Hello there! I'm running windows 7 64bit and I've been having a bit of an issue lately.
Recently my computer's fan has been switching on and running like a chainsaw. I play games fairly frequently so at first I figured maybe I was just running it hard and it needed to cool down. But then while doing fairly low stress things like Netflix, or Youtube, or just watching movies it would still do it. I looked at my processes and saw rundll32.exe under the syswow32 folder was using almost 700k memory. 
So I decided to kill the process while my fan was running, and within seconds of killing the process, the fan cut off. Upon doing further research the internet told me that Rundll32 might have been highjacked.
Normally I'm pretty good about killing rogue software, malware, and the like, but this has me stumped.
This has been happening about a month now.
Attatched are the farbar logs.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
Ran by Gunnar (administrator) on MRSLAVE (25-07-2015 20:43:56)
Running from C:\Users\Gunnar\Downloads
Loaded Profiles: Gunnar (Available Profiles: Gunnar)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\SimracewayUpdater\SRWUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IgniteGT) C:\IgniteGT\Simraceway\SRWAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-23] (Valve Corporation)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [XCHSGQLLE] => rundll32 "C:\Users\Gunnar\AppData\Roaming\scriptov.dll",nmewpwtib
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRW Download Manager.lnk [2013-09-08]
ShortcutTarget: SRW Download Manager.lnk -> C:\IgniteGT\Simraceway\SRWAgent.exe (IgniteGT)
Startup: C:\Users\Gunnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-08-28]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-278295415-4203223567-2615167640-1000 -> DefaultScope {6D98695A-DD58-405F-BECF-E628552DA8E4} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.26
Tcpip\..\Interfaces\{4E2C42F6-C41A-429B-8688-FDCF455DB7B5}: [DhcpNameServer] 192.168.0.1 205.171.2.26
FireFox:
========
FF ProfilePath: C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: google.com
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-15] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-278295415-4203223567-2615167640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gunnar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-278295415-4203223567-2615167640-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-15] (Pando Networks)
FF Plugin HKU\S-1-5-21-278295415-4203223567-2615167640-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-08-20] (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Extension: Ant Video Downloader - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2015-05-28]
FF Extension: LavaFox V2 - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2015-07-12]
FF Extension: Block site - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-02]
FF Extension: FDislike - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2012-09-03]
FF Extension: Firebug - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2013-12-30]
FF Extension: Lost Friends Notifier - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\jid1-s0hS918atY[email protected] [2014-11-06]
FF Extension: NASA Night Launch - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2012-08-02]
FF Extension: PDF Viewer - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2014-03-27]
FF Extension: Adblock Plus - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-02]
FF Extension: Greasemonkey - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-03]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-08-28] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-10] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
R2 Simraceway Update Service; C:\Program Files (x86)\SimracewayUpdater\SRWUpdate.exe [1630720 2013-07-11] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-08-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-08-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-08-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [33792 2010-08-02] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-20] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2014-10-16] (MotioninJoy) [File not signed]
R3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-10-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2010-10-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2010-10-14] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 20:43 - 2015-07-25 20:44 - 00019691 _____ C:\Users\Gunnar\Downloads\FRST.txt
2015-07-25 20:43 - 2015-07-25 20:44 - 00000000 ____D C:\FRST
2015-07-25 20:43 - 2015-07-25 20:43 - 00000000 ____D C:\Users\Gunnar\Downloads\FRST-OlderVersion
2015-07-25 20:41 - 2015-07-25 20:43 - 02146816 _____ (Farbar) C:\Users\Gunnar\Downloads\FRST64.exe
2015-07-24 21:21 - 2015-07-24 21:21 - 00000218 _____ C:\Users\Gunnar\AppData\Local\recently-used.xbel
2015-07-24 09:09 - 2015-07-24 21:07 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\deluge
2015-07-24 09:09 - 2015-07-24 09:15 - 00000000 ____D C:\Users\Gunnar\Downloads\VA - Best of Trap Music [2014]
2015-07-24 09:06 - 2015-07-24 09:06 - 13595245 _____ C:\Users\Gunnar\Downloads\deluge-1.3.11-win32-setup.exe
2015-07-24 09:06 - 2015-07-24 09:06 - 00000939 _____ C:\Users\Public\Desktop\Deluge.lnk
2015-07-24 09:06 - 2015-07-24 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2015-07-24 09:06 - 2015-07-24 09:06 - 00000000 ____D C:\Program Files (x86)\Deluge
2015-07-23 19:58 - 2015-07-23 19:58 - 00000000 ____D C:\Users\Gunnar\AppData\Local\CEF
2015-07-20 23:03 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 23:03 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 23:03 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 23:03 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 23:03 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 23:03 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 23:03 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 23:03 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 23:03 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 23:03 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 18:52 - 2015-07-18 18:53 - 00000000 ____D C:\Users\Gunnar\AppData\Local\PAYDAY 2
2015-07-18 18:52 - 2015-07-18 18:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-18 18:52 - 2015-07-18 18:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-07-16 23:32 - 2015-07-16 23:41 - 00000000 ____D C:\Users\Gunnar\Documents\shred
2015-07-15 13:06 - 2012-11-10 13:46 - 00821736 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2015-07-15 13:06 - 2012-11-10 13:46 - 00746984 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-07-15 13:05 - 2015-07-15 13:06 - 00000000 ____D C:\ProgramData\Oracle
2015-07-15 13:02 - 2015-07-15 13:02 - 00562784 _____ (Oracle Corporation) C:\Users\Gunnar\Downloads\jxpiinstall(1).exe
2015-07-14 23:22 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 23:22 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 23:22 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 23:22 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 23:22 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 23:22 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 23:22 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 23:22 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 23:22 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 23:22 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 23:22 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 23:22 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 23:22 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 23:22 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 23:22 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 23:22 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 23:22 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 23:22 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 23:22 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 23:22 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 23:22 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 23:21 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 23:21 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 23:21 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 23:21 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 23:21 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 23:21 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 23:21 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 23:21 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 23:21 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 23:21 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 23:21 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 23:21 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 23:21 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 23:21 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 23:21 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 23:21 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 23:21 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 23:21 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 23:21 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 23:21 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 23:21 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 23:21 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 23:21 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 23:21 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 23:21 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 23:21 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 23:21 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 23:21 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 23:21 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 23:21 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 23:21 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 23:21 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 23:21 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 23:21 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 23:21 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 23:21 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 23:21 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 23:21 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 23:21 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 23:21 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 23:21 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 23:21 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 23:21 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 23:21 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 23:20 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 23:20 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 23:20 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 23:20 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 23:20 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 23:20 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 23:20 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 23:20 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 23:20 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 23:20 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 23:20 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 23:20 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 23:20 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 23:20 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 23:20 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 23:20 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 23:20 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 23:20 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 23:20 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 23:20 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 23:20 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 23:20 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 23:20 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 23:20 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 23:20 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 23:20 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 23:20 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 23:20 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 23:20 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 23:20 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 23:20 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 23:20 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 23:20 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 23:20 - 2015-06-11 10:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 23:20 - 2015-06-11 10:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-14 23:20 - 2015-06-11 10:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-14 15:10 - 2015-07-14 15:10 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-13 21:42 - 2015-07-13 22:04 - 00000000 ____D C:\Users\Gunnar\AppData\Local\BoringManGame
2015-07-08 14:50 - 2015-07-08 14:57 - 00000000 ____D C:\Users\Gunnar\Documents\TrackMania
2015-07-08 14:50 - 2015-07-08 14:56 - 00000000 ____D C:\ProgramData\TrackMania
2015-07-08 12:37 - 2015-07-08 12:37 - 00001270 _____ C:\Users\Public\Desktop\WTAssetViewer.lnk
2015-07-08 12:37 - 2015-07-08 12:37 - 00001260 _____ C:\Users\Public\Desktop\WTMissionEditor.lnk
2015-07-08 12:30 - 2015-07-08 12:36 - 151820656 _____ (Gaijin Entertainment ) C:\Users\Gunnar\Downloads\WarThunderCDK_2015_07_02__17_26.exe
2015-07-03 01:27 - 2015-07-15 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 02:13 - 2015-07-01 02:13 - 00000000 ____D C:\Users\Gunnar\Desktop\GAME OF THE YEAR 420BLAZEIT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 20:43 - 2015-02-06 04:02 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\Skype
2015-07-25 20:39 - 2013-04-24 00:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 20:30 - 2014-09-12 10:49 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-25 20:17 - 2012-08-01 23:54 - 01651643 _____ C:\Windows\WindowsUpdate.log
2015-07-25 20:17 - 2009-07-13 21:45 - 00018768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 20:17 - 2009-07-13 21:45 - 00018768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 20:10 - 2013-04-17 16:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 16:39 - 2013-04-24 00:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 08:19 - 2012-12-15 18:45 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-24 13:49 - 2013-09-08 12:59 - 16550095 _____ C:\Simraceway.log
2015-07-23 08:57 - 2013-12-21 16:45 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-07-21 09:13 - 2009-07-13 22:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-21 09:08 - 2009-07-13 21:45 - 02897352 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 09:07 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-21 09:06 - 2014-02-16 02:00 - 00024297 _____ C:\Windows\setupact.log
2015-07-21 09:06 - 2012-08-02 10:46 - 00244144 _____ C:\Windows\PFRO.log
2015-07-16 23:48 - 2013-12-11 22:45 - 00000000 ____D C:\titties
2015-07-16 09:10 - 2014-03-17 15:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 09:05 - 2015-01-15 10:11 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 20:56 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-15 16:34 - 2013-04-24 00:53 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 16:34 - 2013-04-24 00:53 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 13:05 - 2012-11-10 13:46 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-15 13:05 - 2012-11-10 13:46 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-15 13:00 - 2012-08-16 15:45 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-07-15 12:53 - 2015-06-17 13:00 - 00000000 ____D C:\Users\Gunnar\AppData\Local\Battle.net
2015-07-15 10:58 - 2015-06-17 13:11 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-07-15 10:52 - 2015-06-17 12:59 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-07-15 10:52 - 2015-02-06 04:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-15 10:52 - 2015-02-06 04:02 - 00000000 ____D C:\ProgramData\Skype
2015-07-15 10:52 - 2013-09-08 13:00 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\Simraceway
2015-07-15 10:47 - 2012-09-24 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 15:10 - 2013-04-17 16:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 15:10 - 2012-08-02 00:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 15:10 - 2012-08-02 00:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 11:47 - 2014-05-19 23:17 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\vlc
2015-07-08 12:37 - 2013-12-21 16:45 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2015-06-30 20:35 - 2012-08-13 22:57 - 00000000 ____D C:\Users\Gunnar\AppData\Local\Adobe
2015-06-30 20:12 - 2014-09-12 10:48 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-30 20:12 - 2014-09-12 10:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-30 13:11 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-25 00:34 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-05-21 11:23 - 2015-05-21 11:23 - 0192512 __RSH () C:\Users\Gunnar\AppData\Roaming\scriptov.dll
2013-06-29 23:42 - 2014-05-19 23:10 - 0005632 _____ () C:\Users\Gunnar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-31 16:35 - 2014-03-31 16:35 - 0000000 ___SH () C:\Users\Gunnar\AppData\Local\LumaEmu
2015-07-24 21:21 - 2015-07-24 21:21 - 0000218 _____ () C:\Users\Gunnar\AppData\Local\recently-used.xbel
Files to move or delete:
====================
C:\Users\Gunnar\Rosetta Stone v3 Japanese & Speech Preinstalled.exe
Some files in TEMP:
====================
C:\Users\Gunnar\AppData\Local\Temp\AutoRun.exe
C:\Users\Gunnar\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Gunnar\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Gunnar\AppData\Local\Temp\ICReinstall_Open OfficeSetup.exe
C:\Users\Gunnar\AppData\Local\Temp\SRLDetectionLibrary3800261731291482403.dll
C:\Users\Gunnar\AppData\Local\Temp\SRLDetectionLibrary8102258288014690517.dll
C:\Users\Gunnar\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Gunnar\AppData\Local\Temp\utt580C.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-23 00:37
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015
Ran by Gunnar at 2015-07-25 20:45:02
Running from C:\Users\Gunnar\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-278295415-4203223567-2615167640-500 - Administrator - Disabled)
Guest (S-1-5-21-278295415-4203223567-2615167640-501 - Limited - Disabled)
Gunnar (S-1-5-21-278295415-4203223567-2615167640-1000 - Administrator - Enabled) => C:\Users\Gunnar
HomeGroupUser$ (S-1-5-21-278295415-4203223567-2615167640-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2.3 (HKLM-x32\...\{590B031A-4935-47A9-A6DD-7377DDB2ED3A}_is1) (Version: 2.3 - PlayWay S.A.)
