EB1}D:\download\new folder\vbalink172l\vbaserver.exe] => (Allow) D:\download\new folder\vbalink172l\vbaserver.exe
FirewallRules: [{1D377BA8-8CFB-4CDE-870C-4DCD3E5BF0B9}] => (Block) D:\download\new folder\vbalink172l\vbaserver.exe
FirewallRules: [{4DDA2E64-06A1-41A8-A778-7F7F5A3B2003}] => (Block) D:\download\new folder\vbalink172l\vbaserver.exe
FirewallRules: [TCP Query User{52E7BAEA-477F-476D-8DA5-CF3C45C14F4D}D:\games\warcraft iii\war3.exe] => (Block) D:\games\warcraft iii\war3.exe
FirewallRules: [UDP Query User{43EE5913-7A34-4223-B8C2-5DF045E35D4C}D:\games\warcraft iii\war3.exe] => (Block) D:\games\warcraft iii\war3.exe
FirewallRules: [TCP Query User{BDD6F0A3-CCAA-42F4-9C8E-940EC607EF07}D:\games\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\games\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{610BF496-C3C8-42D2-9117-6D9707E47995}D:\games\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\games\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{5F47CB57-4FF5-4BCD-8AC3-DED7C0A55E58}D:\games\payday 2\payday2_win32_release.exe] => (Block) D:\games\payday 2\payday2_win32_release.exe
FirewallRules: [UDP Query User{70FA7E24-588D-4DFE-BBE2-34061A985234}D:\games\payday 2\payday2_win32_release.exe] => (Block) D:\games\payday 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{F827F47D-0A8F-45F6-96AD-6CB3406F1222}D:\games\london 2012 the official video game of the olympic games\london2012.exe] => (Allow) D:\games\london 2012 the official video game of the olympic games\london2012.exe
FirewallRules: [UDP Query User{B5E8B54B-08CC-4819-8EE8-46B2B16362BE}D:\games\london 2012 the official video game of the olympic games\london2012.exe] => (Allow) D:\games\london 2012 the official video game of the olympic games\london2012.exe
FirewallRules: [{53A5C179-EB92-48C6-BD18-5D991F174250}] => (Block) D:\games\london 2012 the official video game of the olympic games\london2012.exe
FirewallRules: [{A13F430B-F784-430B-8C2C-9C8F0AEE7073}] => (Block) D:\games\london 2012 the official video game of the olympic games\london2012.exe
FirewallRules: [{6D330567-0AA3-44B0-A778-28DF36D7DBFF}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{FC6860BB-94E3-4A5F-ADE0-5E5BEB73457B}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3F82AFAD-EF9C-47D3-8E6B-45D0CB186772}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0D401633-BAF6-4B76-9A19-60934529B7A3}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0C119065-909B-412A-9C2F-73EF44298ABE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\Common\dota 2 beta\dota.exe
FirewallRules: [{2A45BF98-4DA5-40C4-A01B-D7E73CE6B730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\Common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{B98FA2F2-799A-43A1-8AD4-FA6BEBD5C75E}D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{25204A5D-D647-49B0-B434-EEB7BA2D781E}D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{2B6D7059-60EA-4AE4-A64C-E94A7DEB9825}] => (Block) D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{49EC5B5B-1890-4B46-A298-162C9D61002E}] => (Block) D:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{48CA6753-CE22-4AF0-B974-0DAA097BF79D}] => (Allow) C:\Program Files (x86)\Steam.exe
FirewallRules: [{4AF92525-83CC-44C6-BC03-2D6A9C336DFF}] => (Allow) C:\Program Files (x86)\Steam.exe
FirewallRules: [{5BD71638-9099-484C-A92C-0A60329B4B5B}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{40DE10A9-A465-4AAF-A284-1B18C87D8E75}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{E6895EA0-4D84-4EAC-8710-E29647A50FD3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{1E58E56A-020A-41CA-BFFB-F1F6ACDCC3FB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{48872A13-5C0A-4D35-BB1F-8773921A0817}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{C5AE4D6F-2837-4F74-84E3-F2D9DE680444}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{458898B8-505C-4575-A7C5-5B9A9252D5C7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8A9C1B0F-556D-4F51-8ECA-53F5076E4579}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B7F999A2-24B7-43E5-A363-DABA859182E4}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{04370F42-24AD-4668-B2C7-F0E53CD76C8D}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{F07C0706-CBC0-424A-AC26-B69205336845}D:\games\saints row iv\saintsrowiv.exe] => (Block) D:\games\saints row iv\saintsrowiv.exe