Acoustica Mixcraft 6 (HKLM-x32\...\Acoustica Mixcraft 6) (Version: b189 - Acoustica)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_d2f336b2c5feeb945c28b7a0a45170f) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Aimersoft DVD Creator(Build 2.5.2.15) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version: - Wondershare Software)
AMD Catalyst Install Manager (HKLM\...\{3C378793-5288-0165-FCA4-D319D5E4A490}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Assassin's Creed II 1.01 (HKLM-x32\...\Assassin's Creed II_is1) (Version: - ea)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.01 - Ubisoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Automation - The Car Company Tycoon Game (HKLM-x32\...\Steam App 293760) (Version: - Camshaft Software)
Automation (HKLM-x32\...\Automation) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boring Man - Online Tactical Stickman Combat (HKLM-x32\...\Steam App 346120) (Version: - Spasman Games)
Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version: - )
CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Car Mechanic Simulator 2014 (HKLM-x32\...\Car Mechanic Simulator 2014_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version: - )
eSupport UndeletePlus 3.0.5.313 (HKLM-x32\...\eSupport UndeletePlus_is1) (Version: - Copyright © 2013 eSupport.com • All Rights Reserved)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
Five Nights at Freddy's (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Five Nights at Freddy's) (Version: - )
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version: - Joycity)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version: - Microsoft Game Studios)
Halo 2 for Windows Vista (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Hearts of iron 3 Their Finest Hour 4.01 (HKLM-x32\...\Hearts of iron 3 Their Finest Hour 4.01) (Version: 4.01 - Hoi2.ru)
Hearts of Iron III (HKLM-x32\...\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}) (Version: - )
Hercules Classic Webcam Drivers (HKLM-x32\...\{5F0EE12C-44B1-4FCB-87E3-4686C888774A}) (Version: 1.00.0000 - Hercules)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kill The Bad Guy (HKLM-x32\...\Kill The Bad Guy_is1) (Version: - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LG United Mobile Drivers (HKLM-x32\...\{2D371881-67FB-4EAB-B59A-F59DC43199DD}) (Version: 2.1 - LG Electronics)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.0.0 - Electronic Arts)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiBit 0.5.16 (HKLM-x32\...\MultiBit 0.5.16) (Version: 0.5.16 - )
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Resident Evil 4 1.10 (HKLM-x32\...\Resident Evil 4_is1) (Version: - )
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
RZ DVD Creator (HKLM-x32\...\{3F32058A-343A-4C16-BD1B-BE35E9A42352}) (Version: 4.52 - RealZeal Soft)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.999 - SAMSUNG Electronics Co., Ltd.)
Search Protection (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Search Protection) (Version: 8.7.0.1 - Spigot, Inc.) <==== ATTENTION
SimCity, âåðñèÿ 1.0.0.0 (HKLM-x32\...\SimCity_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Simraceway 28.92 (HKLM-x32\...\Simraceway) (Version: 28.92 - Simraceway)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Star wars Battlefront II version 1.3 (HKLM-x32\...\{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1) (Version: 1.3 - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM-x32\...\Wubi) (Version: 12.04.3-rev279 - Ubuntu)
Unity (HKLM-x32\...\Unity) (Version: 4.5.0f6 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
War Thunder CDK 0.1 (HKLM-x32\...\{ed8deea4-29fe-1932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
War Thunder Launcher 1.0.1.299 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
West Point Bridge Designer 2014 (2nd Edition) (remove only) (HKLM-x32\...\West Point Bridge Designer 2014 (2nd Edition)) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinUAE 2.6.1 (HKLM-x32\...\WinUAE) (Version: 2.6.1 - Arabuusimiehet)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - Xvid Development Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
20-07-2015 22:59:05 Windows Update
21-07-2015 03:00:12 Windows Update
24-07-2015 14:11:57 Windows Update
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03B975DA-85B3-4577-936C-6285C5DE78A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {06D29252-84B2-4C98-93CE-8C998089CA0E} - System32\Tasks\IR5 => cmd.exe /c cscript.exe /b C:\Windows\System32\slmgr.vbs /rearm && net stop sppsvc && net start sppsvc
Task: {16FC838A-5143-4DA1-AB45-C35381FCDFD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {8C8797EE-C8FE-4DEA-B866-459F88157341} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {949A2318-DF54-45CC-A5DF-E89E861800F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-12-06 17:06 - 2013-12-06 17:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-12-06 17:06 - 2013-12-06 17:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-20 11:04 - 2013-08-10 15:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-11 14:04 - 2013-07-11 14:04 - 01630720 _____ () C:\Program Files (x86)\SimracewayUpdater\SRWUpdate.exe
2013-12-06 17:06 - 2013-12-06 17:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-07-11 14:03 - 2013-07-11 14:03 - 00252832 _____ () C:\Program Files (x86)\SimracewayUpdater\PATCHW32.dll
2013-07-01 08:20 - 2015-07-03 09:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-25 00:00 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-25 00:00 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-25 00:00 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 20:46 - 2015-07-23 16:24 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-12-15 18:48 - 2015-07-23 16:23 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 19:58 - 2015-07-07 13:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-12-15 18:48 - 2015-07-03 09:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Gunnar\Downloads\Der kleine Eisbär - Besuch vom Südpol Full German.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Gunnar\Downloads\Der kleine Eisbär - Lars und der kleine Tiger - aus_ Neue Abenteuer, neue Freunde.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Gunnar\Downloads\IMG_9642.JPG:Mac_Metadata
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.0.1 - 205.171.2.26
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{72BF8D4C-2E19-4D6A-A846-3DA709A37F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC602CB6-DA0A-4685-B23C-44768768393A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BFFBB460-0613-4710-9D96-6D1E8F30DD2D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D69FAB4F-174B-4A2E-B4FE-9474FFF79AFF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BA4D1DE-7F17-4CF9-A5A4-CC2301B47457}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8C2CEEB6-9BA2-4BB4-B797-124413A4AD79}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D986FE7-4CD9-4BF4-AECA-5F154426EF29}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8481D853-D85A-46E0-8C05-120C4643622A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A854C668-F1B0-4B2C-AA1C-97D651F5D795}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A4BCF1A3-7385-452A-8ED8-FD1BE0850CDB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A8C6F3B4-A581-4A50-8F41-A0EAECD46BB9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{EDC102A1-1531-4DD4-AF85-BB28BA9E8749}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{D9485DE7-5006-44F3-B8C3-E3ABC6D6206A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{301C2A3E-8BA0-43A7-835B-2C4C8238B306}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{1CD45FA9-8496-4FA2-9C7F-3ED74DD55CDD}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4FA25663-8991-4053-80E4-3B7392D57590}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4DA39227-D678-4F44-A1C2-C4BE7A7A088F}] => (Allow) LPort=5353
FirewallRules: [{0EADABD6-8EE1-4B2E-BCA2-EF0CB82BEE8C}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{F656FF07-3D57-44AE-9359-0C3EDF4A1F55}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{B821B55E-AFE0-42FF-931F-FB0686AE46B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{625266AB-E4AF-4FD7-BE1E-B0ED1D1F09CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{221C858F-FA4E-415F-A7DC-368289B83F17}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{CFB89727-8CED-4248-B74F-511DEE9DE664}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{5FDEDFA5-3333-4613-A030-A1D98EE73AEE}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{D0B2CB9C-0A66-4AB8-85AD-A0A12EB5E878}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{3255380B-91FC-491B-8FF9-7D542C4A9C4E}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{D55D167F-791D-456C-9439-CF65AC8385E9}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{2AF45EFB-DBBB-4731-9324-DB1CF615865E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6F54ACEC-A94D-41CA-A079-50EBB4C6620F}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE
FirewallRules: [{A7ACFBE5-73D0-4159-9D93-878D4FCA1EC8}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE
FirewallRules: [{6E757AC9-6FA2-4984-B01C-A57617F9C5A9}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE
FirewallRules: [{6FA284F6-FCE4-4F5E-BC8D-3DB337215EDB}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE
FirewallRules: [{F9158D0E-97EB-4BAB-BD52-4E896AE0DC59}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D70CE955-2E72-4991-8025-725302B0B006}] => (Allow) LPort=2869
FirewallRules: [{1456B32E-B7EB-4E03-8F09-E05195ABBAF7}] => (Allow) LPort=1900
FirewallRules: [{DA280ACB-3FEA-4E4C-9C96-5FC6FEA02898}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7DC5D9AA-AD4B-45D7-9B59-EC0BF5DAC448}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7E0BE6B-0B25-4A4C-8E55-0108E35A18D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1E296B4D-5392-44F3-95E3-3D47FF62A96E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6827CCE9-09B6-4946-BABD-86900FFC3525}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{DB9D9BC2-DB5E-4D7E-919D-67421BF403D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{26DEAE49-F68D-499F-9A1A-BB73227D1976}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{B0833326-85FC-4093-90DF-84F374D81970}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [TCP Query User{6D86D4F1-0210-4409-8582-3E9987EBF181}C:\ignitegt\simraceway\simracewaygame.exe] => (Allow) C:\ignitegt\simraceway\simracewaygame.exe
FirewallRules: [UDP Query User{73BFADEE-00E4-40CB-96E7-B6367D8A9EE9}C:\ignitegt\simraceway\simracewaygame.exe] => (Allow) C:\ignitegt\simraceway\simracewaygame.exe
FirewallRules: [{AF6EF51F-1277-4466-BE5B-661FA37C472E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4530C422-3F5A-4F99-945F-2AA4839CEC52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B1B40E45-A8F9-4139-A2BF-23CF79A0E526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{AD37ECE6-CE0D-4052-9FCE-B4F852D58AC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [TCP Query User{06DBB0BB-FD3A-4B62-A76D-617DE7AEF8E0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{27891B5F-FE0A-4D9B-BF33-F40CCECCE24A}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{E91D716A-66A8-4371-9B48-07CC12ABF879}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{25DA3761-BE65-4F89-B928-C33A075F4054}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{2337C05B-6492-415B-9875-EF7CCA698823}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{CF45C9A7-C983-43C2-BF9E-DF84B0ECEF89}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{ED4704EF-CE0F-4F1D-ADA2-EDDD9C924C58}] => (Allow) LPort=80
FirewallRules: [{321347EF-5162-41D9-9E31-3A04918C4530}] => (Allow) LPort=443
FirewallRules: [{A447C112-4FE8-445A-91E8-0E876028F348}] => (Allow) LPort=20010
FirewallRules: [{CD25A9BE-B8A3-4BA3-92D2-F2A5F4C35D8D}] => (Allow) LPort=3478
FirewallRules: [{5E623DF3-ABB9-46E6-AE0F-A43E70B9B43A}] => (Allow) LPort=7850
FirewallRules: [{E657DD70-8C57-40F2-BE21-AC59246F882B}] => (Allow) LPort=27022
FirewallRules: [{297B6DB8-1066-4C98-B029-4AF77ECA8762}] => (Allow) LPort=6881
FirewallRules: [{0ECBB379-CEFC-408E-A764-781EBC023690}] => (Allow) LPort=33333
FirewallRules: [{EC1DD7F6-C4FE-499A-93EC-8A49BBC5CC13}] => (Allow) LPort=20443
FirewallRules: [{F6AC7CD9-9514-4E1A-919E-3C24EAF61B91}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{45F04A93-03BA-42C8-B2CC-42C694F034E9}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{BB99AE92-6C14-472D-B111-4942025D68E7}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [{6AE7E29F-7711-4D3B-8CBC-BF50E72BFF95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{39DD33AE-736F-433C-9012-9C071E81D5C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{71F86D96-1588-4B69-B16B-6F2604480A55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{3C6481E3-910C-4EA9-A13B-47F4C13DA29C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EA804CD6-F141-46E3-A72D-73614DD4F24E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AE3603F3-DB7B-4664-947B-F2227F2C7137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{22535EBC-53C4-491A-A679-31DA224B03D1}] => (Allow) C:\Users\Gunnar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1138021C-B913-47AB-82B5-490C17590442}] => (Allow) C:\Users\Gunnar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75E97049-F873-4F3A-8E5E-679B586AC5C0}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{E602CC65-4CEE-472F-94B3-0EDB155E7A60}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{CA977058-4B32-46EC-999E-C0F93705B5F5}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{07126085-6A44-4A98-AAA4-C9FDFB21A80C}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8DD31974-56E4-41C3-AEA8-F560ABED9224}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{DF982A58-0518-49BA-863D-3A1336A9369B}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{0611414F-8785-426F-98E8-C7A0D7A5DE0B}] => (Allow) LPort=57513
FirewallRules: [{1CFB49E5-A990-439F-ADCD-97F7F47DF59C}] => (Allow) LPort=57513
FirewallRules: [{02EEAF91-4D86-40AF-B0AF-F4167DDC01A0}] => (Allow) LPort=57513
FirewallRules: [{CBA1AD96-3D90-4CF9-AC59-6A5885B4E676}] => (Allow) LPort=57513
FirewallRules: [{657486B1-DB07-4484-BD48-BEF349FA53E7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A538D460-6A3B-4BB2-A4F0-9681DF9162BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{E4AC4F29-0F54-4FB5-864D-98C55122DD6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{50720A24-AA07-4CD2-84C6-CBCE88E0F4C0}] => (Allow) C:\Program Files (x86)\SimCity\SimCity\SimCity.exe
FirewallRules: [{AE60BD34-7189-4A12-AB61-F1CA00D4EE42}] => (Allow) C:\Program Files (x86)\SimCity\SimCity\SimCity.exe
FirewallRules: [{27599509-7629-431E-9BF8-F4339D752BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{B0A4DA91-044B-4E23-AEDC-08CFBED8DF30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{FD6A7D30-7D02-401A-B748-0CA39E93471F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D94436FC-7297-41CF-93EF-C07DA1F6C3BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{439E25AA-729D-4045-AE22-9DF7C9468E53}] => (Allow) C:\Program Files (x86)\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{187A0CF3-9660-4DD0-A972-689C825357EF}] => (Allow) C:\Program Files (x86)\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E9C11CED-F5E4-498F-BD31-9C24FC94E116}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{8EDE676F-01B7-4035-98D4-0B25526AAFAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{263ED903-4123-4C23-A8A6-680457AA5DE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{4B5538F3-49EF-49F6-8BFB-08DEF5854C42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{160FEC2F-585C-4795-8586-D32ED37C8E15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6A762C6B-8020-42EC-ABA8-51DCFDB82874}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FD365C5B-B104-40E5-B62F-9627B1832C35}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{70253268-E35E-4A9F-93E3-1216E79C18D3}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{DAA05D41-0309-4B46-B0B4-A0C8417C3351}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{12F53FB9-5879-4029-A81A-4B45D9D74954}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{4DC80E15-1EF7-499C-8D21-C469A59323D0}] => (Allow) C:\Program Files (x86)\Microsoft Games\Halo 2\halo2.exe
FirewallRules: [{421EFA3B-F7D4-44B8-917A-3A0BB220AEF4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Halo 2\halo2.exe
FirewallRules: [{B4F58A65-FA8B-4BF7-8BB3-585D9269ECB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{904DA7EB-D790-499A-B524-9E1B130C233C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{489CC162-BECB-4F41-8A77-33FEAB440152}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01479246-61BE-421D-AFC7-1093A64C8821}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9047527-4801-4BDE-9198-12A97BFBDA2B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F45C1B22-CDEA-4117-9CCA-1E88CA83C5CF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C89EDBEE-F46F-4903-979D-27F744B6372D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6B93F5C9-7E8A-4F23-BA68-DDBD511FAE2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{086E005A-61A1-4D64-8470-C221557B0739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{7D848486-5A0E-4117-8753-6E37345AB112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4D8D76B2-0110-4284-8580-9DCBF560B30D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{E435056F-AF12-437D-84C6-558B387DD90D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{753976B4-5285-4D94-9178-E46C8EB8C105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{E81DD328-957E-4139-8E6E-706A88D7BAF8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DA826CE3-7B08-4377-A72A-9A44EEFFAE09}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{46633B7B-4B46-46D2-9D24-858830E2EFEB}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [{B2717A9A-6ECE-4A40-B96A-A61BC13FEA8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{19E336C9-77CF-45EE-A343-9FB91BD7D700}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{214A451A-C83D-4046-A489-AAD2A722417A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{D513F291-837B-41D0-83C8-D55A5B079467}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{343EFBF7-B6EB-4EFD-BE45-A452D253C4CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{90D1149F-3221-424D-BA1A-3EBFCF0F635D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{92E7AE1B-6082-4B4C-B3EF-515A7E189819}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{4AC6FA53-EB31-40BE-8D0A-F8833C6875B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{DEA347E2-A0A4-4CBD-9A6E-73C18A016E6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringManGame.exe
FirewallRules: [{52E01C25-984C-4C8E-AF5E-E3D6380D0AEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringManGame.exe
FirewallRules: [{30EEA4C3-A21A-440B-B1DE-1B6B84962C37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringEditor\BoringEditor.exe
FirewallRules: [{88623EAC-4FBF-497A-AD4B-E06F879B92A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringEditor\BoringEditor.exe
FirewallRules: [{D33E005D-3501-4D60-B5C7-0125D162A6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{EDA8F41C-E240-4C4A-8251-1576EBC8E97C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
==================== Faulty Device Manager Devices =============
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/25/2015 08:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 07:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 07:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 06:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 05:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 05:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 04:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 03:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 03:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 02:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
System errors:
=============
Error: (07/25/2015 08:17:18 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 10:07:43 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (07/25/2015 08:17:12 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 08:17:12 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 08:17:11 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 08:17:05 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/24/2015 07:52:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053
Error: (07/24/2015 07:52:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (07/24/2015 07:49:12 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/24/2015 01:42:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
Microsoft Office:
=========================
Error: (07/25/2015 08:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 07:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 07:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 06:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 05:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 05:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 04:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 03:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 03:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 02:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
==================== Memory info ===========================
Processor: AMD A6-3620 APU with Radeon™ HD Graphics
Percentage of memory in use: 57%
Total physical RAM: 7666.81 MB
Available physical RAM: 3229.9 MB
Total Virtual: 15331.81 MB
Available Virtual: 10140.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:914.61 GB) (Free:302.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:16.81 GB) (Free:16.7 GB) NTFS
Drive j: (AOE III DISC 1) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS
Drive k: (hssar) (CDROM) (Total:1.38 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A79749BB)
Partition 1: (Active) - (Size=914.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=16.8 GB) - (Type=07 NTFS)
==================== End of log ============================
Thanks in advance you guys!
-Gunnar
Rundll32 using lots of memory.
#1
Posted 25 July 2015 - 09:54 PM
-
- Member
-
- 3 posts
New Member
#2
Posted 25 July 2015 - 10:14 PM
-
- Expert
-
- 24,441 posts
Malware Expert
Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that. Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.
#3
Posted 25 July 2015 - 10:30 PM
- Topic Starter
-
- Member
-
- 3 posts
New Member
Here we go! Round 2:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
Ran by Gunnar (administrator) on MRSLAVE (25-07-2015 21:25:55)
Running from C:\Users\Gunnar\Desktop\frst
Loaded Profiles: Gunnar (Available Profiles: Gunnar)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
() C:\Program Files (x86)\SimracewayUpdater\SRWUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(IgniteGT) C:\IgniteGT\Simraceway\SRWAgent.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-23] (Valve Corporation)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRW Download Manager.lnk [2013-09-08]
ShortcutTarget: SRW Download Manager.lnk -> C:\IgniteGT\Simraceway\SRWAgent.exe (IgniteGT)
Startup: C:\Users\Gunnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-08-28]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-278295415-4203223567-2615167640-1000 -> DefaultScope {6D98695A-DD58-405F-BECF-E628552DA8E4} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.26
Tcpip\..\Interfaces\{4E2C42F6-C41A-429B-8688-FDCF455DB7B5}: [DhcpNameServer] 192.168.0.1 205.171.2.26
FireFox:
========
FF ProfilePath: C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: google.com
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-15] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-278295415-4203223567-2615167640-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gunnar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-278295415-4203223567-2615167640-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-15] (Pando Networks)
FF Plugin HKU\S-1-5-21-278295415-4203223567-2615167640-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-08-20] (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Extension: Ant Video Downloader - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2015-05-28]
FF Extension: LavaFox V2 - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2015-07-12]
FF Extension: Block site - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-02]
FF Extension: FDislike - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2012-09-03]
FF Extension: Firebug - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2013-12-30]
FF Extension: Lost Friends Notifier - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2014-11-06]
FF Extension: NASA Night Launch - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2012-08-02]
FF Extension: PDF Viewer - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected] [2014-03-27]
FF Extension: Adblock Plus - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-02]
FF Extension: Greasemonkey - C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-04-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-03]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-08-28] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-10] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
R2 Simraceway Update Service; C:\Program Files (x86)\SimracewayUpdater\SRWUpdate.exe [1630720 2013-07-11] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-08-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-08-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-08-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [33792 2010-08-02] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-20] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2014-10-16] (MotioninJoy) [File not signed]
R3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-10-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2010-10-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2010-10-14] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 21:16 - 2015-07-25 21:25 - 00000000 ____D C:\Users\Gunnar\Desktop\frst
2015-07-25 20:45 - 2015-07-25 20:45 - 00050809 _____ C:\Users\Gunnar\Downloads\Addition.txt
2015-07-25 20:43 - 2015-07-25 21:26 - 00000000 ____D C:\FRST
2015-07-25 20:43 - 2015-07-25 20:45 - 00043635 _____ C:\Users\Gunnar\Downloads\FRST.txt
2015-07-25 20:43 - 2015-07-25 20:43 - 00000000 ____D C:\Users\Gunnar\Downloads\FRST-OlderVersion
2015-07-24 21:21 - 2015-07-24 21:21 - 00000218 _____ C:\Users\Gunnar\AppData\Local\recently-used.xbel
2015-07-24 09:09 - 2015-07-24 21:07 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\deluge
2015-07-24 09:09 - 2015-07-24 09:15 - 00000000 ____D C:\Users\Gunnar\Downloads\VA - Best of Trap Music [2014]
2015-07-24 09:06 - 2015-07-24 09:06 - 13595245 _____ C:\Users\Gunnar\Downloads\deluge-1.3.11-win32-setup.exe
2015-07-24 09:06 - 2015-07-24 09:06 - 00000939 _____ C:\Users\Public\Desktop\Deluge.lnk
2015-07-24 09:06 - 2015-07-24 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2015-07-24 09:06 - 2015-07-24 09:06 - 00000000 ____D C:\Program Files (x86)\Deluge
2015-07-23 19:58 - 2015-07-23 19:58 - 00000000 ____D C:\Users\Gunnar\AppData\Local\CEF
2015-07-20 23:03 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 23:03 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 23:03 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 23:03 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 23:03 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 23:03 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 23:03 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 23:03 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 23:03 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 23:03 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 18:52 - 2015-07-18 18:53 - 00000000 ____D C:\Users\Gunnar\AppData\Local\PAYDAY 2
2015-07-18 18:52 - 2015-07-18 18:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-18 18:52 - 2015-07-18 18:52 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-07-16 23:32 - 2015-07-16 23:41 - 00000000 ____D C:\Users\Gunnar\Documents\shred
2015-07-15 13:06 - 2012-11-10 13:46 - 00821736 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2015-07-15 13:06 - 2012-11-10 13:46 - 00746984 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-07-15 13:05 - 2015-07-15 13:06 - 00000000 ____D C:\ProgramData\Oracle
2015-07-15 13:02 - 2015-07-15 13:02 - 00562784 _____ (Oracle Corporation) C:\Users\Gunnar\Downloads\jxpiinstall(1).exe
2015-07-14 23:22 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 23:22 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 23:22 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 23:22 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 23:22 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 23:22 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 23:22 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 23:22 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 23:22 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 23:22 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 23:22 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 23:22 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 23:22 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 23:22 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 23:22 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 23:22 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 23:22 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 23:22 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 23:22 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 23:22 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 23:22 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 23:21 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 23:21 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 23:21 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 23:21 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 23:21 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 23:21 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 23:21 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 23:21 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 23:21 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 23:21 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 23:21 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 23:21 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 23:21 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 23:21 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 23:21 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 23:21 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 23:21 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 23:21 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 23:21 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 23:21 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 23:21 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 23:21 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 23:21 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 23:21 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 23:21 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 23:21 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 23:21 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 23:21 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 23:21 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 23:21 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 23:21 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 23:21 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 23:21 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 23:21 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 23:21 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 23:21 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 