FirewallRules: [UDP Query User{9F93068B-8EED-4581-BEBE-C3BF2ECAE2AF}D:\games\saints row iv\saintsrowiv.exe] => (Block) D:\games\saints row iv\saintsrowiv.exe
FirewallRules: [TCP Query User{87AA66E6-3C4D-4B31-90A8-39073555F015}D:\games\assassin's creed liberation hd\ac3lhd_32.exe] => (Block) D:\games\assassin's creed liberation hd\ac3lhd_32.exe
FirewallRules: [UDP Query User{8CD510CF-827E-45B5-B079-280154878D17}D:\games\assassin's creed liberation hd\ac3lhd_32.exe] => (Block) D:\games\assassin's creed liberation hd\ac3lhd_32.exe
FirewallRules: [TCP Query User{5A40090E-660E-424A-91E7-806DC6CD2690}D:\games\superpower 2\joshua.exe] => (Block) D:\games\superpower 2\joshua.exe
FirewallRules: [UDP Query User{8FE4723A-3C36-4506-9B38-B4414B870CF9}D:\games\superpower 2\joshua.exe] => (Block) D:\games\superpower 2\joshua.exe
FirewallRules: [{76B36066-390B-41FA-9CEA-41D7E7A32394}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E85763AA-D655-4B04-BE8A-4CCE53E36856}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{C2987A54-04C4-4A72-B536-CBE36E4FB6A9}D:\games\scourge - outbreak\binaries\win32\scourgegame.exe] => (Allow) D:\games\scourge - outbreak\binaries\win32\scourgegame.exe
FirewallRules: [UDP Query User{BA417910-B014-4B98-8F3E-21CD0026E411}D:\games\scourge - outbreak\binaries\win32\scourgegame.exe] => (Allow) D:\games\scourge - outbreak\binaries\win32\scourgegame.exe
FirewallRules: [{F4566F2B-379B-4EF9-8A5D-B81C607FFD2F}] => (Block) D:\games\scourge - outbreak\binaries\win32\scourgegame.exe
FirewallRules: [{0248D400-BA37-4770-8180-1ACCB377E3A9}] => (Block) D:\games\scourge - outbreak\binaries\win32\scourgegame.exe
FirewallRules: [TCP Query User{E023B473-0FE7-4C3F-B169-6445534C40B1}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{764864FC-0D69-4858-AB84-8DF19125801E}D:\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) D:\games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{FDAB3311-7E94-4626-B3AA-0AC6B2E663E5}D:\games\max payne 3\maxpayne3.exe] => (Block) D:\games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{AFE61793-33E5-4246-9B06-76C424118736}D:\games\max payne 3\maxpayne3.exe] => (Block) D:\games\max payne 3\maxpayne3.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [TCP Query User{0471393D-1392-460B-8890-1F2147884A9C}D:\games\max payne 3\maxpayne3.exe] => (Allow) D:\games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{E6681C33-5BEE-4C82-B467-5F0660BCA731}D:\games\max payne 3\maxpayne3.exe] => (Allow) D:\games\max payne 3\maxpayne3.exe
FirewallRules: [{D7DE4431-61C2-42EC-BF63-73DDB1026200}] => (Block) D:\Games\Max Payne 3\MaxPayne3.exe
FirewallRules: [{708E3699-75A0-4727-BB5B-21F91CB4645A}] => (Block) D:\Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{37EFFB95-7FE1-4544-BFA3-711D0A3CCB7A}] => (Block) %ProgramFiles% (x86)\Rockstar Games\Social Club\renderer.exe
FirewallRules: [TCP Query User{921826AC-5021-4A2E-952A-C824613590C4}D:\games\watch dogs\bin\watch_dogs.exe] => (Block) D:\games\watch dogs\bin\watch_dogs.exe
FirewallRules: [UDP Query User{F1128059-6EB8-4C54-B003-722B9745D986}D:\games\watch dogs\bin\watch_dogs.exe] => (Block) D:\games\watch dogs\bin\watch_dogs.exe
FirewallRules: [{5B499B0F-E4C0-47B3-B865-FF958D370439}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{ADA46A41-CF2F-455B-9DA9-96B9FBF964BA}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{28C06F37-2FB5-423F-9429-EFA61A344BC1}] => (Allow) D:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe
FirewallRules: [{696A3361-1B5B-4129-B479-23E89DB33821}] => (Allow) D:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe
FirewallRules: [{CBAD48F3-36BF-4E9F-A770-04A75E4BE0B4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F62B5C66-C8F7-4AEB-BDD3-E627C6366C96}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2F0CD612-E931-493C-99F8-E295E0C59BD9}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{36169B2B-C45A-46D9-BC9F-9278576EA174}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{EEC29B35-84B0-4933-A05D-34D9F900E6A9}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1A737665-8165-4CDA-8B59-BA58B20AF027}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1EF598AA-E863-41A3-91C4-85802FA0007A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{247FD9EE-0413-4D11-9635-C664190ED5F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8EB46DB0-3F7B-4DDF-9F94-D40042ED5FFD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{E1C6EFE0-2C78-44B0-9A4B-4024702ECDD8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{0BEB6940-4999-4FEF-B257-89377DCE3D68}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{ED6ECFAA-FBAF-432B-92CC-CDB1AD2108A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0C3DB599-603C-4201-8AFD-2409C4ED26B6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{F954CFD4-3B69-42F4-B866-1DDCDFAD8D6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D4D14B09-AE82-4B2C-8CE4-0DBAF4282A21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{E61F8C7E-2C1F-4333-8228-C2316E495659}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{750222ED-0C32-4863-A4B2-0C76B8D61609}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{967E898A-EAC0-4B87-AC4F-182B508D15FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{74244ECD-9EFD-4967-887E-01F0A89B177F}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{BB1DC285-E5B7-491C-8550-1A10CB255F0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{41FFB48D-B0E0-44E6-85F5-AC6FA0F920D0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{D135E784-040C-4FE9-9112-7578E6D4A98F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{7BC9B2EC-E814-4F3C-96A1-34A2D3DFBF49}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{E4A6D75C-442F-42A8-A6E5-B68251D97D28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0B5EBE60-21E7-422E-896B-E4CD93056BB0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{98A4BA92-E930-48C7-BF9E-C79E3A7451F1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{C1ECC489-E883-4C3B-8050-D6A6CE91DE69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{6FC06E3B-3793-4D97-A557-A4695A710156}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{CE3F8A71-EFC7-4AC0-9ACA-6444121F02E5}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{512B17D6-940B-48A1-A158-F8C3607B8B0B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{9257C9A9-E544-46F1-BCBC-465751EBF06F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EF92D849-1096-4AEA-B0A4-F53E1868348F}] => (Allow) LPort=2869
FirewallRules: [{DA0BB069-2D29-4B93-ABC9-0E5C8456C1FA}] => (Allow) LPort=1900
FirewallRules: [{880D7BC8-DEF4-44F6-A31B-EEF8C5BA781B}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{AD637203-0B75-4D54-BB76-4B62FB480953}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{60734607-D64A-4733-81A7-4E8AC81F353D}] => (Allow) C:\Program Files (x86)\Cyanide\GameCenter\GameCenter.exe
FirewallRules: [{C647B308-F098-4053-9F0D-4D1DD0B03086}] => (Allow) C:\Program Files (x86)\Cyanide\GameCenter\GameCenter.exe
FirewallRules: [{16ECE14F-DF46-4128-BA86-D86A75C22EC4}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{FA6FD499-4C3C-4141-A19A-38EDA7E36824}] => (Allow) D:\Games\The Sims 4 Deluxe Edition\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{C348BB0D-AF9C-4253-87DC-4802206810BA}] => (Allow) D:\Games\The Sims 4 Deluxe Edition\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{15BBD371-D059-42B5-95CD-4ADAB17E17C2}] => (Allow) D:\Games\Tropico 5\Tropico5Steam.exe
FirewallRules: [{C8D6F2D5-44A9-4545-9EB5-550A3896359A}] => (Allow) D:\Games\Tropico 5\Tropico5Steam.exe
FirewallRules: [{532A33C8-8498-4AC6-B0E2-B94CE9D1290D}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{00D4BD62-46E3-49D8-93AD-D4CD6123DA69}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{84C81EBD-11F7-478A-86E0-7F9F7D626A17}] => (Block) D:\Games\Max Payne 3\MaxPayne3.exe
FirewallRules: [{B2E772FF-209F-4EF2-8395-CC1F41921A34}] => (Block) D:\Games\Max Payne 3\MaxPayne3.exe
FirewallRules: [{43CD156F-8ECE-453F-9F4F-AB46C24A94BD}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{5542DD2F-ECE8-4BAF-8409-759DEC931EFB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{C4E46B62-48B9-4ADC-8E88-5F82F3E2497B}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{D11445D0-1292-47E7-91A7-923558016AB2}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{C3ADAAE2-F24C-48BC-B84C-C26D90CAD7E2}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{036D7BB4-9971-4CDF-8E1B-F8368342FC65}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{68EE041D-9F97-4A3D-A559-7BDE5D1E3EA4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{2284C0DD-F134-4896-83CE-2DBDF2068094}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{6212B07A-0E1C-4795-A16D-EBCEA2FC7D8A}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{BC965995-282C-49A2-9469-13E95B5731FE}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{B552B411-282D-4712-8FE4-1EA3584783CD}] => (Block) %ProgramFiles% (x86)\Rockstar Games\Social Club\subprocess.exe
FirewallRules: [{1DD9A0D4-D3E2-4520-8D79-FE4CAE6952B0}] => (Block) D:\Games\Grand Theft Auto V\Launcher.exe
FirewallRules: [TCP Query User{3DBFFB3E-751F-41F0-89D6-600467A8F44A}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A2860DFA-9567-4045-8D14-B77F77EE6D48}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{65FC079F-0DBD-4AC9-89C7-C01CE3542037}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B299FDEE-643E-4784-8497-9A20BAB67571}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{FDB1EAB7-7243-4690-A2E0-C6AAFBF36AF4}] => (Block) D:\Games\Grand Theft Auto V\Launcher.exe
FirewallRules: [TCP Query User{FA1DAA8B-1861-4279-9F8B-7295B66FCD58}C:\program files (x86)\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Block) C:\program files (x86)\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [UDP Query User{2A5C85FE-FCBC-45AF-A04E-D0EAAC92F4B6}C:\program files (x86)\intuwave\shared\mrouterruntime\mrouterruntime.exe] => (Block) C:\program files (x86)\intuwave\shared\mrouterruntime\mrouterruntime.exe
FirewallRules: [{0B244E14-CB23-4C7B-A8D6-4D675F94AF49}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8D7525B1-30F2-4B4D-BFD1-78C00DD21E53}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{081B235B-7D51-4931-BD53-97AC5A602A51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A07642E1-6B5A-4D61-BAD3-3BFB5813D687}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{40C83E72-207D-4035-88E8-7DD411C9A772}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{3AA947E7-9B83-4A93-9AB9-463A7849953F}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{4A6B1517-AC2E-4287-82E2-E67484E09ACD}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{D0D94470-5648-47D2-A12F-2051EDF43750}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [TCP Query User{5D96CCA4-217E-4E12-A91A-3B9C3B165033}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{29276548-0D4E-4B12-9147-B427B02129F3}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe
FirewallRules: [{88EFEC77-B948-42E7-9414-3AC6DD671CBF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{372EBED7-4054-4384-8E86-C77E999239C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{08B579CB-9D2D-437E-A346-73C8DB6CD168}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{41CF4F66-B3A7-49F0-BCCF-5D718D08BD37}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{90B91265-E610-406C-B05D-DBC1E9ECF79D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{1399E1F9-3BD4-40B2-B69D-9839FBB62458}C:\users\home\appdata\roaming\microsoft\windows\ieupdate\bootcfg.exe] => (Block) C:\users\home\appdata\roaming\microsoft\windows\ieupdate\bootcfg.exe
FirewallRules: [UDP Query User{7DD85F9F-819B-4F57-B808-22A6FD35EBD0}C:\users\home\appdata\roaming\microsoft\windows\ieupdate\bootcfg.exe] => (Block) C:\users\home\appdata\roaming\microsoft\windows\ieupdate\bootcfg.exe
FirewallRules: [{9519FCFD-FC80-49E8-820E-4F60DE355C99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{41A31CBA-8FE9-4688-AE38-0429A2867F60}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A53F0A26-07BE-49E7-9255-15402320BD83}] => (Allow) LPort=49214
FirewallRules: [{9A0177C7-309B-423E-94DB-1AD18B8F11EB}] => (Allow) LPort=5000