23:21 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 23:21 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 23:21 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 23:21 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 23:21 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 23:21 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 23:21 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 23:21 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 23:20 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 23:20 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 23:20 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 23:20 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 23:20 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 23:20 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 23:20 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 23:20 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 23:20 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 23:20 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 23:20 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 23:20 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 23:20 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 23:20 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 23:20 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 23:20 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 23:20 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 23:20 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 23:20 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 23:20 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 23:20 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 23:20 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 23:20 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 23:20 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 23:20 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 23:20 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 23:20 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 23:20 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 23:20 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 23:20 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 23:20 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 23:20 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 23:20 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 23:20 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 23:20 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 23:20 - 2015-06-11 10:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 23:20 - 2015-06-11 10:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-14 23:20 - 2015-06-11 10:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-14 15:10 - 2015-07-14 15:10 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-13 21:42 - 2015-07-13 22:04 - 00000000 ____D C:\Users\Gunnar\AppData\Local\BoringManGame
2015-07-08 14:50 - 2015-07-08 14:57 - 00000000 ____D C:\Users\Gunnar\Documents\TrackMania
2015-07-08 14:50 - 2015-07-08 14:56 - 00000000 ____D C:\ProgramData\TrackMania
2015-07-08 12:37 - 2015-07-08 12:37 - 00001270 _____ C:\Users\Public\Desktop\WTAssetViewer.lnk
2015-07-08 12:37 - 2015-07-08 12:37 - 00001260 _____ C:\Users\Public\Desktop\WTMissionEditor.lnk
2015-07-08 12:30 - 2015-07-08 12:36 - 151820656 _____ (Gaijin Entertainment ) C:\Users\Gunnar\Downloads\WarThunderCDK_2015_07_02__17_26.exe
2015-07-03 01:27 - 2015-07-15 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 02:13 - 2015-07-01 02:13 - 00000000 ____D C:\Users\Gunnar\Desktop\GAME OF THE YEAR 420BLAZEIT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 21:25 - 2015-02-06 04:02 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\Skype
2015-07-25 21:24 - 2013-09-08 12:59 - 16550342 _____ C:\Simraceway.log
2015-07-25 21:23 - 2014-02-16 02:00 - 00024353 _____ C:\Windows\setupact.log
2015-07-25 21:23 - 2013-04-24 00:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 21:23 - 2012-12-15 18:45 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-25 21:23 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 21:22 - 2012-08-02 10:46 - 00245802 _____ C:\Windows\PFRO.log
2015-07-25 21:22 - 2009-07-13 21:45 - 00018768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 21:22 - 2009-07-13 21:45 - 00018768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 21:21 - 2012-08-01 23:54 - 01665799 _____ C:\Windows\WindowsUpdate.log
2015-07-25 21:10 - 2013-04-17 16:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 20:39 - 2013-04-24 00:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 20:30 - 2014-09-12 10:49 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-23 08:57 - 2013-12-21 16:45 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-07-21 09:13 - 2009-07-13 22:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-21 09:08 - 2009-07-13 21:45 - 02897352 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-16 23:48 - 2013-12-11 22:45 - 00000000 ____D C:\titties
2015-07-16 09:10 - 2014-03-17 15:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 09:05 - 2015-01-15 10:11 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 20:56 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-15 16:34 - 2013-04-24 00:53 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 16:34 - 2013-04-24 00:53 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 13:05 - 2012-11-10 13:46 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-15 13:05 - 2012-11-10 13:46 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-15 13:00 - 2012-08-16 15:45 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-07-15 12:53 - 2015-06-17 13:00 - 00000000 ____D C:\Users\Gunnar\AppData\Local\Battle.net
2015-07-15 10:58 - 2015-06-17 13:11 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-07-15 10:52 - 2015-06-17 12:59 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-07-15 10:52 - 2015-02-06 04:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-15 10:52 - 2015-02-06 04:02 - 00000000 ____D C:\ProgramData\Skype
2015-07-15 10:52 - 2013-09-08 13:00 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\Simraceway
2015-07-15 10:47 - 2012-09-24 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 15:10 - 2013-04-17 16:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 15:10 - 2012-08-02 00:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 15:10 - 2012-08-02 00:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 11:47 - 2014-05-19 23:17 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\vlc
2015-07-08 12:37 - 2013-12-21 16:45 - 00000000 ____D C:\Users\Gunnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2015-06-30 20:35 - 2012-08-13 22:57 - 00000000 ____D C:\Users\Gunnar\AppData\Local\Adobe
2015-06-30 20:12 - 2014-09-12 10:48 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-30 20:12 - 2014-09-12 10:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-30 13:11 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-25 00:34 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2013-06-29 23:42 - 2014-05-19 23:10 - 0005632 _____ () C:\Users\Gunnar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-31 16:35 - 2014-03-31 16:35 - 0000000 ___SH () C:\Users\Gunnar\AppData\Local\LumaEmu
2015-07-24 21:21 - 2015-07-24 21:21 - 0000218 _____ () C:\Users\Gunnar\AppData\Local\recently-used.xbel
Files to move or delete:
====================
C:\Users\Gunnar\Rosetta Stone v3 Japanese & Speech Preinstalled.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-23 00:37
==================== End of log ============================
Next:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015
Ran by Gunnar at 2015-07-25 21:27:56
Running from C:\Users\Gunnar\Desktop\frst
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-278295415-4203223567-2615167640-500 - Administrator - Disabled)
Guest (S-1-5-21-278295415-4203223567-2615167640-501 - Limited - Disabled)
Gunnar (S-1-5-21-278295415-4203223567-2615167640-1000 - Administrator - Enabled) => C:\Users\Gunnar
HomeGroupUser$ (S-1-5-21-278295415-4203223567-2615167640-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2.3 (HKLM-x32\...\{590B031A-4935-47A9-A6DD-7377DDB2ED3A}_is1) (Version: 2.3 - PlayWay S.A.)
Acoustica Mixcraft 6 (HKLM-x32\...\Acoustica Mixcraft 6) (Version: b189 - Acoustica)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_d2f336b2c5feeb945c28b7a0a45170f) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Aimersoft DVD Creator(Build 2.5.2.15) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version: - Wondershare Software)
AMD Catalyst Install Manager (HKLM\...\{3C378793-5288-0165-FCA4-D319D5E4A490}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Assassin's Creed II 1.01 (HKLM-x32\...\Assassin's Creed II_is1) (Version: - ea)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.01 - Ubisoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Automation - The Car Company Tycoon Game (HKLM-x32\...\Steam App 293760) (Version: - Camshaft Software)
Automation (HKLM-x32\...\Automation) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boring Man - Online Tactical Stickman Combat (HKLM-x32\...\Steam App 346120) (Version: - Spasman Games)
Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version: - )
CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Car Mechanic Simulator 2014 (HKLM-x32\...\Car Mechanic Simulator 2014_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Deluge 1.3.11 (HKLM-x32\...\Deluge) (Version: - )
eSupport UndeletePlus 3.0.5.313 (HKLM-x32\...\eSupport UndeletePlus_is1) (Version: - Copyright © 2013 eSupport.com • All Rights Reserved)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
Five Nights at Freddy's (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Five Nights at Freddy's) (Version: - )
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version: - Joycity)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version: - Microsoft Game Studios)
Halo 2 for Windows Vista (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Hearts of iron 3 Their Finest Hour 4.01 (HKLM-x32\...\Hearts of iron 3 Their Finest Hour 4.01) (Version: 4.01 - Hoi2.ru)
Hearts of Iron III (HKLM-x32\...\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}) (Version: - )
Hercules Classic Webcam Drivers (HKLM-x32\...\{5F0EE12C-44B1-4FCB-87E3-4686C888774A}) (Version: 1.00.0000 - Hercules)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kill The Bad Guy (HKLM-x32\...\Kill The Bad Guy_is1) (Version: - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LG United Mobile Drivers (HKLM-x32\...\{2D371881-67FB-4EAB-B59A-F59DC43199DD}) (Version: 2.1 - LG Electronics)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.0.0 - Electronic Arts)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiBit 0.5.16 (HKLM-x32\...\MultiBit 0.5.16) (Version: 0.5.16 - )
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Resident Evil 4 1.10 (HKLM-x32\...\Resident Evil 4_is1) (Version: - )
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
RZ DVD Creator (HKLM-x32\...\{3F32058A-343A-4C16-BD1B-BE35E9A42352}) (Version: 4.52 - RealZeal Soft)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.999 - SAMSUNG Electronics Co., Ltd.)
Search Protection (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Search Protection) (Version: 8.7.0.1 - Spigot, Inc.) <==== ATTENTION
SimCity, âåðñèÿ 1.0.0.0 (HKLM-x32\...\SimCity_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Simraceway 28.92 (HKLM-x32\...\Simraceway) (Version: 28.92 - Simraceway)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Star wars Battlefront II version 1.3 (HKLM-x32\...\{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1) (Version: 1.3 - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM-x32\...\Wubi) (Version: 12.04.3-rev279 - Ubuntu)
Unity (HKLM-x32\...\Unity) (Version: 4.5.0f6 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
War Thunder CDK 0.1 (HKLM-x32\...\{ed8deea4-29fe-1932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
War Thunder Launcher 1.0.1.299 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
West Point Bridge Designer 2014 (2nd Edition) (remove only) (HKLM-x32\...\West Point Bridge Designer 2014 (2nd Edition)) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinUAE 2.6.1 (HKLM-x32\...\WinUAE) (Version: 2.6.1 - Arabuusimiehet)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - Xvid Development Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
20-07-2015 22:59:05 Windows Update
21-07-2015 03:00:12 Windows Update
24-07-2015 14:11:57 Windows Update
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03B975DA-85B3-4577-936C-6285C5DE78A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {06D29252-84B2-4C98-93CE-8C998089CA0E} - System32\Tasks\IR5 => cmd.exe /c cscript.exe /b C:\Windows\System32\slmgr.vbs /rearm && net stop sppsvc && net start sppsvc
Task: {16FC838A-5143-4DA1-AB45-C35381FCDFD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {8C8797EE-C8FE-4DEA-B866-459F88157341} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {949A2318-DF54-45CC-A5DF-E89E861800F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-12-06 17:06 - 2013-12-06 17:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-12-06 17:06 - 2013-12-06 17:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-20 11:04 - 2013-08-10 15:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-11 14:04 - 2013-07-11 14:04 - 01630720 _____ () C:\Program Files (x86)\SimracewayUpdater\SRWUpdate.exe
2013-12-06 17:06 - 2013-12-06 17:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-07-11 14:03 - 2013-07-11 14:03 - 00252832 _____ () C:\Program Files (x86)\SimracewayUpdater\PATCHW32.dll
2013-07-01 08:20 - 2015-07-03 09:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-25 00:00 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-25 00:00 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-25 00:00 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 20:46 - 2015-07-23 16:24 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-12 10:55 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-12-15 18:48 - 2015-07-23 16:23 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 19:58 - 2015-07-07 13:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-12-15 18:48 - 2015-07-03 09:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Gunnar\Downloads\Der kleine Eisbär - Besuch vom Südpol Full German.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Gunnar\Downloads\Der kleine Eisbär - Lars und der kleine Tiger - aus_ Neue Abenteuer, neue Freunde.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Gunnar\Downloads\IMG_9642.JPG:Mac_Metadata
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.0.1 - 205.171.2.26
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{72BF8D4C-2E19-4D6A-A846-3DA709A37F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC602CB6-DA0A-4685-B23C-44768768393A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BFFBB460-0613-4710-9D96-6D1E8F30DD2D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D69FAB4F-174B-4A2E-B4FE-9474FFF79AFF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BA4D1DE-7F17-4CF9-A5A4-CC2301B47457}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8C2CEEB6-9BA2-4BB4-B797-124413A4AD79}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D986FE7-4CD9-4BF4-AECA-5F154426EF29}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8481D853-D85A-46E0-8C05-120C4643622A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A854C668-F1B0-4B2C-AA1C-97D651F5D795}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A4BCF1A3-7385-452A-8ED8-FD1BE0850CDB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A8C6F3B4-A581-4A50-8F41-A0EAECD46BB9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{EDC102A1-1531-4DD4-AF85-BB28BA9E8749}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{D9485DE7-5006-44F3-B8C3-E3ABC6D6206A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{301C2A3E-8BA0-43A7-835B-2C4C8238B306}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{1CD45FA9-8496-4FA2-9C7F-3ED74DD55CDD}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4FA25663-8991-4053-80E4-3B7392D57590}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4DA39227-D678-4F44-A1C2-C4BE7A7A088F}] => (Allow) LPort=5353
FirewallRules: [{0EADABD6-8EE1-4B2E-BCA2-EF0CB82BEE8C}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{F656FF07-3D57-44AE-9359-0C3EDF4A1F55}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{B821B55E-AFE0-42FF-931F-FB0686AE46B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{625266AB-E4AF-4FD7-BE1E-B0ED1D1F09CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{221C858F-FA4E-415F-A7DC-368289B83F17}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{CFB89727-8CED-4248-B74F-511DEE9DE664}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{5FDEDFA5-3333-4613-A030-A1D98EE73AEE}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{D0B2CB9C-0A66-4AB8-85AD-A0A12EB5E878}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{3255380B-91FC-491B-8FF9-7D542C4A9C4E}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{D55D167F-791D-456C-9439-CF65AC8385E9}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{2AF45EFB-DBBB-4731-9324-DB1CF615865E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6F54ACEC-A94D-41CA-A079-50EBB4C6620F}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE
FirewallRules: [{A7ACFBE5-73D0-4159-9D93-878D4FCA1EC8}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE
FirewallRules: [{6E757AC9-6FA2-4984-B01C-A57617F9C5A9}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE
FirewallRules: [{6FA284F6-FCE4-4F5E-BC8D-3DB337215EDB}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE
FirewallRules: [{F9158D0E-97EB-4BAB-BD52-4E896AE0DC59}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D70CE955-2E72-4991-8025-725302B0B006}] => (Allow) LPort=2869
FirewallRules: [{1456B32E-B7EB-4E03-8F09-E05195ABBAF7}] => (Allow) LPort=1900
FirewallRules: [{DA280ACB-3FEA-4E4C-9C96-5FC6FEA02898}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7DC5D9AA-AD4B-45D7-9B59-EC0BF5DAC448}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7E0BE6B-0B25-4A4C-8E55-0108E35A18D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1E296B4D-5392-44F3-95E3-3D47FF62A96E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6827CCE9-09B6-4946-BABD-86900FFC3525}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{DB9D9BC2-DB5E-4D7E-919D-67421BF403D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{26DEAE49-F68D-499F-9A1A-BB73227D1976}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{B0833326-85FC-4093-90DF-84F374D81970}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [TCP Query User{6D86D4F1-0210-4409-8582-3E9987EBF181}C:\ignitegt\simraceway\simracewaygame.exe] => (Allow) C:\ignitegt\simraceway\simracewaygame.exe
FirewallRules: [UDP Query User{73BFADEE-00E4-40CB-96E7-B6367D8A9EE9}C:\ignitegt\simraceway\simracewaygame.exe] => (Allow) C:\ignitegt\simraceway\simracewaygame.exe
FirewallRules: [{AF6EF51F-1277-4466-BE5B-661FA37C472E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4530C422-3F5A-4F99-945F-2AA4839CEC52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B1B40E45-A8F9-4139-A2BF-23CF79A0E526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{AD37ECE6-CE0D-4052-9FCE-B4F852D58AC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [TCP Query User{06DBB0BB-FD3A-4B62-A76D-617DE7AEF8E0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{27891B5F-FE0A-4D9B-BF33-F40CCECCE24A}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{E91D716A-66A8-4371-9B48-07CC12ABF879}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{25DA3761-BE65-4F89-B928-C33A075F4054}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{2337C05B-6492-415B-9875-EF7CCA698823}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{CF45C9A7-C983-43C2-BF9E-DF84B0ECEF89}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{ED4704EF-CE0F-4F1D-ADA2-EDDD9C924C58}] => (Allow) LPort=80
FirewallRules: [{321347EF-5162-41D9-9E31-3A04918C4530}] => (Allow) LPort=443
FirewallRules: [{A447C112-4FE8-445A-91E8-0E876028F348}] => (Allow) LPort=20010
FirewallRules: [{CD25A9BE-B8A3-4BA3-92D2-F2A5F4C35D8D}] => (Allow) LPort=3478
FirewallRules: [{5E623DF3-ABB9-46E6-AE0F-A43E70B9B43A}] => (Allow) LPort=7850
FirewallRules: [{E657DD70-8C57-40F2-BE21-AC59246F882B}] => (Allow) LPort=27022
FirewallRules: [{297B6DB8-1066-4C98-B029-4AF77ECA8762}] => (Allow) LPort=6881
FirewallRules: [{0ECBB379-CEFC-408E-A764-781EBC023690}] => (Allow) LPort=33333
FirewallRules: [{EC1DD7F6-C4FE-499A-93EC-8A49BBC5CC13}] => (Allow) LPort=20443
FirewallRules: [{F6AC7CD9-9514-4E1A-919E-3C24EAF61B91}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{45F04A93-03BA-42C8-B2CC-42C694F034E9}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{BB99AE92-6C14-472D-B111-4942025D68E7}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [{6AE7E29F-7711-4D3B-8CBC-BF50E72BFF95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{39DD33AE-736F-433C-9012-9C071E81D5C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{71F86D96-1588-4B69-B16B-6F2604480A55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{3C6481E3-910C-4EA9-A13B-47F4C13DA29C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EA804CD6-F141-46E3-A72D-73614DD4F24E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AE3603F3-DB7B-4664-947B-F2227F2C7137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{22535EBC-53C4-491A-A679-31DA224B03D1}] => (Allow) C:\Users\Gunnar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1138021C-B913-47AB-82B5-490C17590442}] => (Allow) C:\Users\Gunnar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75E97049-F873-4F3A-8E5E-679B586AC5C0}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{E602CC65-4CEE-472F-94B3-0EDB155E7A60}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{CA977058-4B32-46EC-999E-C0F93705B5F5}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{07126085-6A44-4A98-AAA4-C9FDFB21A80C}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8DD31974-56E4-41C3-AEA8-F560ABED9224}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{DF982A58-0518-49BA-863D-3A1336A9369B}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{0611414F-8785-426F-98E8-C7A0D7A5DE0B}] => (Allow) LPort=57513
FirewallRules: [{1CFB49E5-A990-439F-ADCD-97F7F47DF59C}] => (Allow) LPort=57513
FirewallRules: [{02EEAF91-4D86-40AF-B0AF-F4167DDC01A0}] => (Allow) LPort=57513
FirewallRules: [{CBA1AD96-3D90-4CF9-AC59-6A5885B4E676}] => (Allow) LPort=57513
FirewallRules: [{657486B1-DB07-4484-BD48-BEF349FA53E7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A538D460-6A3B-4BB2-A4F0-9681DF9162BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{E4AC4F29-0F54-4FB5-864D-98C55122DD6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{50720A24-AA07-4CD2-84C6-CBCE88E0F4C0}] => (Allow) C:\Program Files (x86)\SimCity\SimCity\SimCity.exe
FirewallRules: [{AE60BD34-7189-4A12-AB61-F1CA00D4EE42}] => (Allow) C:\Program Files (x86)\SimCity\SimCity\SimCity.exe
FirewallRules: [{27599509-7629-431E-9BF8-F4339D752BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{B0A4DA91-044B-4E23-AEDC-08CFBED8DF30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{FD6A7D30-7D02-401A-B748-0CA39E93471F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D94436FC-7297-41CF-93EF-C07DA1F6C3BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{439E25AA-729D-4045-AE22-9DF7C9468E53}] => (Allow) C:\Program Files (x86)\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{187A0CF3-9660-4DD0-A972-689C825357EF}] => (Allow) C:\Program Files (x86)\EA GAMES\Mirror's Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{E9C11CED-F5E4-498F-BD31-9C24FC94E116}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{8EDE676F-01B7-4035-98D4-0B25526AAFAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{263ED903-4123-4C23-A8A6-680457AA5DE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{4B5538F3-49EF-49F6-8BFB-08DEF5854C42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{160FEC2F-585C-4795-8586-D32ED37C8E15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6A762C6B-8020-42EC-ABA8-51DCFDB82874}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FD365C5B-B104-40E5-B62F-9627B1832C35}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{70253268-E35E-4A9F-93E3-1216E79C18D3}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{DAA05D41-0309-4B46-B0B4-A0C8417C3351}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{12F53FB9-5879-4029-A81A-4B45D9D74954}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{4DC80E15-1EF7-499C-8D21-C469A59323D0}] => (Allow) C:\Program Files (x86)\Microsoft Games\Halo 2\halo2.exe
FirewallRules: [{421EFA3B-F7D4-44B8-917A-3A0BB220AEF4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Halo 2\halo2.exe
FirewallRules: [{B4F58A65-FA8B-4BF7-8BB3-585D9269ECB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{904DA7EB-D790-499A-B524-9E1B130C233C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{489CC162-BECB-4F41-8A77-33FEAB440152}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01479246-61BE-421D-AFC7-1093A64C8821}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9047527-4801-4BDE-9198-12A97BFBDA2B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F45C1B22-CDEA-4117-9CCA-1E88CA83C5CF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C89EDBEE-F46F-4903-979D-27F744B6372D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6B93F5C9-7E8A-4F23-BA68-DDBD511FAE2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{086E005A-61A1-4D64-8470-C221557B0739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{7D848486-5A0E-4117-8753-6E37345AB112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{4D8D76B2-0110-4284-8580-9DCBF560B30D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{E435056F-AF12-437D-84C6-558B387DD90D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{753976B4-5285-4D94-9178-E46C8EB8C105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{E81DD328-957E-4139-8E6E-706A88D7BAF8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DA826CE3-7B08-4377-A72A-9A44EEFFAE09}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{46633B7B-4B46-46D2-9D24-858830E2EFEB}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [{B2717A9A-6ECE-4A40-B96A-A61BC13FEA8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{19E336C9-77CF-45EE-A343-9FB91BD7D700}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{214A451A-C83D-4046-A489-AAD2A722417A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{D513F291-837B-41D0-83C8-D55A5B079467}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{343EFBF7-B6EB-4EFD-BE45-A452D253C4CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{90D1149F-3221-424D-BA1A-3EBFCF0F635D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{92E7AE1B-6082-4B4C-B3EF-515A7E189819}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{4AC6FA53-EB31-40BE-8D0A-F8833C6875B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{DEA347E2-A0A4-4CBD-9A6E-73C18A016E6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringManGame.exe
FirewallRules: [{52E01C25-984C-4C8E-AF5E-E3D6380D0AEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringManGame.exe
FirewallRules: [{30EEA4C3-A21A-440B-B1DE-1B6B84962C37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringEditor\BoringEditor.exe
FirewallRules: [{88623EAC-4FBF-497A-AD4B-E06F879B92A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boring Man - Online Tactical Stickman Combat\BoringEditor\BoringEditor.exe
FirewallRules: [{D33E005D-3501-4D60-B5C7-0125D162A6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{EDA8F41C-E240-4C4A-8251-1576EBC8E97C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
==================== Faulty Device Manager Devices =============
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/25/2015 09:23:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
Error: (07/25/2015 09:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17909, time stamp: 0x55844c24
Faulting module name: SteadyVideo.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f39573b
Exception code: 0xc0000005
Fault offset: 0x6cf01cd8
Faulting process id: 0x27c24
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (07/25/2015 09:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 08:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 07:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 07:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 06:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 05:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 05:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (07/25/2015 04:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
System errors:
=============
Error: (07/25/2015 09:23:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 09:23:41 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 09:23:31 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 09:23:22 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 09:22:04 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 08:17:18 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 10:07:43 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (07/25/2015 08:17:12 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 08:17:12 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (07/25/2015 08:17:11 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Microsoft Office:
=========================
Error: (07/25/2015 09:23:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
Error: (07/25/2015 09:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1790955844c24SteadyVideo.dll_unloaded0.0.0.04f39573bc00000056cf01cd827c2401d0c7594ead3649C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXESteadyVideo.dll9237abef-334c-11e5-a2da-d0df9ade6034
Error: (07/25/2015 09:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 08:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 07:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 07:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 06:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 05:42:29 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 05:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (07/25/2015 04:07:43 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
==================== Memory info ===========================
Processor: AMD A6-3620 APU with Radeon™ HD Graphics
Percentage of memory in use: 42%
Total physical RAM: 7666.81 MB
Available physical RAM: 4399.23 MB
Total Virtual: 15331.81 MB
Available Virtual: 11884.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:914.61 GB) (Free:306.47 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:16.81 GB) (Free:16.7 GB) NTFS
Drive j: (AOE III DISC 1) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS
Drive k: (hssar) (CDROM) (Total:1.38 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A79749BB)
Partition 1: (Active) - (Size=914.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=16.8 GB) - (Type=07 NTFS)
==================== End of log ============================
#4
Posted 25 July 2015 - 11:13 PM
-
- Expert
-
- 24,441 posts
Malware Expert
Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
The report will be saved in the C:\AdwCleaner folder.
Junkware-Removal-Tool
Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
- Pause your anti-virus. Close all browsers.
- Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
Let's check for damaged files:
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
Reboot.
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc /scannow
(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:
Copy the next two lines:
findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.
Then let's see if the CPU is still over busy.
Get Process Explorer
http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.
Wait a full minute then:
File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
Does it seem to be better now? I've got to go to bed now. It's past 1 AM here in Florida.
#5
Posted 26 July 2015 - 12:32 AM
- Topic Starter
-
- Member
-
- 3 posts
New Member
Here we go;
# AdwCleaner v4.208 - Logfile created 25/07/2015 at 22:23:10
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 7 Enterprise Service Pack 1 (x64)
# Username : Gunnar - MRSLAVE
# Running from : C:\Users\Gunnar\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Deleted : C:\Program Files (x86)\DriverTuner
Folder Deleted : C:\Users\Gunnar\AppData\Local\DriverTuner
Folder Deleted : C:\Users\Gunnar\AppData\Roaming\defaulttab
Folder Deleted : C:\Users\Gunnar\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Gunnar\Documents\Updater
Folder Deleted : C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\[email protected]
File Deleted : C:\Users\Gunnar\AppData\Roaming\Mozilla\Firefox\Profiles\n85kn1ob.default\Extensions\fbdisli[email protected]
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\DriverTuner_Init
Key Deleted : HKCU\Software\DriverTuner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v39.0 (x86 en-US)
*************************
AdwCleaner[R0].txt - [2096 bytes] - [25/07/2015 22:19:19]
AdwCleaner[R1].txt - [2155 bytes] - [25/07/2015 22:21:09]
AdwCleaner[R2].txt - [2214 bytes] - [25/07/2015 22:22:08]
AdwCleaner[S0].txt - [2028 bytes] - [25/07/2015 22:23:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2087 bytes] ##########
Then;
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 7 Enterprise x64
Ran by Gunnar on Sat 07/25/2015 at 22:32:49.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Users\Gunnar\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Users\Gunnar\AppData\Roaming\3909
~~~ FireFox
Emptied folder: C:\Users\Gunnar\AppData\Roaming\mozilla\firefox\profiles\n85kn1ob.default\minidumps [486 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 07/25/2015 at 22:42:25.70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2015-07-25 22:48:40, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:48:40, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2015-07-25 22:48:42, Info CSI 0000000c [SR] Verify complete
2015-07-25 22:48:43, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:48:43, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2015-07-25 22:48:45, Info CSI 00000010 [SR] Verify complete
2015-07-25 22:48:47, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:48:47, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2015-07-25 22:48:50, Info CSI 00000014 [SR] Verify complete
2015-07-25 22:48:53, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:48:53, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2015-07-25 22:48:55, Info CSI 00000018 [SR] Verify complete
2015-07-25 22:48:57, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:48:57, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2015-07-25 22:48:59, Info CSI 0000001c [SR] Verify complete
2015-07-25 22:49:01, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:01, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:03, Info CSI 00000020 [SR] Verify complete
2015-07-25 22:49:05, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:05, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:06, Info CSI 00000024 [SR] Verify complete
2015-07-25 22:49:07, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:07, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:09, Info CSI 00000028 [SR] Verify complete
2015-07-25 22:49:11, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:11, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:12, Info CSI 0000002c [SR] Verify complete
2015-07-25 22:49:14, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:14, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:15, Info CSI 00000030 [SR] Verify complete
2015-07-25 22:49:17, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:17, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:18, Info CSI 00000034 [SR] Verify complete
2015-07-25 22:49:19, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:19, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:21, Info CSI 00000038 [SR] Verify complete
2015-07-25 22:49:22, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:22, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:24, Info CSI 0000003c [SR] Verify complete
2015-07-25 22:49:25, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:25, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:27, Info CSI 00000040 [SR] Verify complete
2015-07-25 22:49:28, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:28, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:29, Info CSI 00000044 [SR] Verify complete
2015-07-25 22:49:30, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:30, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:33, Info CSI 00000048 [SR] Verify complete
2015-07-25 22:49:34, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:34, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:36, Info CSI 0000004c [SR] Verify complete
2015-07-25 22:49:37, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:37, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:39, Info CSI 00000050 [SR] Verify complete
2015-07-25 22:49:41, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:41, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:42, Info CSI 00000054 [SR] Verify complete
2015-07-25 22:49:43, Info CSI 00000055 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:43, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:47, Info CSI 00000058 [SR] Verify complete
2015-07-25 22:49:48, Info CSI 00000059 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:48, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:52, Info CSI 0000005c [SR] Verify complete
2015-07-25 22:49:53, Info CSI 0000005d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:53, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
2015-07-25 22:49:56, Info CSI 00000060 [SR] Verify complete
2015-07-25 22:49:57, Info CSI 00000061 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:49:57, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:00, Info CSI 00000064 [SR] Verify complete
2015-07-25 22:50:01, Info CSI 00000065 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:01, Info CSI 00000066 [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:04, Info CSI 00000068 [SR] Verify complete
2015-07-25 22:50:05, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:05, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:14, Info CSI 0000006c [SR] Verify complete
2015-07-25 22:50:14, Info CSI 0000006d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:14, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:17, Info CSI 00000070 [SR] Verify complete
2015-07-25 22:50:18, Info CSI 00000071 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:18, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:20, Info CSI 00000074 [SR] Verify complete
2015-07-25 22:50:21, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:21, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:25, Info CSI 00000078 [SR] Verify complete
2015-07-25 22:50:25, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:25, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:33, Info CSI 0000007d [SR] Verify complete
2015-07-25 22:50:33, Info CSI 0000007e [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:33, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:40, Info CSI 00000084 [SR] Verify complete
2015-07-25 22:50:40, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:40, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:46, Info CSI 00000089 [SR] Verify complete
2015-07-25 22:50:46, Info CSI 0000008a [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:46, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
2015-07-25 22:50:52, Info CSI 0000008d [SR] Verify complete
2015-07-25 22:50:52, Info CSI 0000008e [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:50:52, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:00, Info CSI 000000ad [SR] Verify complete
2015-07-25 22:51:01, Info CSI 000000ae [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:01, Info CSI 000000af [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:06, Info CSI 000000b8 [SR] Verify complete
2015-07-25 22:51:07, Info CSI 000000b9 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:07, Info CSI 000000ba [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:12, Info CSI 000000bc [SR] Verify complete
2015-07-25 22:51:12, Info CSI 000000bd [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:12, Info CSI 000000be [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:20, Info CSI 000000c0 [SR] Verify complete
2015-07-25 22:51:21, Info CSI 000000c1 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:21, Info CSI 000000c2 [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:27, Info CSI 000000c4 [SR] Verify complete
2015-07-25 22:51:28, Info CSI 000000c5 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:28, Info CSI 000000c6 [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:33, Info CSI 000000c8 [SR] Verify complete
2015-07-25 22:51:33, Info CSI 000000c9 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:33, Info CSI 000000ca [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:38, Info CSI 000000cc [SR] Verify complete
2015-07-25 22:51:38, Info CSI 000000cd [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:38, Info CSI 000000ce [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:46, Info CSI 000000d2 [SR] Verify complete
2015-07-25 22:51:46, Info CSI 000000d3 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:46, Info CSI 000000d4 [SR] Beginning Verify and Repair transaction
2015-07-25 22:51:53, Info CSI 000000f5 [SR] Verify complete
2015-07-25 22:51:54, Info CSI 000000f6 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:51:54, Info CSI 000000f7 [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:07, Info CSI 000000f9 [SR] Verify complete
2015-07-25 22:52:07, Info CSI 000000fa [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:07, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:17, Info CSI 000000fd [SR] Verify complete
2015-07-25 22:52:17, Info CSI 000000fe [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:17, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:20, Info CSI 00000103 [SR] Verify complete
2015-07-25 22:52:21, Info CSI 00000104 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:21, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:22, Info CSI 00000107 [SR] Verify complete
2015-07-25 22:52:22, Info CSI 00000108 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:22, Info CSI 00000109 [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:23, Info CSI 0000010b [SR] Verify complete
2015-07-25 22:52:24, Info CSI 0000010c [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:24, Info CSI 0000010d [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:30, Info CSI 00000111 [SR] Verify complete
2015-07-25 22:52:30, Info CSI 00000112 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:30, Info CSI 00000113 [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:36, Info CSI 00000124 [SR] Verify complete
2015-07-25 22:52:37, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:37, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:38, Info CSI 00000128 [SR] Verify complete
2015-07-25 22:52:39, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:39, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:45, Info CSI 0000012c [SR] Verify complete
2015-07-25 22:52:46, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:46, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:49, Info CSI 00000130 [SR] Verify complete
2015-07-25 22:52:50, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:50, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2015-07-25 22:52:59, Info CSI 00000135 [SR] Verify complete
2015-07-25 22:52:59, Info CSI 00000136 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:52:59, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:08, Info CSI 0000013a [SR] Verify complete
2015-07-25 22:53:08, Info CSI 0000013b [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:08, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:11, Info CSI 0000013e [SR] Verify complete
2015-07-25 22:53:12, Info CSI 0000013f [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:12, Info CSI 00000140 [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:14, Info CSI 00000142 [SR] Verify complete
2015-07-25 22:53:15, Info CSI 00000143 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:15, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:20, Info CSI 00000146 [SR] Verify complete
2015-07-25 22:53:20, Info CSI 00000147 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:20, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:26, Info CSI 0000014a [SR] Verify complete
2015-07-25 22:53:26, Info CSI 0000014b [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:26, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:31, Info CSI 0000014e [SR] Verify complete
2015-07-25 22:53:32, Info CSI 0000014f [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:32, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:42, Info CSI 00000168 [SR] Verify complete
2015-07-25 22:53:43, Info CSI 00000169 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:43, Info CSI 0000016a [SR] Beginning Verify and Repair transaction
2015-07-25 22:53:48, Info CSI 0000016c [SR] Verify complete
2015-07-25 22:53:49, Info CSI 0000016d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:53:49, Info CSI 0000016e [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:01, Info CSI 00000170 [SR] Verify complete
2015-07-25 22:54:02, Info CSI 00000171 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:02, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:09, Info CSI 00000175 [SR] Verify complete
2015-07-25 22:54:09, Info CSI 00000176 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:09, Info CSI 00000177 [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:19, Info CSI 00000179 [SR] Verify complete
2015-07-25 22:54:19, Info CSI 0000017a [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:19, Info CSI 0000017b [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:24, Info CSI 0000017d [SR] Verify complete
2015-07-25 22:54:25, Info CSI 0000017e [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:25, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:30, Info CSI 00000181 [SR] Verify complete
2015-07-25 22:54:30, Info CSI 00000182 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:30, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:36, Info CSI 00000185 [SR] Verify complete
2015-07-25 22:54:36, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:36, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:39, Info CSI 0000018b [SR] Verify complete
2015-07-25 22:54:40, Info CSI 0000018c [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:40, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:44, Info CSI 0000018f [SR] Verify complete
2015-07-25 22:54:44, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:44, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2015-07-25 22:54:58, Info CSI 00000193 [SR] Verify complete
2015-07-25 22:54:59, Info CSI 00000194 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:54:59, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:04, Info CSI 00000198 [SR] Verify complete
2015-07-25 22:55:04, Info CSI 00000199 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:04, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:13, Info CSI 0000019d [SR] Verify complete
2015-07-25 22:55:14, Info CSI 0000019e [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:14, Info CSI 0000019f [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:20, Info CSI 000001a1 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:18{9}]"slwga.dll" from store
2015-07-25 22:55:20, Info CSI 000001a2 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:18{9}]"slmgr.vbs" from store
2015-07-25 22:55:21, Info CSI 000001a4 [SR] Verify complete
2015-07-25 22:55:22, Info CSI 000001a5 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:22, Info CSI 000001a6 [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:32, Info CSI 000001a9 [SR] Verify complete
2015-07-25 22:55:32, Info CSI 000001aa [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:32, Info CSI 000001ab [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:36, Info CSI 000001ad [SR] Verify complete
2015-07-25 22:55:37, Info CSI 000001ae [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:37, Info CSI 000001af [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:41, Info CSI 000001b1 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:26{13}]"systemcpl.dll" from store
2015-07-25 22:55:42, Info CSI 000001b3 [SR] Verify complete
2015-07-25 22:55:42, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:42, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:47, Info CSI 000001b7 [SR] Verify complete
2015-07-25 22:55:48, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:48, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2015-07-25 22:55:52, Info CSI 000001bc [SR] Verify complete
2015-07-25 22:55:53, Info CSI 000001bd [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:55:53, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:02, Info CSI 000001c0 [SR] Verify complete
2015-07-25 22:56:02, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:02, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:06, Info CSI 000001c4 [SR] Verify complete
2015-07-25 22:56:06, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:06, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:11, Info CSI 000001c9 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"user32.dll" from store
2015-07-25 22:56:11, Info CSI 000001cb [SR] Verify complete
2015-07-25 22:56:12, Info CSI 000001cc [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:12, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:18, Info CSI 000001cf [SR] Verify complete
2015-07-25 22:56:18, Info CSI 000001d0 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:18, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:23, Info CSI 000001d5 [SR] Verify complete
2015-07-25 22:56:23, Info CSI 000001d6 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:23, Info CSI 000001d7 [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:29, Info CSI 000001d9 [SR] Verify complete
2015-07-25 22:56:29, Info CSI 000001da [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:29, Info CSI 000001db [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:37, Info CSI 000001de [SR] Verify complete
2015-07-25 22:56:38, Info CSI 000001df [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:38, Info CSI 000001e0 [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:51, Info CSI 000001e2 [SR] Verify complete
2015-07-25 22:56:51, Info CSI 000001e3 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:51, Info CSI 000001e4 [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:54, Info CSI 000001e6 [SR] Verify complete
2015-07-25 22:56:55, Info CSI 000001e7 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:55, Info CSI 000001e8 [SR] Beginning Verify and Repair transaction
2015-07-25 22:56:58, Info CSI 000001ea [SR] Verify complete
2015-07-25 22:56:59, Info CSI 000001eb [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:56:59, Info CSI 000001ec [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:05, Info CSI 000001ee [SR] Verify complete
2015-07-25 22:57:06, Info CSI 000001ef [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:06, Info CSI 000001f0 [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:12, Info CSI 000001f2 [SR] Verify complete
2015-07-25 22:57:13, Info CSI 000001f3 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:13, Info CSI 000001f4 [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:18, Info CSI 000001f6 [SR] Verify complete
2015-07-25 22:57:19, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:19, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:22, Info CSI 000001fa [SR] Verify complete
2015-07-25 22:57:23, Info CSI 000001fb [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:23, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:33, Info CSI 000001fe [SR] Verify complete
2015-07-25 22:57:33, Info CSI 000001ff [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:33, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:49, Info CSI 00000202 [SR] Verify complete
2015-07-25 22:57:49, Info CSI 00000203 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:49, Info CSI 00000204 [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:52, Info CSI 00000206 [SR] Verify complete
2015-07-25 22:57:52, Info CSI 00000207 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:52, Info CSI 00000208 [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:55, Info CSI 0000020a [SR] Verify complete
2015-07-25 22:57:56, Info CSI 0000020b [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:56, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2015-07-25 22:57:57, Info CSI 0000020e [SR] Verify complete
2015-07-25 22:57:58, Info CSI 0000020f [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:57:58, Info CSI 00000210 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:02, Info CSI 00000212 [SR] Verify complete
2015-07-25 22:58:02, Info CSI 00000213 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:02, Info CSI 00000214 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:06, Info CSI 00000216 [SR] Verify complete
2015-07-25 22:58:06, Info CSI 00000217 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:06, Info CSI 00000218 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:09, Info CSI 0000021a [SR] Verify complete
2015-07-25 22:58:09, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:09, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:10, Info CSI 0000021e [SR] Verify complete
2015-07-25 22:58:10, Info CSI 0000021f [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:10, Info CSI 00000220 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:15, Info CSI 00000228 [SR] Verify complete
2015-07-25 22:58:15, Info CSI 00000229 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:15, Info CSI 0000022a [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:19, Info CSI 0000022c [SR] Verify complete
2015-07-25 22:58:19, Info CSI 0000022d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:19, Info CSI 0000022e [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:23, Info CSI 00000230 [SR] Verify complete
2015-07-25 22:58:24, Info CSI 00000231 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:24, Info CSI 00000232 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:27, Info CSI 00000234 [SR] Verify complete
2015-07-25 22:58:28, Info CSI 00000235 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:28, Info CSI 00000236 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:32, Info CSI 00000238 [SR] Verify complete
2015-07-25 22:58:33, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:33, Info CSI 0000023a [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:38, Info CSI 0000023c [SR] Verify complete
2015-07-25 22:58:38, Info CSI 0000023d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:38, Info CSI 0000023e [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:44, Info CSI 00000241 [SR] Verify complete
2015-07-25 22:58:44, Info CSI 00000242 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:44, Info CSI 00000243 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:45, Info CSI 00000245 [SR] Verify complete
2015-07-25 22:58:46, Info CSI 00000246 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:46, Info CSI 00000247 [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:47, Info CSI 00000249 [SR] Verify complete
2015-07-25 22:58:48, Info CSI 0000024a [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:48, Info CSI 0000024b [SR] Beginning Verify and Repair transaction
2015-07-25 22:58:59, Info CSI 00000250 [SR] Verify complete
2015-07-25 22:58:59, Info CSI 00000251 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:58:59, Info CSI 00000252 [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:09, Info CSI 00000255 [SR] Verify complete
2015-07-25 22:59:09, Info CSI 00000256 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:09, Info CSI 00000257 [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:15, Info CSI 0000025b [SR] Verify complete
2015-07-25 22:59:16, Info CSI 0000025c [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:16, Info CSI 0000025d [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:21, Info CSI 0000025f [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:20{10}]"user32.dll" from store
2015-07-25 22:59:22, Info CSI 0000026a [SR] Verify complete
2015-07-25 22:59:23, Info CSI 0000026b [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:23, Info CSI 0000026c [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:29, Info CSI 00000273 [SR] Verify complete
2015-07-25 22:59:30, Info CSI 00000274 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:30, Info CSI 00000275 [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:34, Info CSI 00000277 [SR] Verify complete
2015-07-25 22:59:34, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:34, Info CSI 00000279 [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:38, Info CSI 0000027d [SR] Verify complete
2015-07-25 22:59:38, Info CSI 0000027e [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:38, Info CSI 0000027f [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:42, Info CSI 00000281 [SR] Verify complete
2015-07-25 22:59:42, Info CSI 00000282 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:42, Info CSI 00000283 [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:47, Info CSI 000002a8 [SR] Verify complete
2015-07-25 22:59:47, Info CSI 000002a9 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:47, Info CSI 000002aa [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:51, Info CSI 000002ac [SR] Verify complete
2015-07-25 22:59:51, Info CSI 000002ad [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:51, Info CSI 000002ae [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:54, Info CSI 000002b0 [SR] Verify complete
2015-07-25 22:59:55, Info CSI 000002b1 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:55, Info CSI 000002b2 [SR] Beginning Verify and Repair transaction
2015-07-25 22:59:59, Info CSI 000002b4 [SR] Verify complete
2015-07-25 22:59:59, Info CSI 000002b5 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 22:59:59, Info CSI 000002b6 [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:03, Info CSI 000002c4 [SR] Verify complete
2015-07-25 23:00:03, Info CSI 000002c5 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:03, Info CSI 000002c6 [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:09, Info CSI 000002c8 [SR] Verify complete
2015-07-25 23:00:09, Info CSI 000002c9 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:09, Info CSI 000002ca [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:14, Info CSI 000002d6 [SR] Verify complete
2015-07-25 23:00:14, Info CSI 000002d7 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:14, Info CSI 000002d8 [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:18, Info CSI 000002dc [SR] Verify complete
2015-07-25 23:00:18, Info CSI 000002dd [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:18, Info CSI 000002de [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:21, Info CSI 000002e0 [SR] Verify complete
2015-07-25 23:00:21, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:21, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:28, Info CSI 000002e5 [SR] Verify complete
2015-07-25 23:00:28, Info CSI 000002e6 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:28, Info CSI 000002e7 [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:29, Info CSI 000002e9 [SR] Verify complete
2015-07-25 23:00:30, Info CSI 000002ea [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:30, Info CSI 000002eb [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:33, Info CSI 000002ed [SR] Verify complete
2015-07-25 23:00:33, Info CSI 000002ee [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:33, Info CSI 000002ef [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:36, Info CSI 000002f1 [SR] Verify complete
2015-07-25 23:00:37, Info CSI 000002f2 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:37, Info CSI 000002f3 [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:41, Info CSI 000002f5 [SR] Verify complete
2015-07-25 23:00:41, Info CSI 000002f6 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:41, Info CSI 000002f7 [SR] Beginning Verify and Repair transaction
2015-07-25 23:00:48, Info CSI 00000311 [SR] Verify complete
2015-07-25 23:00:48, Info CSI 00000312 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:00:48, Info CSI 00000313 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:01, Info CSI 00000315 [SR] Verify complete
2015-07-25 23:01:01, Info CSI 00000316 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:01, Info CSI 00000317 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:05, Info CSI 00000319 [SR] Verify complete
2015-07-25 23:01:05, Info CSI 0000031a [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:05, Info CSI 0000031b [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:09, Info CSI 0000031d [SR] Verify complete
2015-07-25 23:01:09, Info CSI 0000031e [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:09, Info CSI 0000031f [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:11, Info CSI 00000323 [SR] Verify complete
2015-07-25 23:01:11, Info CSI 00000324 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:11, Info CSI 00000325 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:14, Info CSI 00000327 [SR] Verify complete
2015-07-25 23:01:14, Info CSI 00000328 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:14, Info CSI 00000329 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:18, Info CSI 0000032b [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:18{9}]"slwga.dll" from store
2015-07-25 23:01:18, Info CSI 0000032c [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:18{9}]"slmgr.vbs" from store
2015-07-25 23:01:19, Info CSI 0000032e [SR] Verify complete
2015-07-25 23:01:19, Info CSI 0000032f [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:19, Info CSI 00000330 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:22, Info CSI 00000332 [SR] Verify complete
2015-07-25 23:01:23, Info CSI 00000333 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:23, Info CSI 00000334 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:26, Info CSI 00000337 [SR] Verify complete
2015-07-25 23:01:27, Info CSI 00000338 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:27, Info CSI 00000339 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:30, Info CSI 0000033b [SR] Verify complete
2015-07-25 23:01:30, Info CSI 0000033c [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:30, Info CSI 0000033d [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:33, Info CSI 0000033f [SR] Verify complete
2015-07-25 23:01:33, Info CSI 00000340 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:33, Info CSI 00000341 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:37, Info CSI 00000343 [SR] Verify complete
2015-07-25 23:01:37, Info CSI 00000344 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:37, Info CSI 00000345 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:42, Info CSI 00000348 [SR] Verify complete
2015-07-25 23:01:43, Info CSI 00000349 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:43, Info CSI 0000034a [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:46, Info CSI 0000034c [SR] Verify complete
2015-07-25 23:01:47, Info CSI 0000034d [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:47, Info CSI 0000034e [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:53, Info CSI 00000350 [SR] Verify complete
2015-07-25 23:01:54, Info CSI 00000351 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:01:54, Info CSI 00000352 [SR] Beginning Verify and Repair transaction
2015-07-25 23:01:59, Info CSI 00000354 [SR] Verify complete
2015-07-25 23:02:00, Info CSI 00000355 [SR] Verifying 100 (0x0000000000000064) components
2015-07-25 23:02:00, Info CSI 00000356 [SR] Beginning Verify and Repair transaction
2015-07-25 23:02:05, Info CSI 00000358 [SR] Verify complete
2015-07-25 23:02:05, Info CSI 00000359 [SR] Verifying 51 (0x0000000000000033) components
2015-07-25 23:02:05, Info CSI 0000035a [SR] Beginning Verify and Repair transaction
2015-07-25 23:02:08, Info CSI 0000035c [SR] Verify complete
2015-07-25 23:02:08, Info CSI 0000035d [SR] Repairing 7 components
2015-07-25 23:02:08, Info CSI 0000035e [SR] Beginning Verify and Repair transaction
2015-07-25 23:02:08, Info CSI 00000360 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:26{13}]"systemcpl.dll" from store
2015-07-25 23:02:08, Info CSI 00000361 [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:18{9}]"slmgr.vbs" from store
2015-07-25 23:02:08, Info CSI 00000362 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:18{9}]"slmgr.vbs" from store
2015-07-25 23:02:08, Info CSI 00000364 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"user32.dll" from store
2015-07-25 23:02:08, Info CSI 00000366 [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:20{10}]"user32.dll" from store
2015-07-25 23:02:09, Info CSI 00000368 [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:18{9}]"slwga.dll" from store
2015-07-25 23:02:09, Info CSI 0000036a [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:18{9}]"slwga.dll" from store
2015-07-25 23:02:09, Info CSI 0000036c [SR] Repair complete
2015-07-25 23:02:09, Info CSI 0000036d [SR] Committing transaction
2015-07-25 23:02:09, Info CSI 00000371 [SR] Unable to complete Verify and Repair transaction because some of the files that need to be repaired are in use. A reboot is required to complete this operation.
2015-07-25 23:02:09, Info CSI 00000372 [SR] Repairing 7 components
2015-07-25 23:02:09, Info CSI 00000373 [SR] Beginning Verify and Repair transaction
2015-07-25 23:02:09, Info CSI 00000375 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:26{13}]"systemcpl.dll" from store
2015-07-25 23:02:09, Info CSI 00000376 [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:18{9}]"slmgr.vbs" from store
2015-07-25 23:02:09, Info CSI 00000377 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:18{9}]"slmgr.vbs" from store
2015-07-25 23:02:09, Info CSI 00000379 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"user32.dll" from store
2015-07-25 23:02:09, Info CSI 0000037b [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:20{10}]"user32.dll" from store
2015-07-25 23:02:10, Info CSI 0000037d [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:18{9}]"slwga.dll" from store
2015-07-25 23:02:10, Info CSI 0000037f [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:18{9}]"slwga.dll" from store
2015-07-25 23:02:10, Info CSI 00000381 [SR] Repair complete
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 25/07/2015 11:15:24 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/07/2015 5:56:18 AM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding
Log: 'System' Date/Time: 26/07/2015 5:47:43 AM
Type: Error Category: 0
Event: 1012 Source: Microsoft-Windows-DNS-Client
There was an error while attempting to read the local hosts file.
Log: 'System' Date/Time: 26/07/2015 5:47:11 AM
Type: Error Category: 0
Event: 1012 Source: Microsoft-Windows-DNS-Client
There was an error while attempting to read the local hosts file.
Log: 'System' Date/Time: 26/07/2015 5:46:48 AM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.
Log: 'System' Date/Time: 26/07/2015 5:46:26 AM
Type: Error Category: 0
Event: 1012 Source: Microsoft-Windows-DNS-Client
There was an error while attempting to read the local hosts file.
Log: 'System' Date/Time: 26/07/2015 5:45:37 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 26/07/2015 5:45:37 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 26/07/2015 5:45:37 AM
Type: Error Category: 0
Event: 1012 Source: Microsoft-Windows-DNS-Client
There was an error while attempting to read the local hosts file.
Log: 'System' Date/Time: 26/07/2015 5:45:35 AM
Type: Error Category: 0
Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Log: 'System' Date/Time: 26/07/2015 5:45:31 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {3EB3C877-1F16-487C-9050-104DBCD66683} did not register with DCOM within the required timeout.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/07/2015 5:45:37 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
AppleMobileDeviceHelper.exe 3,876 K 13,136 K 5080 MobileDeviceHelper Apple Inc.
armsvc.exe 1,208 K 4,044 K 1712 Adobe Acrobat Update Service Adobe Systems Incorporated
atieclxx.exe 2,828 K 7,980 K 1352
atiesrxx.exe 1,496 K 4,400 K 832 AMD External Events Service Module AMD
cmd.exe 2,152 K 3,180 K 2392
conhost.exe 2,100 K 5,620 K 940
conhost.exe 1,440 K 3,688 K 1068 Console Window Host Microsoft Corporation
conhost.exe 1,440 K 3,624 K 3664 Console Window Host Microsoft Corporation
conhost.exe 1,068 K 2,888 K 1452
distnoted.exe 1,772 K 5,964 K 5404 distnoted Apple Inc.
dllhost.exe 2,900 K 7,484 K 5012
dllhost.exe 4,912 K 15,080 K 7132 COM Surrogate Microsoft Corporation
Fuel.Service.exe 5,472 K 11,828 K 1732 AMD Fuel Service Advanced Micro Devices, Inc.
GoogleCrashHandler.exe 1,620 K 528 K 2652
GoogleCrashHandler64.exe 1,732 K 528 K 2664
jusched.exe 1,500 K 5,192 K 2232 Java Update Scheduler Oracle Corporation
lsm.exe 2,652 K 4,388 K 568
mDNSResponder.exe 2,648 K 6,144 K 1784 Bonjour Service Apple Inc.
notepad.exe 12,356 K 25,728 K 2688
procexp.exe 2,308 K 7,268 K 6484 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
RAVBg64.exe 15,032 K 11,828 K 1136
RtkAudioService64.exe 2,140 K 5,484 K 1096 Realtek Audio Service Realtek Semiconductor
SearchFilterHost.exe 2,308 K 5,324 K 2472
services.exe 7,256 K 10,396 K 544
SkypeC2CAutoUpdateSvc.exe 1,384 K 4,896 K 396 Updates Skype Click to Call Microsoft Corporation
SkypeC2CPNRSvc.exe 1,916 K 5,076 K 1220 Phone Number Recognition (PNR) module Microsoft Corporation
smss.exe 700 K 1,284 K 272
sppsvc.exe 6,224 K 13,696 K 5132 Microsoft Software Protection Platform Service Microsoft Corporation
SRWUpdate.exe 5,392 K 11,900 K 2660
svchost.exe 2,752 K 6,208 K 3740 Host Process for Windows Services Microsoft Corporation
svchost.exe 1,828 K 4,868 K 3700 Host Process for Windows Services Microsoft Corporation
svchost.exe 1,968 K 5,572 K 2444 Host Process for Windows Services Microsoft Corporation
svchost.exe 13,992 K 15,372 K 1588 Host Process for Windows Services Microsoft Corporation
TrustedInstaller.exe 9,040 K 16,084 K 3956 Windows Modules Installer Microsoft Corporation
winampa.exe 1,168 K 4,428 K 3008 Winamp Agent Nullsoft, Inc.
wininit.exe 1,724 K 4,652 K 484
winlogon.exe 3,368 K 7,736 K 824
wlanext.exe 1,956 K 5,300 K 1444
WLIDSVCM.EXE 1,504 K 3,588 K 3120
wuauclt.exe 2,252 K 6,752 K 4532 Windows Update Microsoft Corporation
WUDFHost.exe 2,332 K 6,396 K 3908
iTunesHelper.exe < 0.01 5,068 K 13,644 K 2448 iTunesHelper Apple Inc.
SearchProtocolHost.exe < 0.01 2,684 K 7,932 K 8184
HD-LogRotatorService.exe < 0.01 11,676 K 8,428 K 1820 BlueStacks Log Rotator Service BlueStack Systems, Inc.
lsass.exe < 0.01 5,480 K 12,972 K 560 Local Security Authority Process Microsoft Corporation
wmpnetwk.exe < 0.01 13,580 K 12,052 K 4864 Windows Media Player Network Sharing Service Microsoft Corporation
spoolsv.exe < 0.01 8,708 K 15,348 K 1560 Spooler SubSystem App Microsoft Corporation
svchost.exe < 0.01 58,676 K 21,204 K 5284 Host Process for Windows Services Microsoft Corporation
HD-UpdaterService.exe < 0.01 16,596 K 16,024 K 1972 BlueStacks Updater Service BlueStack Systems, Inc.
PnkBstrA.exe < 0.01 1,244 K 4,340 K 2544
SteamService.exe < 0.01 6,192 K 8,696 K 3376 Steam Client Service Valve Corporation
csrss.exe < 0.01 2,288 K 4,652 K 404
WLIDSVC.EXE < 0.01 7,280 K 14,800 K 2648
steamwebhelper.exe 0.01 7,944 K 17,760 K 2764 Steam Client WebHelper Valve Corporation
iPodService.exe 0.01 2,596 K 6,900 K 3324 iPodService Module (64-bit) Apple Inc.
SearchIndexer.exe 0.01 42,568 K 30,712 K 3464 Microsoft Windows Search Indexer Microsoft Corporation
taskhost.exe 0.01 13,648 K 14,764 K 2052 Host Process for Windows Tasks Microsoft Corporation
svchost.exe 0.01 13,148 K 23,364 K 976 Host Process for Windows Services Microsoft Corporation
svchost.exe 0.02 14,920 K 16,416 K 1188 Host Process for Windows Services Microsoft Corporation
CCC.exe 0.02 98,148 K 19,108 K 3976 Catalyst Control Center: Host application ATI Technologies Inc.
svchost.exe 0.02 4,200 K 7,924 K 748 Host Process for Windows Services Microsoft Corporation
explorer.exe 0.03 45,760 K 65,792 K 2268 Windows Explorer Microsoft Corporation
AppleMobileDeviceService.exe 0.03 3,876 K 10,580 K 1764 MobileDeviceService Apple Inc.
svchost.exe 0.03 27,560 K 24,428 K 884 Host Process for Windows Services Microsoft Corporation
MOM.exe 0.03 27,668 K 6,440 K 3048 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
HD-Agent.exe 0.03 29,352 K 24,108 K 3068 BlueStacks Agent BlueStack Systems, Inc.
svchost.exe 0.04 22,884 K 39,364 K 1000 Host Process for Windows Services Microsoft Corporation
svchost.exe 0.08 8,872 K 16,440 K 4152 Host Process for Windows Services Microsoft Corporation
svchost.exe 0.09 4,976 K 9,884 K 672 Host Process for Windows Services Microsoft Corporation
dwm.exe 0.13 30,684 K 30,156 K 2204 Desktop Window Manager Microsoft Corporation
csrss.exe 0.20 3,608 K 10,028 K 520
Steam.exe 0.33 52,672 K 71,004 K 2492 Steam Client Bootstrapper Valve Corporation
Skype.exe 0.33 124,812 K 149,828 K 2600 Skype Skype Technologies S.A.
svchost.exe 0.49 188,296 K 200,148 K 924 Host Process for Windows Services Microsoft Corporation
svchost.exe 0.61 11,440 K 14,196 K 4344 Host Process for Windows Services Microsoft Corporation
SRWAgent.exe 0.62 67,584 K 61,468 K 2616 SRWAgent IgniteGT
Interrupts 0.75 0 K 0 K n/a Hardware Interrupts and DPCs
System 0.83 144 K 1,008 K 4
procexp64.exe 1.20 29,668 K 49,744 K 7020 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
audiodg.exe 1.67 30,092 K 28,252 K 624
iTunes.exe 2.03 86,920 K 118,132 K 2380 iTunes Apple Inc.
firefox.exe 9.72 855,904 K 825,872 K 760 Firefox Mozilla Corporation
System Idle Process 80.58 0 K 24 K 0
So far it's worked. The fix list seems to be what did it. What all is in the fix list? Did anything in particular catch your eye?
#6
Posted 26 July 2015 - 06:10 AM
-
- Expert
-
- 24,441 posts
Malware Expert
The top two lines in the fixlist were definitely malware:
HKU\S-1-5-21-278295415-4203223567-2615167640-1000\...\Run: [XCHSGQLLE] => rundll32 "C:\Users\Gunnar\AppData\Roaming\scriptov.dll",nmewpwtib
2015-05-21 11:23 - 2015-05-21 11:23 - 0192512 __RSH () C:\Users\Gunnar\AppData\Roaming\scriptov.dll
XCHSGQLLE is a random name as is nmewpwtib. Scriptov.dll may actually be a standard Visual Basic file used to run another file. Not sure about it as I got lots of hits but none at virustotal.com
SFC corrected user32.dll which may have also been involved.
The event logs are complaining about your hosts file. Let's fix it:
This is the easy way:
Download HostsXpert from http://www.majorgeek...hostsxpert.htmlSave the file then right click and Extract All. It will create a new folder in the same place. In the folder find HostsXpert.exe and right click on it and Run As Administrator.
It will take a few seconds to appear. If the top line in the left column says Make Writeable, click on it and it should change to Make Read Only? If it already says Make Read Only? that's OK just go on to the next step.
Now click on the left column entry that says: Restore MSHosts file. Click on the Make Read Only? entry then close HostXpert.
This is the hard way if the above doesn't work:
First make sure the files are visible.
Open the Control Panel menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button
Right click on the start and select Open Windows Explorer. Click on the arrow in front of Local Drive (C; )
Click on the arrow in front of Windows
Click on the arrow in front of System32 (You will have to scroll down a bit to see it)
Click on the arrow in front of Drivers
Click on etc. You should see hosts in the right pane
Right click on it and select Properties.
Click on Security
Click on Advanced
Click on Owner
Current Owner is usually System. Click on Edit.
You should see Administrators and also your user name in the Change Owner to box. Click on Administrators. OK, OK, OK , OK
This should close the Properties box. Right click on Hosts and select Properties again. Click on Security. Click on Edit.
Click on Users and then check the Full Control box and then Apply. Yes.
Click on Administrators and it should already have the Full Control checked.
OK OK
Now double click on hosts.
Click on Notepad and then OK.
It should open in notepad.
Normally the first stuff in a hosts files is:
Quote
# Copyright © 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
#
The " # " indicates a comment and means the line is ignored. In Win 7 there is normally nothing in the hosts file but comments.
You can delete everything but the comments. If there are no comments then just add one:
# comment
Then File, Save. It should not give you an error this time.
File, Exit.
You can reopen hosts to make sure it took. (You will have to click on Notepad again as hosts does not have an extension)
The other error is with your licensing. Is it complaining that you aren't registered?
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