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SbieDrv
Description: SbieDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SbieDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2015 01:52:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/05/2015 01:01:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16660, time stamp: 0x51f1c5f3
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x2870
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (06/05/2015 00:56:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16660, time stamp: 0x51f1c5f3
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x1398
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (06/05/2015 00:15:23 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:21 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:20 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:20 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:16 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:16 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:16 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.


System errors:
=============
Error: (06/05/2015 01:52:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (06/05/2015 01:52:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The BlueStacks Android Service service hung on starting.

Error: (06/05/2015 01:50:47 PM) (Source: SbieSvc) (EventID: 9153) (User: )
Description: SBIE9153 Cannot start driver (SbieDrv)

Error: (06/05/2015 00:15:23 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume I:.

Error: (06/05/2015 00:15:21 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume _aBe_.

Error: (06/05/2015 00:15:20 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume _aBe_.

Error: (06/05/2015 00:15:20 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume _aBe_.

Error: (06/05/2015 00:15:16 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume _aBe_.

Error: (06/05/2015 00:15:16 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume _aBe_.

Error: (06/05/2015 00:15:16 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume _aBe_.


Microsoft Office:
=========================
Error: (06/05/2015 01:52:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/05/2015 01:01:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c5f3ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3287001d09f545b6cbb7aC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll49e04e06-0b48-11e5-82a5-f46d04ed47dd

Error: (06/05/2015 00:56:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c5f3ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3139801d09f53e3329acfC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll94a39bab-0b47-11e5-82a5-f46d04ed47dd

Error: (06/05/2015 00:15:23 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:21 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:20 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:20 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:16 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:16 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.

Error: (06/05/2015 00:15:16 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner FindFirstFile reports error 1392: The file or directory is corrupted and unreadable.


CodeIntegrity Errors:
===================================
  Date: 2015-06-05 14:11:12.803
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-05 14:11:12.725
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-05 14:11:12.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-05 14:11:12.517
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-05 13:50:47.343
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-05 13:50:47.269
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-05 12:30:19.092
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-05 12:30:19.010
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-06-05 11:52:16.842
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-05 11:52:16.647
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 38%
Total physical RAM: 8174.32 MB
Available physical RAM: 5034.5 MB
Total Pagefile: 14314.5 MB
Available Pagefile: 10570.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.97 GB) (Free:10.06 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:638.44 GB) (Free:17.3 GB) NTFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (_aBe_) (Fixed) (Total:465.76 GB) (Free:23.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8FA62BA6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=638.4 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 425C9529)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1024 KB) - (Type=06)

==================== End of log ============================

Attached Files


Edited by aaronb24, 05 June 2015 - 02:08 AM.

  • 0

Advertisements


#2
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hello aaronb24 and :welcome:

My name is Bruce1270 and I will be helping you with your malware problem.

Please Note: I am still in training and my fixes have to be approved by my instructor so there may be a slight delay in my replies. Look upon it as a good thing though in that you have two people looking at your problem.

A few things before we get started.
  • Please read all instructions carefully. If there is anything you do not understand please ask me first before doing anything.
  • Please be patient. I am a volunteer who does this in my spare time so I will try to get back to you as soon as possible.
  • Please follow all instructions in the order given.
  • Please do not install any other software unless advised. This may hinder the removal process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • Please make sure you reply within 4 days to my responses, if there is no reply within 4 days, the topic will be closed and you will need to request the topic be reopened.


    Important!

    Please save or print off these instructions. Part of this fix may require you to be in safe mode where you will not be able to access the internet or my instructions!

    I would strongly recommend you back up your personal data and folders before we begin.

    Malware removal can be very long, complicated and may take multiple steps. I understand this may be frustrating but please stay with this topic until your machine is declared clean. The results will hopefully be very rewarding. :happy:
    As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.

    OK. Let's move on.

    I'm currently analysing your logs and will have a fix posted for you soon. :)

  • 0

#3
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi aaronb24

I have had a look over your logs and are now ready to fix.

First, however please note the following warnings.

Cracks and Keygens

I noticed there are cracked programs on your computer. The use of Keygens and Cracks inevitably leads to infection. Further, it is contrary to this sites Terms of Use. If you persist in their use you will no-longer receive help from this site in the future.

Go here to read Geekstogo Terms of Use and note in particular article 4 the items Illegal and Infringing of intellectual property rights (such as copyright and trademark rights).

 

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software or services illegally.


As a result, in order for me to continue helping you, please remove all of them.


P2P Warning: !

IMPORTANT I have noticed that there are signs of uTorrent P2P (Peer to Peer) File Sharing Program on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

Risks of Peer to Peer systems
P2P programs: Popular and perilous

If you continue to use P2P programs it is likely that you will get infected again.

I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to do this, you can do so by:
  • Please go to Start Menu -> Control Panel -> Programs and Features
  • Click on uTorrent.
  • Click uninstall.
If you decide to keep the programs in spite of the risks involved, do not use them until I have finished cleaning your computer and have given you the all clear.


Once you have removed the cracked programs please complete the following steps.

Step1 - remove unwanted programs

Please uninstall the following unwanted programs:

CleanGenius 3.0.5
Free Video to DVD Converter version 5.0.30.1029
Freemake Audio Converter version 1.1.0
Freemake Video Converter version 3.0.2
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue RegistryBooster
Wise Registry Cleaner 8.03
YTD Video Downloader 4.8.9



Note: If any of the programs are not listed, proceed to the next one and work through the list.

To do this:
Please go to Start Menu -> Control Panel -> Uninstall a program or Programs and Features
In the list of installed programs locate and click on the program to uninstall e.g. CleanGenius 3.0.5
Click uninstall.
Repeat the above steps for all the other programs to remove.


Step2 - FRST fix


I noticed that you run FRST64.exe from Users\Home\Downloads folder. Please move it to your Desktop. You can do it by right-clicking FRST64.exe, click Cut, then go to Desktop, right-click any free space and click Paste. For the FRST fix to work both FRST64.exe and fixlist.txt must be in the same location and the desktop is where the software is most effective from.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Download the attached fixlist.txt to your desktop.Attached File  fixlist.txt   5.66KB   108 downloads
  • Ensure fixlist.txt is in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.

    Things for your next post:
  • Please confirm you have removed all cracked programs.
  • Fixlog.txt

    Thanks

  • 0

#4
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP