Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Multiple malware/adware programs keep installing, please help [Solved]


  • This topic is locked This topic is locked

#1
Alkalidum

Alkalidum

    Member

  • Member
  • PipPip
  • 64 posts

Hi there,

 

I've got some malware on my PC that keeps reinstalling itself, ive removed them all and they just keep coming back! Programs like GamesDesktop, WordSurfer, Smartweb, Flashbeat, CinemaPlus, Ive ran a scan with Avast, and also ran AdwCleaner but Avast found nothing and the cleaner removed some stuff but they still come back. Its also opening random webpages and just opened a video advert which i couldn't close. I've been removing them in control panel 'Uninstall or change a program'. It also appears to be changing my personal settings on startup, My Avast antivirus has been going crazy with reports of blocked files, this is the most recent one: 

 

URL: http://d10huri5h4o4a.../policyname.exeInfection:FileRepMalwareProcess:C:\Users\SPEEDX~1\AppData\Local\Temp\nsm2D2.tmp

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
Ran by Speed X8 (administrator) on SPEEDX8-PC (20-08-2015 21:51:52)
Running from C:\Users\Speed X8\Downloads
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\Speed X8\Downloads\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4318\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6087\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11858536 2011-06-07] (Realtek Semiconductor)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [697640 2010-02-10] (CyberLink Corporation.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-18] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [Mirroring360] => C:\Program Files (x86)\Mirroring360\Mirroring360.exe [9966416 2014-10-15] (Splashtop Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-20] (AVAST Software)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [mbot_gb_014010064] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010064] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [gmsd_gb_005010065] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010066] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-12] (Valve Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [IndieCity Client] => C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe -m
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-10] ()
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [GoogleChromeAutoLaunch_F1BA588C2AF109267478C15A136C8EC3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CrashService] => "C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk [2012-09-14]
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
Startup: C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-08-20]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-20] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:287a68907 /wow /dir:"C:\Program Files\AVAST Software\Avast"
CHR HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7O0TWFMUDQ_gyYd4DEhS0WK9MjVKTjgRyqZZDqO9KpdeU1sNdl_pEEUjtZF1sdkCIBHlp1Hy30d2og,,
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)
Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} -  No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{283D9FDB-27F4-4CC0-B300-A9CF3572C5A7}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{5FECFA46-5C30-449C-90BC-691D6E34E6C0}: [DhcpNameServer] 192.168.42.129
 
FireFox:
========
FF ProfilePath: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-12-10] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Speed X8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-12-10] (Pando Networks)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-20] ()
FF SearchPlugin: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\searchplugins\google-avast.xml [2015-08-20]
FF Extension: CinemaPlus-1.2.1V20.08 - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-08-20]
FF Extension: LastPass - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-08-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-12]
 
Chrome: 
=======
CHR Profile: C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-20]
CHR Extension: (Subscriptions Grid For YouTube™) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjhgnfnmijfkmcddcmffeamphmmeed [2015-08-20]
CHR Extension: (AdBlock) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-20]
CHR Extension: (Avast Online Security) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-20]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Speed X8\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.1.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-12]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-20] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-20] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-20] (Avast Software)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [938776 2013-05-17] (BitRaider, LLC)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
R2 cobomiku; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp [137728 2015-08-19] () [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-26] (EasyAntiCheat Ltd)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2928128 2012-11-19] (PACE Anti-Piracy, Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-15] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 dinofiky; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs [X]
S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-20] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-20] (AVAST Software)
R5 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-20] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-20] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-20] (AVAST Software)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-04-04] (BitRaider)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-03-16] ()
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-09-29] (MotioninJoy) [File not signed]
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-20] (AVAST Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 Tpkd; C:\Windows\System32\Drivers\Tpkd.sys [105624 2012-11-17] (PACE Anti-Piracy, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-20] (Avast Software)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
S1 idmzwpit; \??\C:\Windows\system32\drivers\idmzwpit.sys [X]
R1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-20 21:51 - 2015-08-20 21:52 - 00037106 _____ C:\Users\Speed X8\Downloads\FRST.txt
2015-08-20 21:51 - 2015-08-20 21:51 - 02173952 _____ (Farbar) C:\Users\Speed X8\Downloads\FRST64.exe
2015-08-20 21:51 - 2015-08-20 21:51 - 00000000 ___DC C:\FRST
2015-08-20 21:49 - 2015-08-20 21:49 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 21:49 - 2015-08-20 21:49 - 00001045 _____ C:\Users\Speed X8\Desktop\AnyProtect.lnk
2015-08-20 21:49 - 2015-08-20 21:49 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-20 21:45 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-20 21:45 - 2015-08-20 21:45 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsrEF14.tmp
2015-08-20 21:45 - 2015-08-20 21:45 - 00000000 __SHD C:\Users\Speed X8\AppData\Roaming\AnyProtectEx
2015-08-20 21:43 - 2015-08-20 21:43 - 00000000 ____D C:\Program Files (x86)\predm
2015-08-20 21:34 - 2015-08-20 21:39 - 00000348 ____H C:\Windows\Tasks\CPGIAIDSLMSETGHO.job
2015-08-20 21:34 - 2015-08-20 21:34 - 00004050 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-08-20 21:34 - 2015-08-20 21:34 - 00003388 _____ C:\Windows\System32\Tasks\CPGIAIDSLMSETGHO
2015-08-20 21:34 - 2015-08-20 21:34 - 00000000 ____D C:\Users\Speed X8\AppData\Local\SmartWeb
2015-08-20 21:33 - 2015-08-20 21:44 - 00000000 ____D C:\ProgramData\FlashBeat
2015-08-20 21:32 - 2015-08-20 21:32 - 00246100 _____ C:\Users\Speed X8\Downloads\Extras.Txt
2015-08-20 21:30 - 2015-08-20 21:30 - 00177820 _____ C:\Users\Speed X8\Downloads\OTL.Txt
2015-08-20 20:47 - 2015-08-20 20:42 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-20 20:46 - 2015-08-20 20:47 - 01605632 _____ C:\Users\Speed X8\Downloads\AdwCleaner (1).exe
2015-08-20 20:46 - 2015-08-20 20:46 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-20 20:44 - 2015-08-20 20:44 - 00602112 _____ (OldTimer Tools) C:\Users\Speed X8\Downloads\OTL.exe
2015-08-20 20:42 - 2015-08-20 20:42 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-08-20 20:34 - 2015-08-20 20:34 - 00000000 ____D C:\Users\Speed X8\Documents\ProcAlyzer Dumps
2015-08-20 10:00 - 2015-08-20 10:00 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsr895F.tmp
2015-08-20 09:42 - 2015-08-20 09:42 - 00001504 _____ C:\ProgramData\tempimage.bmp
2015-08-19 23:54 - 2015-08-11 02:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:54 - 2015-08-11 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 20:54 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150819-205448.backup
2015-08-19 19:55 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-19 19:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-19 19:50 - 2015-08-19 20:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-19 19:50 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2015-08-19 19:50 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-08-19 19:49 - 2015-08-19 19:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Speed X8\Downloads\spybot-2.4.exe
2015-08-19 19:28 - 2015-08-19 19:28 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nse5B1F.tmp
2015-08-19 18:46 - 2015-08-20 21:51 - 00000348 ____H C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job
2015-08-19 18:46 - 2015-08-20 21:43 - 00000000 ____C C:\dummy.htm
2015-08-19 18:46 - 2015-08-19 18:46 - 00003388 _____ C:\Windows\System32\Tasks\RVSCCJTAIRYAFTMB
2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291
2015-08-19 18:45 - 2015-08-19 18:45 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-19 18:42 - 2015-08-19 18:43 - 00000904 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-08-19 18:41 - 2015-08-19 18:51 - 00000270 _____ C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
2015-08-19 18:41 - 2015-08-19 18:41 - 00003154 _____ C:\Windows\System32\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}
2015-08-19 18:35 - 2015-08-19 18:56 - 00002192 _____ C:\Users\Speed X8\Desktop\chrome.lnk
2015-08-19 18:35 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-19 18:34 - 2015-08-19 20:51 - 00000000 ____D C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C
2015-08-19 18:32 - 2015-08-19 18:34 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\ProgramData\Baidu
2015-08-19 18:31 - 2015-08-19 18:41 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2015-08-19 18:31 - 2015-08-19 18:31 - 00003200 _____ C:\Windows\System32\Tasks\crash_service
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Speed X8\AppData\Local\MiniService
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\PC Faster
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-08-19 18:30 - 2015-08-19 18:40 - 00000000 ____D C:\ProgramData\Sublight
2015-08-19 18:30 - 2015-08-19 18:30 - 00000000 ____D C:\ProgramData\Sublights
2015-08-19 16:43 - 2015-08-19 16:43 - 00003206 _____ C:\Windows\System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF}
2015-08-19 16:40 - 2015-08-19 16:40 - 00000053 _____ C:\Windows\Directx.log
2015-08-19 16:26 - 1999-12-16 15:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe
2015-08-18 19:43 - 2015-08-18 19:43 - 00000000 _____ C:\Users\Speed X8\apploc.msi
2015-08-18 19:31 - 2015-08-18 19:31 - 01391104 _____ C:\apploc.msi
2015-08-18 19:19 - 2015-08-18 19:19 - 00003216 _____ C:\Windows\System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77}
2015-08-12 00:37 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:37 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:02 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:02 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:02 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:02 - 2015-07-15 19:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 19:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:02 - 2015-07-15 19:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 21:02 - 2015-07-15 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 21:02 - 2015-07-15 19:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 21:02 - 2015-07-15 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 21:02 - 2015-07-15 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 21:02 - 2015-07-15 18:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 18:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 21:02 - 2015-07-15 18:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 21:02 - 2015-07-15 18:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 21:02 - 2015-07-15 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 21:02 - 2015-07-15 18:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 21:02 - 2015-07-15 17:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 21:02 - 2015-07-15 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 21:02 - 2015-07-15 17:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:01 - 2015-07-21 01:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 21:01 - 2015-07-21 01:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 21:01 - 2015-07-16 21:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 21:01 - 2015-07-16 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 21:01 - 2015-07-16 21:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 21:01 - 2015-07-16 21:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 21:01 - 2015-07-16 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 21:01 - 2015-07-16 20:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 21:01 - 2015-07-16 20:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 21:01 - 2015-07-16 20:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 21:01 - 2015-07-16 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 21:01 - 2015-07-16 20:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 21:01 - 2015-07-16 20:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 21:01 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 21:01 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 21:01 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 21:00 - 2015-07-30 17:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 21:00 - 2015-07-30 17:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 21:00 - 2015-07-30 17:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 21:00 - 2015-07-16 21:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 21:00 - 2015-07-16 21:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 21:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 21:00 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 21:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 21:00 - 2015-07-16 21:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 21:00 - 2015-07-16 20:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 21:00 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 21:00 - 2015-07-16 20:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 20:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 21:00 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 21:00 - 2015-07-16 20:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 21:00 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 21:00 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 21:00 - 2015-07-15 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 04:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 21:00 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 20:59 - 2015-07-20 18:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 20:59 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 20:59 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 20:59 - 2015-05-09 19:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-27 17:52 - 2015-07-27 17:52 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (9).plr
2015-07-26 18:19 - 2015-07-26 18:19 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (8).plr
2015-07-26 18:17 - 2015-07-26 18:17 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (7).plr
2015-07-26 18:13 - 2015-07-26 18:13 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (6).plr
2015-07-26 18:11 - 2015-07-26 18:11 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (5).plr
2015-07-26 18:05 - 2015-07-26 18:05 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (4).plr
2015-07-26 18:04 - 2015-07-26 18:04 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (3).plr
2015-07-26 17:54 - 2015-07-26 17:54 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (2).plr
2015-07-26 17:47 - 2015-07-26 17:47 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (1).plr
2015-07-23 16:23 - 2015-07-23 16:23 - 00000000 ____D C:\Users\Speed X8\AppData\Local\CEF
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-20 21:50 - 2014-01-14 15:08 - 00000000 ____D C:\Users\Speed X8\AppData\Local\Battle.net
2015-08-20 21:42 - 2013-11-08 13:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-20 21:33 - 2012-12-10 23:14 - 00000000 ____D C:\Users\Speed X8\AppData\Local\PMB Files
2015-08-20 21:29 - 2013-03-16 17:46 - 00000392 _____ C:\Windows\Tasks\WpsUpdateTask_Speed X8.job
2015-08-20 21:16 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-20 21:16 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-20 21:14 - 2012-03-14 14:10 - 01810232 _____ C:\Windows\WindowsUpdate.log
2015-08-20 21:03 - 2012-06-03 15:43 - 00000000 ____D C:\Users\Speed X8\AppData\Local\LogMeIn Hamachi
2015-08-20 21:02 - 2012-03-15 14:37 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-20 21:01 - 2014-12-30 20:48 - 00057116 _____ C:\Windows\setupact.log
2015-08-20 21:01 - 2013-11-08 13:06 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-20 21:01 - 2012-03-14 14:11 - 00001317 _____ C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-20 21:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-20 21:01 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-20 21:00 - 2014-12-31 11:41 - 00594710 _____ C:\Windows\PFRO.log
2015-08-20 21:00 - 2012-03-14 14:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-20 20:59 - 2012-03-30 13:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-20 20:58 - 2014-08-29 10:37 - 00000000 ___DC C:\AdwCleaner
2015-08-20 20:58 - 2013-11-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-20 20:58 - 2012-03-17 22:39 - 00000000 ____D C:\Program Files (x86)\Norton Safe Web Lite
2015-08-20 20:48 - 2015-05-07 16:37 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-20 20:48 - 2015-03-12 17:48 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-20 20:43 - 2015-03-12 17:48 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-08-20 20:35 - 2012-03-15 14:26 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{767B4E75-0A22-454C-8045-6C88693109B7}
2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-19 23:24 - 2012-03-17 21:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Mumble
2015-08-19 18:55 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-19 18:33 - 2015-04-19 12:30 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieBrowserModeList
2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieUserList
2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieSiteList
2015-08-19 16:34 - 2014-01-14 15:10 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-19 16:32 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-18 21:46 - 2015-05-13 19:52 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\uTorrent
2015-08-18 19:43 - 2012-03-14 14:10 - 00000000 ____D C:\Users\Speed X8
2015-08-14 21:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-08-14 20:32 - 2012-03-15 06:04 - 00000000 ____D C:\Windows\Panther
2015-08-14 20:28 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-12 10:22 - 2009-07-14 05:45 - 00290992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 10:19 - 2014-12-12 17:17 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 10:19 - 2014-05-07 00:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 00:37 - 2013-03-14 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 00:32 - 2014-08-29 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 00:26 - 2014-08-29 11:22 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:59 - 2012-03-30 13:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 21:59 - 2012-03-30 13:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 21:59 - 2012-03-22 20:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-10 11:07 - 2015-04-24 10:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-10 10:36 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-04 10:48 - 2012-06-03 15:42 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-03 12:12 - 2012-06-28 11:58 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-31 18:45 - 2014-05-17 18:29 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\.minecraft
 
==================== Files in the root of some directories =======
 
2015-05-23 23:43 - 2015-05-23 23:43 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-06-17 18:22 - 2013-06-17 18:21 - 0001160 _____ () C:\Users\Speed X8\AppData\Roaming\mods - Shortcut.lnk
2014-06-28 18:47 - 2015-04-25 22:19 - 0002031 _____ () C:\Users\Speed X8\AppData\Roaming\SpeedRunnersLog.txt
2015-04-25 22:20 - 2015-04-25 22:21 - 0002608 _____ () C:\Users\Speed X8\AppData\Roaming\TargetInvocationLog.txt
2013-06-17 18:22 - 2013-06-17 18:23 - 0047104 ___SH () C:\Users\Speed X8\AppData\Roaming\Thumbs.db
2013-09-30 09:34 - 2013-09-30 09:34 - 0000097 _____ () C:\Users\Speed X8\AppData\Roaming\WB.CFG
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\Speed X8\AppData\Local\datos.txt
2015-08-19 19:28 - 2015-08-19 19:28 - 0613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nse5B1F.tmp
2015-08-20 10:00 - 2015-08-20 10:00 - 0613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsr895F.tmp
2015-08-20 21:45 - 2015-08-20 21:45 - 0613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsrEF14.tmp
2015-04-25 14:36 - 2015-04-25 14:36 - 0006605 _____ () C:\Users\Speed X8\AppData\Local\recently-used.xbel
2012-09-11 14:37 - 2012-07-13 14:37 - 0000032 ____R () C:\ProgramData\hash.dat
2014-08-31 23:22 - 2014-08-31 23:22 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-08-20 09:42 - 2015-08-20 09:42 - 0001504 _____ () C:\ProgramData\tempimage.bmp
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
 
 
Some files in TEMP:
====================
C:\Users\Speed X8\AppData\Local\Temp\fsd2A6A.exe
C:\Users\Speed X8\AppData\Local\Temp\fsd5D6B.exe
C:\Users\Speed X8\AppData\Local\Temp\fsd9B74.exe
C:\Users\Speed X8\AppData\Local\Temp\fsdAB6C.exe
C:\Users\Speed X8\AppData\Local\Temp\sqlite3.dll
C:\Users\Speed X8\AppData\Local\Temp\Uninstall.exe
C:\Users\Speed X8\AppData\Local\Temp\vau22C4.tmp.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-14 21:22
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-08-2015
Ran by Speed X8 (2015-08-20 21:52:21)
Running from C:\Users\Speed X8\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-975855429-1586840072-3018677650-500 - Administrator - Disabled)
Guest (S-1-5-21-975855429-1586840072-3018677650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-975855429-1586840072-3018677650-1003 - Limited - Enabled)
Speed X8 (S-1-5-21-975855429-1586840072-3018677650-1000 - Administrator - Enabled) => C:\Users\Speed X8
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
µTorrent (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
AChat 1.18 (HKLM-x32\...\AChat_is1) (Version:  - AChat Animation Studios)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Airline Tycoon 2 (HKLM-x32\...\Steam App 201490) (Version:  - )
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Antares Auto-Tune 7 VST (HKLM\...\{8E7715AA-E19B-44E8-AE4C-FB5B37B7E2D9}) (Version: 7.05.0004 - Antares Audio Technologies)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARMA 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2 Dedicated Server (HKLM-x32\...\Steam App 33905) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead - Dedicated Server (HKLM-x32\...\Steam App 33935) (Version:  - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Auto-Tune EFX 2 (HKLM\...\{CCF89E7D-8BFC-4B3C-8C9C-8C4E9EF8BA45}) (Version: 2.1 - Antares Audio Technologies)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)
Bloody Trapland (HKLM-x32\...\Steam App 257750) (Version:  - 2Play)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnInTest v7.0 Pro (HKLM\...\BurnInTest_is1) (Version: 7.0 - Passmark Software)
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version:  - Stainless Games Ltd)
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Crawl (HKLM-x32\...\Steam App 293780) (Version:  - Powerhoof)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3721 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.6210 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1423 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3518.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{BAD8395E-CE31-44AA-B9FE-A14FCD0ABE4A}) (Version: 0.9.110 - Dotjosh Studios)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
DUNGEONS - Steam Special Edition (HKLM-x32\...\Steam App 57650) (Version:  - Realmforge Studios)
DUNGEONS - The Dark Lord (Steam Special Edition) (HKLM-x32\...\Steam App 200550) (Version:  - )
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - )
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Easy Tune 6 B11.0630.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FaceTrackNoIR version 1.7 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7 - FaceTrackNoIR Team)
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeTrack v2.2.0.279 (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\FreeTrack v2.2.0.279) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - )
FrostWire 5.3.5 (HKLM-x32\...\FrostWire 5) (Version: 5.3.5.0 - FrostWire Team)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game Dev Tycoon version 1.3.2 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.2 - Greenheart Games Pty. Ltd.)
GameFly (HKLM-x32\...\GameFly) (Version: 1.2.378 - GameFly, Inc.)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Gang Beasts (HKLM-x32\...\Steam App 285900) (Version:  - Boneloaf)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version:  - Positech Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hidden in Plain Sight (HKLM-x32\...\Steam App 303590) (Version:  - Adam Spragg)
Hyrule Total War 3 Patch (HKLM-x32\...\{90D07AB1-663A-4F45-8BB8-E0763C8C8D1A}) (Version: 1.0.0 - Parallel Process)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java™ 6 Update 39 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416039FF}) (Version: 6.0.390 - Oracle)
Java™ 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
join.me (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\JoinMe) (Version: 1.17.1.162 - LogMeIn, Inc.)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
Kingsoft Spreadsheets  (8.1.0.3030) (HKLM-x32\...\Kingsoft Spreadsheets) (Version: 8.1.0.3030 - Kingsoft Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Magic The Gathering Online  (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\9f2df17776476c05) (Version: 3.4.77.332 - Wizards of the Coast)
Magic: The Gathering - Duels of the Planeswalkers (HKLM-x32\...\Steam App 49400) (Version:  - Stainless Games Ltd)
March of War: Face Off (HKLM-x32\...\Steam App 323900) (Version:  - ISOTX)
Marvel Heroes (HKLM-x32\...\marvelheroesbeta) (Version: 1.8.0.302 - Gazillion Entertainment)
Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version:  - )
Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version:  - )
Mashed (HKLM-x32\...\Steam App 281280) (Version:  - Supersonic Software)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version:  - The Creative Assembly)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Mirroring360 (HKLM-x32\...\{2143C7CF-6CBA-4513-AC73-D410DEC57BFC}) (Version: 1.2.0.4 - Splashtop Inc.)
MNR -2litres - Horndean (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\MNR -2litres - Horndean) (Version:  - )
Mobiloid Demo (HKLM-x32\...\IndieCity-{43591a95-bcfd-478c-86ca-003a99d5ae0b}) (Version:  - Montrezina)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-GB)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
NBTExplorer (HKLM-x32\...\{06107EDA-5B85-4CEC-AB1E-8350DEC15231}) (Version: 2.7.4.0 - Justin Aquadro)
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version:  - Bugbear)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version:  - Bugbear)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Orcs Must Die 2 Workshop Tool (HKLM-x32\...\Steam App 242150) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22479 - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version:  - PopCap)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version:  - PopCap)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version:  - PokerStars.uk)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version:  - )
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix) <==== ATTENTION
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
RPG Maker XP (HKLM-x32\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
SecondLifeBetaViewer (remove only) (HKLM-x32\...\SecondLifeBetaViewer) (Version:  - )
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - )
Shatter (HKLM-x32\...\Steam App 20820) (Version:  - Sidhe)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
Silent Storm (HKLM-x32\...\Steam App 254960) (Version:  - Nival)
Silent Storm Sentinels (HKLM-x32\...\Steam App 254980) (Version:  - )
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7016 - Six Projects)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
TerraTech Demo (HKLM-x32\...\Steam App 313990) (Version:  - Payload Studios)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version:  - Creative Assembly)
Towns (HKLM-x32\...\Steam App 221020) (Version:  - )
Toy Soldiers (HKLM-x32\...\Steam App 98300) (Version:  - Signal Studios)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version:  - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Ino-Co Plus)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10650 - WinZip Computing, S.L. )
Wizorb (HKLM-x32\...\Steam App 207420) (Version:  - )
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version:  - Team17)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
19-08-2015 18:40:43 Windows Defender Checkpoint
19-08-2015 23:54:21 Windows Update
20-08-2015 20:40:11 avast! antivirus system restore point
20-08-2015 20:49:10 Device Driver Package Install: Avast Network Service
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2015-08-19 20:54 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04AEBEC7-7A68-4592-8A41-65A436199A00} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {0793DEB0-D40C-4788-9C44-C530DE22B040} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {1531C316-5DD4-43F5-8BB7-D1094259E97B} - System32\Tasks\{286FED16-89AD-41FA-B336-C878763B2EBC} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {1C28571E-B8F9-4751-9B62-5DCACC1EBBE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1D855AD1-E04A-4E97-B733-8256DD0834C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {335296FD-CB04-489C-9898-B29B4A19CAF4} - System32\Tasks\RVSCCJTAIRYAFTMB => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: {351EED9F-F898-461A-8A89-2F1F96EAE91B} - System32\Tasks\{015CF1CB-F6C9-49FB-A90E-982A10B08A69} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {45A77E71-D2FC-4752-98D7-6768701A40B2} - System32\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200} => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe [2015-06-16] ()
Task: {49CB8988-1A24-440D-88C0-19C4AFBEC1BC} - System32\Tasks\{0807DA71-B6F4-49B9-BBB0-E0854F2ABFC0} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {69C2FB89-A68C-41D5-B6A8-AF1028C409C0} - System32\Tasks\{9289B819-C4CD-43A3-953F-675C1133513F} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {6E04465B-6C12-4E56-93B0-2AB6FB9A0C7A} - System32\Tasks\{A03ADA05-3C49-42AF-9AA8-4F4D4799D68B} => pcalua.exe -a "C:\Users\Speed X8\Downloads\HorndeanRX.exe" -d "C:\Users\Speed X8\Downloads"
Task: {7FD075DA-E5A1-4DD6-BB1C-AEFB8DBF07C1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {83D175D2-F77D-4A18-AF1E-FF5C3F70A2A7} - System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF} => pcalua.exe -a "C:\Users\Speed X8\Desktop\New folder (2)\BUNNYUST.EXE" -d "C:\Users\Speed X8\Desktop\New folder (2)"
Task: {8B4EF551-A928-422A-87B8-8D606236BDED} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {8D60D829-1425-4384-A7E6-12B8056DB5F5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {9473A819-07C7-4DE4-A5A9-D2E85121F58B} - System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => pcalua.exe -a "C:\Users\Speed X8\Desktop\JX^€Ch3D\Installer.exe" -d "C:\Users\Speed X8\Desktop\JX^€Ch3D"
Task: {97A20080-6D51-4DD1-8B9C-3A2F118F0613} - System32\Tasks\crash_service => C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe
Task: {9876CA81-F86B-4066-ADAF-F2113D0B9E96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {99E4B1C5-560A-4A7C-9F29-8AD8C308D0C0} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {9A166EB4-E047-4F95-A1D7-3E93A73322C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A06419F4-D3A9-4255-A4FA-72451E12A59B} - System32\Tasks\{35EFDB9A-0F99-4935-81C2-571069624150} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1075-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {AA6DB421-83C3-446D-B99F-6F4D648F5C9C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {B2760364-CF81-4BDB-B568-B1ABF51C49AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {B4B6995A-60FD-4CF8-9BDE-CDE10962C7B2} - System32\Tasks\{94946A22-1B4E-4768-8F4C-08540FEB21F6} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {C2CE4F4E-BE46-41CF-BBB8-EBE279108B47} - System32\Tasks\{9D8E0C13-765B-4D19-BC69-2137BE3AABFB} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {C76EF0BB-5A14-45D7-989E-64E242B30425} - System32\Tasks\CPGIAIDSLMSETGHO => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: {CFB3BA4B-8C6A-4783-BB44-B320D35B5063} - System32\Tasks\{1A4338B1-89FF-4018-B394-19B364430E88} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {DD959D27-44EE-4B06-A828-F9132D437B3B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {F1CF0726-424C-4A74-BF6A-D135AFABC4CE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FBF6EAD0-1555-45C6-8525-F36E7BE6394E} - System32\Tasks\{49BC5B3B-F531-493B-BB3D-34464A9E50E3} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {FC6E5ED8-4083-42BD-B512-A8100B08055E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-20] (AVAST Software)
Task: {FC88C451-A7A0-4EA4-94B3-E6F839EEA182} - System32\Tasks\WpsUpdateTask_Speed X8 => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe [2013-06-05] (Kingsoft Corp. Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\CPGIAIDSLMSETGHO.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\WpsUpdateTask_Speed X8.job => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe
Task: C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job => C:\ProgramData\ToolsUpdatePlatform\CallBackInstall.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-04-08 00:19 - 2015-05-12 04:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-03-14 14:51 - 2012-03-14 14:51 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2015-08-19 18:35 - 2015-08-19 18:35 - 00137728 _____ () C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp
2015-08-19 17:12 - 2015-08-19 17:12 - 00761344 _____ () C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs
2013-08-15 18:59 - 2013-08-15 19:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-20 20:44 - 2015-08-20 20:44 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-20 20:25 - 2015-08-20 20:25 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15082001\algo.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 19:50 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-19 19:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-19 19:50 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-05-26 17:09 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-12 18:10 - 2015-07-03 17:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 18:59 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-21 18:59 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 18:59 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 09:05 - 2015-08-12 19:26 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-03-15 14:39 - 2015-08-12 19:26 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 16:19 - 2015-07-27 02:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-03-14 14:18 - 2010-02-09 11:52 - 33735976 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-03-12 17:47 - 2015-03-12 17:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-15 14:39 - 2015-07-03 17:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-13 21:11 - 2015-08-08 01:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 21:11 - 2015-08-08 01:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libcef.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libGLESv2.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\platforms\qwindows.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libEGL.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qgif.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qico.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qjpeg.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qmng.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qsvg.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qtiff.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick.2\qtquick2plugin.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-14 13:06 - 2015-08-14 13:06 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQml\Models.2\modelsplugin.dll
2015-03-12 17:47 - 2015-03-12 17:47 - 00985600 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{E528057C-938E-43E5-9FDB-DE2DB07E55C5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{6251B399-2E05-4524-AB2D-16BAA99A18B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{73764358-75E6-49C5-B778-2F5E79DEAD2B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{5F997292-EECE-47EE-834C-FC5CC8261ED1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{7A98A401-F656-43CF-ADD7-474C02C47119}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9801C62-DA99-434D-888A-A9839046872F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DAB9FCF2-1FCA-4961-9754-6474889D26A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2B552B55-8EBE-4A51-A64D-C2108407E473}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B0AFD7DC-72AA-46C0-A5F3-F30D34B2F92B}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{40988CBB-CB4D-4C26-AC50-82FBCBF5BB63}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
FirewallRules: [{AEC7A404-E3AC-47FF-8505-D9EFFAE166A5}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{684F9C77-810C-42B5-B728-D8DBB2B216C4}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
FirewallRules: [{1BC0D7DC-E56D-462E-A900-27AAC6ABC0A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe
FirewallRules: [{D2E23F12-50C1-491F-9C53-F8E0397FC229}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe
FirewallRules: [TCP Query User{A24F3768-42C7-4ABB-8913-215FB62ED5E7}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [UDP Query User{A324D5D7-F8E0-42AD-A41D-3738AC7116DC}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe
FirewallRules: [{B94848B4-9263-4EB0-A42C-CD24CF09E5F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle nights\PeggleNights.exe
FirewallRules: [{F3AC4BCC-658F-4FEC-9F6D-B81A9A63E244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle nights\PeggleNights.exe
FirewallRules: [{CA5BE3A8-FCBA-4D10-B35C-376383450C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle deluxe\Peggle.exe
FirewallRules: [{C87364C5-45F9-4C50-8FD5-1AD495EDFFFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\peggle deluxe\Peggle.exe
FirewallRules: [{598D987C-49F0-4C2F-B634-EC7499EC608E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [{BEF6952D-72FC-488D-87D5-40A69EA5A0DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [{87239FFA-84AF-4B52-B4F3-A49D63D726A9}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{372E8EBA-FE3F-4FC6-9296-5852FAE43DC8}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{B8CC3937-7D5A-4747-ABBC-EB6E31276238}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine 2\trine2_launcher.exe
FirewallRules: [{D33B91CB-8EDF-4A7A-A11B-A8F2A45C72AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine 2\trine2_launcher.exe
FirewallRules: [{0C69FB8B-677A-4121-B0FE-899C0F4136C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe
FirewallRules: [{17FF37B5-3D21-48E9-8338-822E14FC3420}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\plants vs zombies\PlantsVsZombies.exe
FirewallRules: [{09C4CA9C-2161-4866-8EBE-2DE940EDE10C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{AA471F03-DFF3-4A4B-AF7A-5BE0BD546B9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{3D497F1D-4F6E-4938-B7CB-8129190003FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{0AC8134E-E4E1-4798-BA2D-2E8EFBA08CE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{D4ECE4E7-6A7B-41D4-93BA-43149EABAB29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{79EE4150-24C1-446B-9939-E12CC61BA27B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{81FB0055-963A-4313-B249-2D93D43852A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{D319466C-B564-42B5-BC8C-E31358A90A68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{D848B8F7-F80E-44C9-93ED-835C017AF3C3}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{214DB58C-E1CE-4FA7-8A04-3C7D6FFA9364}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{8F1B5865-BA7D-4894-834C-199109987DB9}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{7A6811ED-8D77-4F05-B725-6D31C93DFD77}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{C4F2FFCB-125E-4E11-97AE-B35202FC499A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons - the dark lord\DungeonsTheDarkLord.exe
FirewallRules: [{71C17031-D20B-4B01-BE7F-87553E76F5D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons - the dark lord\DungeonsTheDarkLord.exe
FirewallRules: [{90EA8C20-08AD-4E2E-8311-15E1C3B881B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe
FirewallRules: [{30444B52-5E3A-46DA-B89B-7338290AFCED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe
FirewallRules: [TCP Query User{A36B116F-0620-472F-BB34-AA3FF2426B9C}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe
FirewallRules: [UDP Query User{87E5210C-BEEE-412F-B6BF-1DC7A3BA820A}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe
FirewallRules: [{4741DF63-ED9A-4A00-9D67-A917BB0868D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe
FirewallRules: [{64019E3D-2F8B-4E99-A7BC-B8054BAC9738}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe
FirewallRules: [TCP Query User{077BF817-C025-4E9A-9620-5F899ACE6C30}C:\program files (x86)\secondlifebetaviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifebetaviewer\slvoice.exe
FirewallRules: [UDP Query User{A4EB5F72-2EE4-43CB-9845-AA43D860AA55}C:\program files (x86)\secondlifebetaviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifebetaviewer\slvoice.exe
FirewallRules: [{C99FC08B-3B71-4E35-BAA4-CFD0B3F79E34}] => (Block) C:\program files (x86)\secondlifebetaviewer\slvoice.exe
FirewallRules: [{879110A5-38AE-4077-B685-577D8AB13B88}] => (Block) C:\program files (x86)\secondlifebetaviewer\slvoice.exe
FirewallRules: [{E575ABBC-6C4D-42BB-907A-E7D3762332D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\ArmA2Server.exe
FirewallRules: [{A864C873-1A66-4DDB-B82A-76E7FFD19816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\ArmA2Server.exe
FirewallRules: [TCP Query User{8292376D-A88B-4F95-9A98-15F7D9A061F0}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [UDP Query User{73582DA1-8A47-40D6-8B02-66DEAC88F241}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [{69B44F26-3ACF-4CDE-8437-79C34963C180}] => (Block) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [{5F476CE7-8207-48C4-A269-B445D35C61B9}] => (Block) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [TCP Query User{CBDB5335-0DAF-4A15-8DB3-657F6F26159A}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{4E6DFED7-2CC6-45D8-8A71-E00CF660B37A}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{95D80433-3510-42F3-BB11-C233E1DF5CB1}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{2F847598-EA42-4CC8-8E04-28D645A06293}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{198C3164-239C-4E06-BC61-89971A0D82AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\from dust\From_Dust.exe
FirewallRules: [{275CBB66-ECD4-4BF6-8A0E-CB1924363A15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\from dust\From_Dust.exe
FirewallRules: [{F90ECF64-35BA-4621-AECF-C3DDE10F0A7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CE449A65-F301-42D7-A695-F07CDBD921B6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F0A3E8D1-4D4D-489D-A768-CBFB29BBEAD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead island\DeadIslandGame.exe
FirewallRules: [{5127CAA5-41B6-4363-9806-429E0133E16B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead island\DeadIslandGame.exe
FirewallRules: [{5D09925B-6BEF-4213-B203-19EBC4454463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\airline tycoon 2\AirlineTycoon2.exe
FirewallRules: [{39A5DCD4-5810-4416-89C6-2AF8E50E490A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\airline tycoon 2\AirlineTycoon2.exe
FirewallRules: [{7DCF813C-79CA-445E-A783-BCC8CBD1D779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{C5F0EEA0-A371-4762-B4C0-2A0F79F89365}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{F9F9A128-F0F1-4A3A-A176-078818EFDB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ARMA2OASERVER.exe
FirewallRules: [{958C4895-6DA1-43F5-B352-374A522051E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ARMA2OASERVER.exe
FirewallRules: [TCP Query User{DA829A1A-B491-429E-8EA5-8389387D4B92}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{A68E2D27-94ED-4590-A8AD-80AE8673F81E}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{7A0427AD-1746-4E19-AE73-47DAD27541E1}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{33F03766-FD38-4A68-B673-160573F4B9FC}] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{F638FE09-D09E-41FA-BFC9-BDAB1C80060D}C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe
FirewallRules: [UDP Query User{F424E7E4-3B80-4E8E-A731-C5DC7822C995}C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\garrysmod\hl2.exe
FirewallRules: [TCP Query User{D85B16B3-9136-46F2-9ACA-A86663FDE5CD}C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{A28F650A-3E3F-4819-8B8A-6D19ABFF92E4}C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe
FirewallRules: [{FBDB8585-4862-4AE6-94AD-2E1C041B6842}] => (Block) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe
FirewallRules: [{AB4E649F-87A1-4DD0-B02C-F954FC0C9621}] => (Block) C:\program files (x86)\steam\steamapps\kris008\team fortress 2\hl2.exe
FirewallRules: [{7FD37894-C299-4D54-B497-63C4E0CF65F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{EF6EDE81-1390-4A3E-AEB5-A1A8569EF5D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{A719665A-5F20-4F74-BBD3-BD849D7005BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{BA62F06B-229A-4B50-929A-08A752BD4AD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{C62980B4-0813-40A5-B44D-8E04D4ADC2FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [{AC5AFB59-1543-4B1D-B0F4-420C5B2AC311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\_runA2CO.cmd
FirewallRules: [{083A221A-6762-44BB-9E87-4A3FF583C41B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [{4B4C8B26-35AC-4FDB-AD01-20384F45173C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons of dredmor\Dungeons of Dredmor.exe
FirewallRules: [TCP Query User{4FF13148-A91C-4680-9786-E60049155474}C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe] => (Block) C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe
FirewallRules: [UDP Query User{AA519D95-9E77-4DC1-B9F8-C56AB35180C9}C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe] => (Block) C:\program files (x86)\indiecity\client\bin\x86\iceclient.exe
FirewallRules: [{3606515F-90B4-4A78-9546-A4A9529C9082}] => (Allow) C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe
FirewallRules: [{350C5DF1-D04F-4618-829D-11D45F3E080B}] => (Allow) C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe
FirewallRules: [TCP Query User{DF20C7A4-1067-44EB-8402-C7BE0E951F19}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{FC9EBFB6-2B6B-4616-B6CB-328BE920F890}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{100F005F-6756-4B25-B209-9249E100E859}] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{BD453B11-24B0-42C3-A9A4-2CC3E673A199}] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{9A48845A-50BC-44CA-BFFB-D949AE112A62}C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe
FirewallRules: [UDP Query User{A4AEE893-3EA6-49E8-AB51-152DE95E7B1B}C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe
FirewallRules: [{2442FDFA-90D0-4F37-91A7-3B032C4452BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\Shatter.exe
FirewallRules: [{DE4B2D7E-06EE-45F6-AAFB-679CADFFE405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\Shatter.exe
FirewallRules: [{F8597131-04CA-4115-A10B-1C2C70A9AEA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{72C3CAE2-52F0-4D62-BAE4-E86D5DFD28E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe
FirewallRules: [{CBAA0881-C5E4-4916-8FB2-0CD6DF1F8005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\space pirates and zombies\SpazGame.exe
FirewallRules: [{28582270-3D5F-4465-A315-E08DEDAC93F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\space pirates and zombies\SpazGame.exe
FirewallRules: [{CBECC7B5-5F7C-488E-ABE6-F1ACAC738BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wizorb\Wizorb.exe
FirewallRules: [{4B206748-B7EB-475D-817F-A5A9E78F63BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wizorb\Wizorb.exe
FirewallRules: [{657716B7-8F63-4681-9B49-69450EE1244A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe
FirewallRules: [{C3480F27-CA3F-4042-B8DE-EC9F96C80347}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe
FirewallRules: [TCP Query User{8638BEBF-D6BB-4A3D-940B-71D327798158}C:\users\speed x8\appdata\local\temp\gw2.exe] => (Allow) C:\users\speed x8\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{0A2E5C14-FD5C-49AD-AB83-D8BC9B5E6C4C}C:\users\speed x8\appdata\local\temp\gw2.exe] => (Allow) C:\users\speed x8\appdata\local\temp\gw2.exe
FirewallRules: [{F13A9907-ADB8-439C-9A1B-51A9CAB19551}] => (Block) C:\users\speed x8\appdata\local\temp\gw2.exe
FirewallRules: [{16F4EB16-620A-4F90-B433-AFFE2F8ED33F}] => (Block) C:\users\speed x8\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{405DAC53-B724-4FC8-B907-87F685FBF37D}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{3FE24075-455A-40AF-AD65-73BD3D728D90}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{01B9AB47-937F-4A79-BC13-FCCF56C01061}] => (Block) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{36C655D9-0D00-4960-8B74-2ED2936AAFE4}] => (Block) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{FED821C4-76BE-457A-BF47-4ED3B00A0E70}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{3D47478E-D003-4EB1-80B8-314F46B0FEC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1286E20-EFDB-4E34-8B6B-38EDAC4679BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8529D80E-E998-45AD-90C1-ABDC71026C53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{21514D57-CCE0-418E-9605-2B778CF9EE58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5C53228F-1AE0-49E2-B52B-2866F31122DA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{C59CFCA2-CD39-49DD-8E91-84A09DD9A21E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird.exe
FirewallRules: [{2CDC07C8-2878-40AC-BE17-488B8BCE6E0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird.exe
FirewallRules: [{2ABA7FDD-BAC0-4E8A-A505-5B9E57C03A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [{FC08FC34-4C34-4500-BC5E-878F761446AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [{D0826730-9FD9-4632-9768-D596AC669976}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{BE2272B1-68CE-480A-87F8-3B8F92C3AC9A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{07116D36-7BC2-4F82-AA82-2D68FC25BD5F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{1984E1A3-8A59-4512-8AD1-3B69C06D1ABC}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{448C8022-A39D-47C2-AD24-4FC5B4A12F06}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{83712844-530D-4ABF-8E38-BBB9031582D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{63C35C25-84EF-4924-8BC7-40C80C73D7CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe
FirewallRules: [{8384E5C1-A993-4B6A-99B8-C386433F58D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\GameSW.exe
FirewallRules: [{3E2F3AC1-8471-4CC5-9CFC-CAD126F83714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\GameSW.exe
FirewallRules: [{DDD902CC-7699-4CED-A44B-56694183F6D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\Game.exe
FirewallRules: [{24E683CB-B304-4D98-A36E-E9BA969F2EE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\toy soldiers\Game.exe
FirewallRules: [{808ABDC5-4590-437F-B6A7-C701B41978EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\arma2.exe
FirewallRules: [{16E5E465-B7E8-4569-89DA-56DDBDFAC2EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2\arma2.exe
FirewallRules: [TCP Query User{29FDB839-F6CC-472C-904B-7C2F14339DE4}C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Block) C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [UDP Query User{5A2A8E37-45C7-496D-BE09-8C7E804CFFBF}C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Block) C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{1923415C-CC72-47BB-9713-A43B8F89B670}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{2D9FFB76-F6C6-48CD-A390-BF9FBC33E247}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{C20EE5BC-DF72-4809-B867-CBDCEA037098}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\worms reloaded\WormsReloaded.exe
FirewallRules: [{562DA249-1BB8-48D3-855C-F09FCE975357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\worms reloaded\WormsReloaded.exe
FirewallRules: [{3DDD924A-455E-41D9-87DC-F4CCFEB548BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\game_launcher.exe
FirewallRules: [{BA19D18B-CB9A-4180-B96E-BF8C7C587B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\saints row the third\game_launcher.exe
FirewallRules: [{E4B1FF1A-B219-4CCF-A96E-AC6245398747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{B67784C8-D022-4A11-8BFC-A22D1F18B02E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{111DBB15-1475-465D-88B1-0167A05DBFBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6A90F568-3A46-416E-AF2B-EBA76F1B0E7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{4F4670A8-CF94-4B52-B3CE-837CEDE5D125}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gratuitous Space Battles\GSB.exe
FirewallRules: [{03B270D7-C6D3-4969-B59A-80F91F3AEC53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gratuitous Space Battles\GSB.exe
FirewallRules: [{7B0277C8-FBE8-486B-8D8A-C2A8ADDA4993}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{96CF3274-6B91-40A7-96FD-AC19EF12B8DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{E28DA886-1C26-457F-86BC-BA549A99847A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{871FF7BB-ACB6-4917-B674-689521F7B8B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{E5F5EFC8-5005-49DD-87DB-2B5D66E21556}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2 Workshop Tool\build\modtool\workshop.exe
FirewallRules: [{63EE1B6E-A7AB-402F-A237-742926CB11B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2 Workshop Tool\build\modtool\workshop.exe
FirewallRules: [TCP Query User{230117D1-EAB8-4260-94CD-19EB921166AA}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{2FB3154D-9AB7-4060-91C2-BC7F783F0AF3}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{4F6E4E39-2D55-4F41-A70C-48737BCD58EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{C8741E1D-8A5C-4086-A7B9-05B4C2BABD84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [TCP Query User{BE0EB798-7498-46A2-8F7F-6B829160376D}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{1B086015-4082-4A29-9F7A-71460A531AA7}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{C5C8E1D4-D7CB-4F0B-8DFB-11493DD15BC0}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{18110A50-B0FA-43E6-9E1C-1F9D1DAF6AEC}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{1CB2C659-D736-4060-A7D3-4A1B9261760B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{C9F4063A-5CD4-4961-9915-0CD395315C29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{12C3FB8D-2D56-4285-9CC6-E3263668F08B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{6FEFA1C5-684A-4564-A13D-A12E1AC97550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [TCP Query User{062895CF-F2B4-4710-849D-66AF194144D8}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{422DE155-CCF9-4CAB-8F43-73DE555BC054}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{0E178307-251C-40CD-B3EE-3891B26B7F9D}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{F3933296-1E16-41CD-8347-C6D387D36653}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{FC722D02-18FA-49CF-8D81-C80EBA940710}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{F71D9108-07E7-4445-9DE4-14DFA9ADBFE3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{AC232D38-D17E-41CF-AF95-3D22A5832982}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{B1281EF6-0A28-4261-9E61-EA0848CA8AAA}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4D359F99-9587-477A-AD80-2AA21874BC4C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{E5046B41-22C9-4D70-9D62-D291E91DC2CC}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{D238F1CD-71A9-4C94-BC6A-6CE878CF470C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{4FA89517-3462-41C9-ADC2-0A5E372FC20F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{61977C79-735F-467B-BABA-94C33602A933}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [UDP Query User{60C07A8F-7BBE-4018-B763-8101EDBF428F}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [{F0F47415-BD03-4AD3-9151-FE4669F71CC8}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{8C7AA935-FD50-47C5-90BD-4E857397B8D1}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{9971F81E-A5FF-431A-B970-B44A12E46DC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{0AFE5880-3E05-4ACC-81AF-2EB88B015422}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{818A2907-8EE1-4FAF-BD75-6869232CC749}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{0FEBDE0F-68F1-49AE-9698-D3579DBAEA75}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{AC4A71BE-AC6B-4F9D-8EBD-20B5B7283722}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{F1565FA9-230F-436A-B197-0E4C7E8FC733}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{D765A0E8-5207-4ED8-930B-D792F55085A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4C071243-6ED3-46B3-9BAD-C892901E7F0A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9254B947-D86C-423C-BCB1-6C33094E19F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4A86C955-CD05-45BE-A0F1-66FEDBAC790F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{54C68378-86FB-487D-8CC8-EC01147A9280}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{110D33DF-BC06-492A-AE2C-BDE2058F5C46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EFF7C366-5B91-44A5-894E-4096E13B6F95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{789C6946-5694-4268-82AC-97B5A6155722}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{DDB6CFEE-9BEA-411B-B1E3-74204A5D11D8}C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{DA90F069-A7B3-4301-B244-D3162B9DB787}C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{404EE391-A988-427B-9F53-82362737D731}] => (Block) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{DD22D4D4-75D3-4EFF-8ABE-F182747F26B7}] => (Block) C:\users\speed x8\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{891963FF-671E-4BAE-84F1-7DCFD1DA67A7}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{9BCD8031-89B1-4291-AA8F-2A281504611D}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{2F3B3855-EDBB-4E8D-8A4C-0BD7AF3C6EFA}] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{2433AB65-E6A3-4527-B7AF-671F1D1727D1}] => (Block) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{DB92FC82-06A4-4769-9467-4E7638145BDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic The Gathering - Duels of the Planeswalkers\DotP.exe
FirewallRules: [{F97DC0F1-F0E0-40A4-A87C-37C9EAB4007E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic The Gathering - Duels of the Planeswalkers\DotP.exe
FirewallRules: [{90D88F2E-3029-4D64-8820-3C96EED12ABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\towns\Towns.exe
FirewallRules: [{B83B660E-F515-41EA-A070-488F817800FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\towns\Towns.exe
FirewallRules: [{D738D644-1F5A-406E-A4A5-C9DABC723ACF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{116DC740-165A-472B-AC1F-737D9DE59654}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{C4B64F08-45D4-4FCC-B56E-4446189AB0C3}C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [UDP Query User{1590375E-B6E1-4FA4-9D59-DEE7807E2835}C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{E1647157-9E14-461E-A92F-EDAE2542F219}] => (Block) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{A7DA7039-105C-4299-A310-78A33A46F91C}] => (Block) C:\program files (x86)\gazillion entertainment\marvel heroes (test center)\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{6D17D265-1EF8-44F6-99FA-31DBC628E818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{9EDA1CD0-D999-45FC-BE9D-03604649A714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{B11444A4-49C1-4CF6-8ADE-697405952E41}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{918B0D20-8107-44A4-B631-2B6EEEFBBFF8}] => (Allow) LPort=2869
FirewallRules: [{0F788669-A6B1-40F4-AC95-DCDEA218207D}] => (Allow) LPort=1900
FirewallRules: [{3E379C41-E3F8-4C13-95B7-C44231D7F739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{2AE007F3-B846-4B74-8823-B1BF5738ABBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{42FB39AC-DAD9-46C6-95D8-80F0F019274B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2E2043DD-B0FA-4727-88FC-CD5436754F42}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E5ABE3BF-8C15-411F-B413-F9304ED05264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe
FirewallRules: [{6C257671-C2CA-4C1C-815B-93FC1C7BF50C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe
FirewallRules: [{CBF87C94-F47F-446D-9657-A8CEB5EC1127}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{97ECA764-4B4E-40F0-9ABD-09F4A8946791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{33BA99C0-E695-4383-90C0-5EE9820DD601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{B5213485-DA69-4B51-9F3D-295F96652BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{0EF33F40-E255-4EF6-93BF-78CF2F9CAFE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{681DB789-8AFB-4B07-A822-AA43C0095D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{DAD2B8E8-C79E-407E-A325-E6367E9E3A38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{1800F384-1DB8-4B97-AE93-23E17B6C0BB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{BBD442A1-EC32-42E9-B21C-FB6E7895B4F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{BB81E8BE-AB9B-4796-8BD6-DF461F98E74E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{619EA40D-720C-4F1E-99FD-DAC18DD99060}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{2031C435-F0C4-4A8C-BED0-9EC33F0C6896}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{077ECDF8-A1AE-4223-9818-C41B5C1C0A83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{D32533C8-8A6D-42AE-8B02-3396C18C6469}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{3667D240-F4DC-4064-8C5D-2B9695381718}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe
FirewallRules: [{6D717367-0645-4B2B-A294-CDFB026AC0A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\kris008\garrysmod\hl2.exe
FirewallRules: [{FF49F265-6F83-4E33-9EE2-54F979B96F88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mortal Kombat Arcade Kollection\BINARIES\WIN32\MKHDGame.exe
FirewallRules: [{63636B8C-0A05-4458-92D9-91989636391B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mortal Kombat Arcade Kollection\BINARIES\WIN32\MKHDGame.exe
FirewallRules: [{039871D4-E930-4046-84F9-951D47EB7EE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dustforce\dustforce.exe
FirewallRules: [{6713843D-9E35-4337-88D0-2BFEB7CAE573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dustforce\dustforce.exe
FirewallRules: [TCP Query User{AFF70AD7-A3B5-428C-8714-95F06925E3D7}C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe
FirewallRules: [UDP Query User{F187F877-B4CB-4F48-B2CD-6165CFD76353}C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe
FirewallRules: [{3247961C-E16A-4FAE-8E3E-D63990BA4B93}] => (Block) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe
FirewallRules: [{7796E584-D288-40D8-B2F4-288FFFE167A7}] => (Block) C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe
FirewallRules: [{13D5C788-41F4-4127-A35C-87914585389F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{9A6AAABA-390D-4595-BE84-F352BE47748F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{3ADE83AB-9132-4AF0-94D7-B8B1B90AEF4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{3CCA14CA-B55E-4E7A-8ABB-3030E62C2411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{5E1C6162-F48E-40B7-BEF3-FD3B0B946637}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{1812F2D4-8DFA-42A5-97C9-E88D5F7A9899}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{85F93F99-B02B-492E-9EC1-075D50CD4FE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4E51AC0F-13ED-442E-85F7-D0CAC2925BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{85F02392-2300-4948-818A-5111105860BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{DE119C75-C630-409A-87CF-E314EC7EA173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html
FirewallRules: [{E7804679-A660-44B2-8414-1085851D74E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{877A9C71-C4A5-4812-8A58-3BEDDB1AD411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{BC83D54F-E7FE-4729-8F2C-C07CC7D5ABB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{2DA2C853-636D-4E88-A7CB-BBA8BE0CC4DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{D9B52CB8-3F05-4A80-A5F8-A10342C336E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{E6E9B266-9030-4A27-9769-A3FF2C8A5B44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{316E6DB9-5C6F-414A-9322-01B05C4CE072}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{8EE615A4-A340-4584-A5C8-FF29B3524E9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{A0C39657-E587-4E33-A027-D5DFA88A2119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{CF44CF1E-D48F-442F-AD34-3895483F4758}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{6C5FCB36-E87F-408C-B687-955CC4B77E32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{859447DB-CA0F-43C2-BD66-295CFDC55CD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{0CCC13E2-B6A2-4DF9-8F2D-85C9A2E9963C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{4960B8D3-1E24-41CD-93BE-DB70D8341FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{3D5B77C9-EFE8-4AF3-925F-45ECAE89E389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{4316FE49-72D3-4DC7-B844-ABF7A36EE64D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{1EE0089A-A94D-4899-855B-5FDF80F719A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{039F7929-5863-4A46-8C6B-D8693F40025D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{C77CD401-CE15-4B2E-A34C-93469AE42D5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{3D666BDF-57F0-4419-AF70-7677E814BE77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{E14397CC-40B1-46F7-B0E2-9C49C415325A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{36E92A08-C14C-4D89-85CC-E21275AE1C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Monaco\MONACO.exe
FirewallRules: [{CD91CF2D-44FE-4661-B434-F83909329EA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{0035304B-4FEC-44EC-9737-6FB17FE87DDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{BA719AA8-DE33-461F-8576-86DEA07325AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\terraria\Terraria.exe
FirewallRules: [{AFB37D60-2E16-4D5D-98C1-27B59F19B1F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\terraria\Terraria.exe
FirewallRules: [{23A64E78-D4C5-4FFA-998B-DC8F710923D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story Prototype.exe
FirewallRules: [{971A013C-A13B-44DB-9CB3-9B7712521710}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story Prototype.exe
FirewallRules: [{12D173D1-041A-433E-94FE-60112BFD7D6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe
FirewallRules: [{B3A50F56-5601-4658-AF02-84CFE75FC4E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe
FirewallRules: [{5886A0BE-0E8D-43E4-AB4B-3F629B168B86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe
FirewallRules: [{F42CCFCA-A85B-4AB7-BA63-162C4D3A1B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\Launcher.exe
FirewallRules: [{31CDB285-B4CC-4F17-BB8B-DE8347C5E404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{5F8E8371-9DC0-4951-A97A-CAB0138A1020}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{14E0FDD7-8C60-40BF-9C0B-6B01F1DAB624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{D1DAF126-4A72-43C0-B3C3-12FA38EAC31A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{37E8F381-1A0E-4941-B57E-777A68B216AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{83FEC552-E3FE-4AE4-A930-3D4418062FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{7C7F65E8-1B0E-4756-A86B-A829AB4EC3FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{1777A6CA-CEFA-4BF1-A212-3331A7A23FE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{24768329-70B8-45D5-8CA0-754CEC858083}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{5BBF636C-CF37-43D2-89DC-A1FE0DE085F7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{1800AF20-61F1-4A1A-8076-BF4B39953F30}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FC7E7271-14FC-4A69-8747-792FEEC03295}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8CC71D9B-0F35-4E2A-9F5B-EA4F87AD03E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{D17E68F9-15E9-47B0-9637-A87730FFF5FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{D3D05383-7B9D-4FF3-8863-EFF8F495CD13}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{0B442F03-A353-44C3-9792-7FB7F4E7E124}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{42D0D8AF-7F5A-4299-A443-EE8461C42F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe
FirewallRules: [{FBBE4357-AA17-46AC-AD3F-094C49641979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\frozen synapse\FrozenSynapse.exe
FirewallRules: [{2995B2A7-E566-48A1-AE2E-8B72865238D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4FFC3931-22DA-4289-A68D-A9F539F93F90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{600FCB67-7690-469D-A4EB-BD39BA1789B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{0B38911E-6E62-4119-B73F-D5E9EFB21B95}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{E5726269-6E1C-4CC6-ACE3-D40D80D8DC0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A722A47-CF50-4C04-8F67-7517D6EAF618}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DC09CFC4-92E2-4408-8A69-F143A07E6CA9}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{E3717BE2-1D72-40CA-AC74-7AE203C53B9B}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{043454C3-874C-448C-AEFF-D35D7BF2FFF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe
FirewallRules: [{972022AC-88FE-4B15-87B4-36354EAB4C56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe
FirewallRules: [{36C78D50-5A84-4722-BE5B-13F920CD474A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F3BD4356-90D9-453E-B40C-7042F3E535E1}C:\pylo\mcreator\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator\jdk\bin\java.exe
FirewallRules: [UDP Query User{7825F6E9-B526-4D62-96D0-FDF097414EF4}C:\pylo\mcreator\jdk\bin\java.exe] => (Allow) C:\pylo\mcreator\jdk\bin\java.exe
FirewallRules: [{74499494-A301-4AB0-B206-410A1018EABE}] => (Block) C:\pylo\mcreator\jdk\bin\java.exe
FirewallRules: [{2ED2EB46-3024-4060-BC32-A98571C32919}] => (Block) C:\pylo\mcreator\jdk\bin\java.exe
FirewallRules: [TCP Query User{C68C77FB-7272-4DF8-9114-B5A9295D4F35}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{F10DB00A-AAD5-413A-BCB8-67C5F7EDB77F}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{33B25653-03E3-4DBB-865F-C5B65AF6B3A6}] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{30017E46-E84D-49B3-869B-3F4C1F1CE463}] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{FBC4D2A9-C33C-49E3-89AF-AD1B611E1895}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{7B1769F1-D88F-4C80-A651-AD441BBCAA68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{C6C52F06-C534-4A89-8DFD-53426CC4636F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{90B438BC-732F-4CA5-AB38-B217D7F31A2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{E0ACA62E-6E27-4ABE-B591-42F618F1D0A8}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{D38CF95F-B490-4688-A398-10A6693E9128}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{1BB93890-510B-4205-8C8A-95B9AF52E213}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{8953CAB9-ACE9-4D4D-A87C-0D801D7D0CCD}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{88F62E43-6D9A-4FC7-BC0F-3202BC32486D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{72FF0A20-A835-4C91-9588-F70AC8FA565E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{D53D5ABB-D491-476F-8F50-3041769C6690}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2014\fm.exe
FirewallRules: [{C9D18E0D-82EF-48AF-9EDC-F72EAAF798BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2014\fm.exe
FirewallRules: [{FA1FB9B1-21AB-492F-A4FE-DCCF0B349493}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{C7AF831B-03B5-47ED-AA60-E2CCACDD6081}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{CF3011FB-E348-4CED-8896-F9E78C8A1727}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{3E73BE0B-A452-494E-801D-270BE1D04A8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{2B516729-6712-4BFF-B8A4-7ED0CFD24307}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{C1EB74E4-B486-4F43-891F-E0F5A485E697}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{E8E35D5C-772E-46C8-B3F5-2A9440C7D177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{57706DBD-8859-4A48-A216-A4002F083BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E07B57D2-CE91-41CB-8BF2-F37379C38823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{84B12980-A531-48FA-9105-298E489B6F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{4144B518-9697-4EA1-9FEB-704257DA314F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{6EB84C17-DC8E-45F6-B042-686F2C69FA68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{7A83AEBC-29B5-4DD0-B5A8-56DC57CD362C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{BC9140E6-B5E6-40A5-9427-C46552CB2FB0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{6A5B68DC-5687-4DC3-871A-AB88DE71649C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3009FB24-C927-4670-B731-49EFB70F1120}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{A453E6AC-462D-4F62-9FEA-7330662205C2}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{4E97F766-23BF-4074-BE38-71DAA2C2A407}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{E79B4009-D09B-4C5B-B757-8F0898876F7A}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe
FirewallRules: [UDP Query User{619D045D-EA73-464D-8C27-2C85B108754A}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe
FirewallRules: [{22CDBC06-1813-4122-9F2A-7BF7992F29B7}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe
FirewallRules: [{50983A76-DD59-42BA-9BCB-85AD3937DAB0}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.exe
FirewallRules: [TCP Query User{053940BD-614C-4A67-B31A-97669DD73B4E}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe
FirewallRules: [UDP Query User{AC5F1939-7760-49E3-BC68-CE4099FA6E7F}C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe] => (Allow) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe
FirewallRules: [{028D36D1-E6BF-4F52-9AEE-26226DAB41A9}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe
FirewallRules: [{EC06397C-6D49-4FD5-BF76-C4765390C358}] => (Block) C:\users\speed x8\desktop\opensim-0.8\bin\opensim.32bitlaunch.exe
FirewallRules: [TCP Query User{C3FD0FC5-8D50-40EB-94B3-99236FD734DF}C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe
FirewallRules: [UDP Query User{4DE4EB4D-4543-4549-855C-625983226BA2}C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe
FirewallRules: [{B4E8A3A8-E8FD-4D93-B799-5C455485425E}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe
FirewallRules: [{6BEAB6A4-D529-468F-9A42-89460AA8D525}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.303\opensim-0.8\bin\opensim.exe
FirewallRules: [TCP Query User{13202520-4F43-429E-AC75-AB0DD7A2D20C}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe] => (Allow) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe
FirewallRules: [UDP Query User{038E5BA8-5BEB-4DC3-B369-63FE7F0B894F}C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe] => (Allow) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe
FirewallRules: [{24639AB0-3F89-44AF-8148-CAAAD05ECEE2}] => (Block) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe
FirewallRules: [{7E6487D5-0DD6-44D7-AD3B-5A2EA9593037}] => (Block) C:\program files (x86)\utherverse digital inc\utherverse vww client\utherverse.exe
FirewallRules: [{E0651CE6-8B7F-4964-9AED-3DE1BB66AD5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{01418C28-678E-4A03-BC33-9B922A095171}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{8A430610-CA3E-4AA8-B34F-8F7ECD55F7FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{CFD4542D-5089-4FD9-BC06-18D74A8BF811}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{4D200544-32AF-4350-9611-197E96BC38A6}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{F218BAB7-0813-4FD2-9AE0-7E25B72AE095}C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe] => (Allow) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe
FirewallRules: [UDP Query User{FEB8FF54-F458-4083-AC2E-F4F7319757D0}C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe] => (Allow) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe
FirewallRules: [{A7C4F607-FBA9-46DD-85AF-22DCBB9D22F7}] => (Block) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe
FirewallRules: [{80EF9C81-69B5-48BE-BA45-1C206CDE1799}] => (Block) C:\program files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\OMDU.exe
FirewallRules: [TCP Query User{8340FBD4-EED3-44CC-B567-064FB2378DE7}C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe
FirewallRules: [UDP Query User{FB8C7529-9852-450C-9FAA-662D69093729}C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe
FirewallRules: [{1FF4230A-7E36-44FD-A45B-E2EADA5B4111}] => (Block) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe
FirewallRules: [{4597DE5C-3CC5-4C59-96ED-48BCCA49BCFD}] => (Block) C:\program files (x86)\gameforgelive\games\gbr_eng\orcs must die! unchained\binaries\win64\spitfiregame.exe
FirewallRules: [{ACD488E0-7852-4BAB-B504-940E4F9EF7F4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{F4073C15-9210-41A7-9AA6-33899A1A324C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{422C79C2-92FA-4C2F-8C43-89BEFED35CAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiddenInPlainSight\HiddenInPlainSight.exe
FirewallRules: [{17F00E5C-C67A-45E0-BA4C-8873CBC319C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiddenInPlainSight\HiddenInPlainSight.exe
FirewallRules: [{F4DC9E1A-4CA1-4998-9BB5-02FFA81ACC68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crawl\Crawl.exe
FirewallRules: [{270D55EB-1298-40A7-BD74-327543A2CEEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crawl\Crawl.exe
FirewallRules: [{29A383DF-DAD3-49CB-AD9F-F8BD93F58761}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3872E2DC-DA8F-4D4C-9A4D-B8130D50D39A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B6AFDF59-7B41-4097-893C-304C809B5565}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{BD573484-7DCB-4391-9B68-07DC7387FFA7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6C3CB385-4CBF-4167-8AE3-B27C816FBDF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{8E2A6F2B-3459-4CCC-9088-C438195073C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{C581AFF2-72B2-4545-864C-9D30A3EE1770}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{4F8934D5-F337-4B40-AAE0-656FF1BCDF2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{D6C30A93-97DF-4B1F-A329-1A293F7C0A2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{3633C427-0930-4BAA-893F-CCEECCF42709}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{B028FE13-5410-487D-9392-DBCBC3F1621E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{16B0557D-5B2E-4F33-A616-C74C7061630C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{118B5754-BA79-46FB-88B6-BBA9C01D15C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{BF9D76A0-F12B-4E5E-8AD1-D15EDCD2AE39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [TCP Query User{86538025-B537-475D-98BF-CE227B73D5C9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{9DDB24DF-CDAB-4929-A738-FA64C9D7EC9C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{D9557825-97ED-4609-9718-EC88AC684C01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{51AC18DD-6132-458C-BC0F-ED114509EA23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{E842E4E2-6FFD-430A-838F-D76E1F43F19F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm Sentinels\Sentinels.exe
FirewallRules: [{C3CFC40A-6D8C-42F9-8194-821988B45B01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm Sentinels\Sentinels.exe
FirewallRules: [{8662EE4C-0CCE-4054-B5ED-FBB85262AF5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm\game.exe
FirewallRules: [{37DC15F5-C330-4535-8312-6942BB035CC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Storm\game.exe
FirewallRules: [{C363D4FC-5912-457D-A365-B24A4FD68B9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{BFA465F6-D5D1-4F15-A7A4-E615FDFD61A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{6DF066AE-5FE6-485D-9AB0-57D6CD4E5DC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{51E879D0-B103-4045-9A6C-36E7A41D8B28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{49B7C16F-7ABA-4B19-B81A-98BCBA89946C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Next Car Game Sneak Peek 2.0\Next Car Game Technology Sneak Peek.exe
FirewallRules: [{7726DDF3-E084-42A6-B902-8D335A0870CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Next Car Game Sneak Peek 2.0\Next Car Game Technology Sneak Peek.exe
FirewallRules: [{BEF232D5-D339-4996-95F1-9BF5BAF445D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{4CCF08D8-C3CC-4F67-8F2D-7B6A0803CF78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{F7D9B23E-5CAD-4B7E-B9E2-8A5D96D87D3A}] => (Allow) LPort=27015
FirewallRules: [{BCB03840-7BA8-4A7A-A594-D61B6FAD243B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe
FirewallRules: [{26A0CD83-EA61-415A-999C-6ED10F38CB45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe
FirewallRules: [{C5B6D847-696C-4E82-9D16-DE41ACEDC546}] => (Allow) C:\Program Files (x86)\Mirroring360\Mirroring360.exe
FirewallRules: [{A26B7858-171B-41CF-B436-41B015AF3E32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story.exe
FirewallRules: [{972137CF-B97E-4A26-8E97-869F2288D8DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Castle Story\Castle Story.exe
FirewallRules: [{E2A50709-B834-4D46-AC4E-E72D91E57A13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{5680C358-EF64-4142-BD39-367A232CC228}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{703131B7-8148-4226-B985-C7EAC5AC00DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3ABD9FB1-7214-4059-948D-C11A09846305}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{465FFF82-92AD-4E63-A385-B853EB88B58C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TerraTech Demo\TerraTechWin64.exe
FirewallRules: [{168F8E06-C7A1-4315-A8CC-A23A0E1F41BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TerraTech Demo\TerraTechWin64.exe
FirewallRules: [{7662AB0E-A673-43C9-B459-72C98B4AE181}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{BCD63986-F254-48B4-93F1-7B98BEA37767}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [TCP Query User{EC0C7C6F-C17E-4A74-A333-BCDB96949DA9}C:\users\speed x8\appdata\local\temp\heat.bin] => (Allow) C:\users\speed x8\appdata\local\temp\heat.bin
FirewallRules: [UDP Query User{F9888208-7847-43E1-BB1F-777714C125F6}C:\users\speed x8\appdata\local\temp\heat.bin] => (Allow) C:\users\speed x8\appdata\local\temp\heat.bin
FirewallRules: [{C11EFBDD-A77D-4BD6-9ED3-4ADA9B499313}] => (Block) C:\users\speed x8\appdata\local\temp\heat.bin
FirewallRules: [{3FE178DE-DFF2-4DCF-9EF9-AB17B903949C}] => (Block) C:\users\speed x8\appdata\local\temp\heat.bin
FirewallRules: [{C0DEAB61-DC04-4775-9C47-80AFCEB3FE75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{874CB043-C377-4066-BC49-5FC559059074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{60CBE8BF-656D-4013-A1DF-041E194AAE38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{B89369DC-E8CD-4239-8518-1BD1DB67EBD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{106A85E8-5370-4CCD-A8DD-0347DF8CE3D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{A4E880B3-64FE-4842-8AC6-8E1BE48EDF31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{F43AE078-BD94-441B-BAA4-47AA2FDC2D47}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{6D327256-D72E-4208-B78F-8431D30D624B}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{01204FDA-B03C-4358-8494-5DD9920CADAD}] => (Block) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{D3B355B6-482B-47C4-BA54-A5154E29A5CB}] => (Block) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{71CFB769-28AC-4250-AE2E-7E88BA90EBC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe
FirewallRules: [{368B4582-24D5-48D6-BA2F-802DDB2C71EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\realm of the mad god\Realm of the Mad God.exe
FirewallRules: [TCP Query User{EB0F5DDF-E0D5-495B-9486-4D4D57C879BF}C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe] => (Allow) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{818EE92F-4845-43F4-A29F-748AADF53B53}C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe] => (Allow) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe
FirewallRules: [{658E515F-6BFB-4532-B56E-507B63143915}] => (Block) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe
FirewallRules: [{FB858046-DB02-4909-980B-03D65B44A28F}] => (Block) C:\users\speed x8\desktop\thief town\bin\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{25CAE35F-D07B-4AEE-8504-1CF08BB02C4F}C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe
FirewallRules: [UDP Query User{15F888D0-78A5-4442-929D-18E7EE0C0847}C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe
FirewallRules: [{6507CFC7-C98D-4E68-BD80-496302C21335}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe
FirewallRules: [{DA8A3CF1-1471-4189-A296-125E15B2D6C9}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\tgserver.exe
FirewallRules: [{2A97B60E-7992-43B4-BD3C-03388B49E4F3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{49B839C6-AE19-4CF0-A9D7-6C36A051C3A5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{0F14F2EA-8B12-456C-BA26-F279931461C6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{E000F171-BCBA-486E-9401-02D8816DD6CE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CDBC4F09-4C18-4BC8-B54A-94B3940572AC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{390F8498-1C42-42B2-BCFF-E2EAEB83AA80}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0E0F760C-D81E-40DB-9A12-B44137FB01F3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{D7027310-87C4-4835-BC80-E6B51FD6A7A1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{DC6575D1-9D37-4719-8186-DF3D50FCC425}C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe
FirewallRules: [UDP Query User{202EE49D-2539-4C26-8030-495421661896}C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe] => (Allow) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe
FirewallRules: [{EA6D767E-6AD0-445B-BFEF-9F43AA3C3177}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe
FirewallRules: [{69AB5CA4-A054-41F6-9260-4177F3F6E0A7}] => (Block) C:\users\speed x8\desktop\trinusgyreserver\ext\facetracknoir.exe
FirewallRules: [{3537C0EC-976F-424D-BE85-8F500D08EF1F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BB2BE34-B884-4B2A-B407-2ABF84292705}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{422E0D56-10CC-4C3B-AC60-836FEDABAD94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{7D377E66-4B86-43A2-ACB8-8921D3079505}C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe] => (Block) C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe
FirewallRules: [UDP Query User{4C951F66-4762-4876-9C40-93FCAE995CA0}C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe] => (Block) C:\program files (x86)\steam\steamapps\common\carmageddon_reincarnation\bin\carmageddon_reincarnation.exe
FirewallRules: [{2A8AB55B-9BD4-47E6-97E0-115179236C65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe
FirewallRules: [{951CE029-D70A-4F62-B709-2AE93A1DB9BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe
FirewallRules: [{F3578405-CE94-4A32-B489-4212C3E586BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe
FirewallRules: [{E3F6EDC1-FA5C-4BCC-8C13-7244FF618FF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeons\DungeonsStarter.exe
FirewallRules: [TCP Query User{80B1C00B-7EE9-4501-95E3-7B4BFAAEA4D8}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{78C98EB8-FD84-4719-B296-B23C94ADAC4A}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{1E53301B-F925-463B-AC29-7F6F88726941}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{E8FE2C73-81CA-469E-BA12-0F88C00A8FB6}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{42957E35-5F25-474D-B445-5F2DCB668372}] => (Allow) C:\Users\Speed X8\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7A348E49-E897-44BD-BEB3-5011618F884E}] => (Allow) C:\Users\Speed X8\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C800E4C3-0E31-4549-B7EE-C64F67582D1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe
FirewallRules: [{9396A75A-FF4A-44D4-B930-5D4E36CFBA04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe
FirewallRules: [{275F2DBF-C938-46D6-9696-ED605AA29E67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{10463DBA-7264-4B44-85EB-B09D2EF7211F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [TCP Query User{8DBD034F-049F-4B21-91AC-F52AF493631E}C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe
FirewallRules: [UDP Query User{1AF90409-E96A-441E-9674-DB093BF55F02}C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe] => (Allow) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe
FirewallRules: [{CC1B1062-BE61-41F7-A5C8-E47EEA0CFD51}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe
FirewallRules: [{449E4F34-0D5D-4842-B848-3843B1AF06B3}] => (Block) C:\users\speed x8\appdata\local\temp\rar$exa0.338\ygopro-1.033.4v2-percy\ygopro_vs.exe
FirewallRules: [{E3B49933-6B65-4F67-AD42-90D8B7AAEBA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{3B5E0706-F4F4-4EBC-B742-F6341FE0B0A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{E910285B-0CEB-4069-A3D0-B4713A8E75ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{581365B6-6F9B-428B-AD20-2D5379943028}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{0647DADA-C279-4704-BA1B-0D7BDA449516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{4089569F-739A-417E-8CCB-73867DD0E6BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{87B09D3C-90D8-4FA6-96AB-85CA51CF182E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{64727AD4-AE2E-4E24-BA25-B1BE1ED6537D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{2CB08154-C8F5-4994-B2A5-B50A460A84E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloody Trapland\Bloody Trapland.exe
FirewallRules: [{1DB42E25-7C09-40F6-9A60-D869D8330D3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloody Trapland\Bloody Trapland.exe
FirewallRules: [TCP Query User{57BC5FB0-B251-4E90-8098-B267D6D78BFD}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [UDP Query User{881B7CB3-2FB0-4F29-BA9D-E7779A746AB8}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [{5D8BEB6F-B46B-4900-919E-06B420D7C3E4}] => (Block) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [{5E180DBC-5ED8-4FD9-925A-42B19787C5FA}] => (Block) C:\program files (x86)\gigabyte\@bios\updexe.exe
FirewallRules: [TCP Query User{C0CC8EFF-5F29-4BAC-8848-4223A400DB7B}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [UDP Query User{D8B3F723-31B0-4B31-9118-1F8D2B373219}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [{39FE7AC0-BBA0-4296-AE7A-BAF5C0D3B8BD}] => (Block) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [{8382602A-04C2-48FB-A92D-EE0DE22AA70D}] => (Block) C:\program files (x86)\gigabyte\@bios\gbtupd.exe
FirewallRules: [{00CF2874-983C-4C92-9864-7D5D0EAC1666}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{3C648F43-0C73-46B1-9B22-6AC09D85ADC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{157F1228-429C-452B-823F-9D733CA1FDC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{FC42A3E4-F547-4381-A2AA-B16158157AB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{AC2C148F-C687-4B0B-A41E-5A69312EEDE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{14A8A30F-D093-439E-BF96-32D5F6550235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{64D293B8-022E-42E2-ADF9-94802EC489BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A7CCBBC6-23A9-44EE-8A65-8F9974EF6334}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{DE25E8F6-31B1-486C-AB94-362BC936DECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F766C05D-B753-40BF-BE9C-CCD8BD51A2C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashed\MASHED.exe
FirewallRules: [{90145B7B-D213-4F2D-9889-8FE2C7F9565F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashed\MASHED.exe
FirewallRules: [{A6C3A062-94CC-4368-90D8-2AB85CEA2E0B}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{FAB3A11C-997E-4CE8-ACD3-FF348ED5EE08}] => (Allow) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
FirewallRules: [{50584BF8-E92D-481A-848A-B60846E518FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{279190D4-68CD-414D-AA96-E79002C000AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/20/2015 09:02:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 09:01:34 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2732) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
 
Error: (08/20/2015 08:21:06 PM) (Source: CoupoonService64) (EventID: 1) (User: )
Description: CoupoonService64SvcInit, failed to connect to driver, status: -1
 failed with 2
 
Error: (08/20/2015 08:19:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 08:18:47 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2216) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
 
Error: (08/20/2015 10:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a6a196
Exception code: 0xc000000d
Fault offset: 0x000000000006eea2
Faulting process id: 0x9a4
Faulting application start time: 0xsvchost.exe_DiagTrack0
Faulting application path: svchost.exe_DiagTrack1
Faulting module path: svchost.exe_DiagTrack2
Report Id: svchost.exe_DiagTrack3
 
Error: (08/20/2015 09:07:11 AM) (Source: CoupoonService64) (EventID: 1) (User: )
Description: CoupoonService64SvcInit, failed to connect to driver, status: -1
 failed with 2
 
Error: (08/20/2015 09:05:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 09:03:39 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2888) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
 
Error: (08/19/2015 06:54:48 PM) (Source: CoupoonService64) (EventID: 1) (User: )
Description: CoupoonService64SvcInit, failed to connect to driver, status: -1
 failed with 2
 
 
System errors:
=============
Error: (08/20/2015 09:08:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (08/20/2015 09:06:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AvastVBox COM Service service failed to start due to the following error: 
%%1053
 
Error: (08/20/2015 09:06:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AvastVBox COM Service service to connect.
 
Error: (08/20/2015 09:06:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053AvastVBoxSvc{F319F1B8-7587-4146-AF9C-0D6D77819BF1}
 
Error: (08/20/2015 09:01:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error: 
%%2
 
Error: (08/20/2015 09:01:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: 
%%2
 
Error: (08/20/2015 09:00:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/20/2015 09:00:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Modules Installer service failed to start due to the following error: 
%%3
 
Error: (08/20/2015 09:00:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error: 
%%2
 
Error: (08/20/2015 08:58:37 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
 
Microsoft Office:
=========================
Error: (08/20/2015 09:02:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 09:01:34 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2732WindowsMail0:
 
Error: (08/20/2015 08:21:06 PM) (Source: CoupoonService64) (EventID: 1) (User: )
Description: CoupoonService64SvcInit, failed to connect to driver, status: -1
 failed with 2
 
Error: (08/20/2015 08:19:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 08:18:47 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2216WindowsMail0:
 
Error: (08/20/2015 10:00:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.1893355a6a196c000000d000000000006eea29a401d0db1eae507018C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllf2f4dbf2-4719-11e5-935a-50e54946680c
 
Error: (08/20/2015 09:07:11 AM) (Source: CoupoonService64) (EventID: 1) (User: )
Description: CoupoonService64SvcInit, failed to connect to driver, status: -1
 failed with 2
 
Error: (08/20/2015 09:05:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 09:03:39 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2888WindowsMail0:
 
Error: (08/19/2015 06:54:48 PM) (Source: CoupoonService64) (EventID: 1) (User: )
Description: CoupoonService64SvcInit, failed to connect to driver, status: -1
 failed with 2
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 16367.3 MB
Available physical RAM: 12112.73 MB
Total Virtual: 32732.81 MB
Available Virtual: 27791.43 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1303.72 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D2DB4A79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
==================== End of log ============================

Edited by Alkalidum, 20 August 2015 - 04:51 PM.

  • 0

Advertisements


#2
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello and welcome to Geeks To Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please download to and run all requested tools from your Desktop.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexpected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello, let's start showing your unwelcome guests the door. :)


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: P2P Warning and Program Uninstalls

The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

There are also new infections out there such as CryptoWall 3.0 and CryptoLocker. When infected with these, all of your personal files on any drive connected to your computer will be affected. These infections copy all your files, encrypt them, and then delete the originals, leaving you with the encrypted copies. You are then presented with a screen telling you you have a certain amount of time to pay the ransom for the decryption code to decrypt your files. Even if you pay the ransom, there decryption process usually results in corrupt and unusable files.

There is nothing we can do to decrypt the files, as they use very sophisticated encryption techniques. Please consider this when using P2P programs. Malware and ransomware writers use P2P to spread their infections.


Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, I can guarantee you will be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.


Program Uninstalls

Please uninstall the following programs from your machine as they are adware/malware related. If one of the programs fails to uninstall, please move on to the next one in the list.
  • AnyProtect
  • Pando Media Networks
  • Rocket League
Step 2: Fix with FRST

Note: Before executing this step, please move FRST64.exe from C:\Users\Speed X8\Downloads to your Desktop or the fix will not work.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebApp.exe
C:\Users\Speed X8\AppData\Local\SmartWeb
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [mbot_gb_014010064] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010064] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010065] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010066] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CrashService] => "C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
C:\Users\Speed X8\AppData\Local\BoBrowser
Startup: C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-08-20]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
CHR HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7O0TWFMUDQ_gyYd4DEhS0WK9MjVKTjgRyqZZDqO9KpdeU1sNdl_pEEUjtZF1sdkCIBHlp1Hy30d2og,,
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File
FF NewTab: about:newtab
FF Extension: CinemaPlus-1.2.1V20.08 - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-08-20]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Speed X8\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.1.0.crx <not found>
C:\Users\Speed X8\AppData\Local\APN
R2 cobomiku; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp [137728 2015-08-19] () [File not signed]
R2 dinofiky; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs [X]
S1 idmzwpit; \??\C:\Windows\system32\drivers\idmzwpit.sys [X]
R1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
015-08-20 21:49 - 2015-08-20 21:49 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 21:49 - 2015-08-20 21:49 - 00001045 _____ C:\Users\Speed X8\Desktop\AnyProtect.lnk
2015-08-20 21:49 - 2015-08-20 21:49 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-20 21:45 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-20 21:45 - 2015-08-20 21:45 - 00000000 __SHD C:\Users\Speed X8\AppData\Roaming\AnyProtectEx
2015-08-20 21:45 - 2015-08-20 21:45 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsrEF14.tmp
2015-08-20 21:34 - 2015-08-20 21:34 - 00004050 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-08-20 21:34 - 2015-08-20 21:34 - 00003388 _____ C:\Windows\System32\Tasks\CPGIAIDSLMSETGHO
2015-08-20 21:34 - 2015-08-20 21:34 - 00000000 ____D C:\Users\Speed X8\AppData\Local\SmartWeb
2015-08-20 21:34 - 2015-08-20 21:39 - 00000348 ____H C:\Windows\Tasks\CPGIAIDSLMSETGHO.job
2015-08-20 10:00 - 2015-08-20 10:00 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsr895F.tmp
2015-08-19 19:28 - 2015-08-19 19:28 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nse5B1F.tmp
2015-08-19 18:46 - 2015-08-20 21:51 - 00000348 ____H C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job
2015-08-19 18:46 - 2015-08-19 18:46 - 00003388 _____ C:\Windows\System32\Tasks\RVSCCJTAIRYAFTMB
2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291
2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291
2015-08-19 18:32 - 2015-08-19 18:34 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\ProgramData\Baidu
Task: {04AEBEC7-7A68-4592-8A41-65A436199A00} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {335296FD-CB04-489C-9898-B29B4A19CAF4} - System32\Tasks\RVSCCJTAIRYAFTMB => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: {8B4EF551-A928-422A-87B8-8D606236BDED} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {8D60D829-1425-4384-A7E6-12B8056DB5F5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {99E4B1C5-560A-4A7C-9F29-8AD8C308D0C0} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {C76EF0BB-5A14-45D7-989E-64E242B30425} - System32\Tasks\CPGIAIDSLMSETGHO => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\CPGIAIDSLMSETGHO.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: AdwCleaner

Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleanerscreen_zpsm6wq1ei9.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Once AdwCleaner's control panel is open and it says "Waiting for Action", click on Options at the top of the control panel.
  • Please Uncheck the following options:
    • Reset Proxy Settings
    • Reset Winsock Settings
  • Please Check the following options:
    • Reset TCP/IP Settings
    • Reset Firewall Settings
    • Reset IPSec Settings
    • Reset BITS Queue
    • Reset Internet Explorer Policies
    • Reset Chrome Policies
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Logfile button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\
Step 5: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

Fresh FRST.txt Log

  • 0

#3
Alkalidum

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hi,

 

Thanks for the fast response!  :)

 

Fix result of Farbar Recovery Scan Tool (x64) Version:20-08-2015
Ran by Speed X8 (2015-08-21 10:46:25) Run:1
Running from C:\Users\Speed X8\Desktop
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp
() C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe
(SoftBrain Technologies Ltd.) C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebApp.exe
C:\Users\Speed X8\AppData\Local\SmartWeb
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [mbot_gb_014010064] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010064] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010065] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010066] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CrashService] => "C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
C:\Users\Speed X8\AppData\Local\BoBrowser
Startup: C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-08-20]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
CHR HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7O0TWFMUDQ_gyYd4DEhS0WK9MjVKTjgRyqZZDqO9KpdeU1sNdl_pEEUjtZF1sdkCIBHlp1Hy30d2og,,
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429531097&from=cor&uid=ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q&q={searchTerms}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWv3XjGGZrhGQbtfYuhk2-U2UNqQUk1WqRMy6aNxHHS1Gq908k85CDaCOfniUD4Y2FlQFflaUt1mRr7OER3D0F0TANAgLgx5D9X64Gg_NrTRPe4k-L2bsy2kj3BY2nOvICMIa9mYMfdm6ciXq0ETMYt3BnnQ,,&q={searchTerms}
Toolbar: HKLM-x32 - No Name - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No File
FF NewTab: about:newtab
FF Extension: CinemaPlus-1.2.1V20.08 - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-08-20]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Speed X8\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.1.0.crx <not found>
C:\Users\Speed X8\AppData\Local\APN
R2 cobomiku; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp [137728 2015-08-19] () [File not signed]
R2 dinofiky; C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs [X]
S1 idmzwpit; \??\C:\Windows\system32\drivers\idmzwpit.sys [X]
R1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
015-08-20 21:49 - 2015-08-20 21:49 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 21:49 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 21:49 - 2015-08-20 21:49 - 00001045 _____ C:\Users\Speed X8\Desktop\AnyProtect.lnk
2015-08-20 21:49 - 2015-08-20 21:49 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-20 21:45 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-20 21:45 - 2015-08-20 21:45 - 00000000 __SHD C:\Users\Speed X8\AppData\Roaming\AnyProtectEx
2015-08-20 21:45 - 2015-08-20 21:45 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsrEF14.tmp
2015-08-20 21:34 - 2015-08-20 21:34 - 00004050 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-08-20 21:34 - 2015-08-20 21:34 - 00003388 _____ C:\Windows\System32\Tasks\CPGIAIDSLMSETGHO
2015-08-20 21:34 - 2015-08-20 21:34 - 00000000 ____D C:\Users\Speed X8\AppData\Local\SmartWeb
2015-08-20 21:34 - 2015-08-20 21:39 - 00000348 ____H C:\Windows\Tasks\CPGIAIDSLMSETGHO.job
2015-08-20 10:00 - 2015-08-20 10:00 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nsr895F.tmp
2015-08-19 19:28 - 2015-08-19 19:28 - 00613255 _____ (CMI Limited) C:\Users\Speed X8\AppData\Local\nse5B1F.tmp
2015-08-19 18:46 - 2015-08-20 21:51 - 00000348 ____H C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job
2015-08-19 18:46 - 2015-08-19 18:46 - 00003388 _____ C:\Windows\System32\Tasks\RVSCCJTAIRYAFTMB
2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291
2015-08-19 18:45 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\Service1291
2015-08-19 18:32 - 2015-08-19 18:34 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Baidu
2015-08-19 18:32 - 2015-08-19 18:32 - 00000000 ____D C:\ProgramData\Baidu
Task: {04AEBEC7-7A68-4592-8A41-65A436199A00} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {335296FD-CB04-489C-9898-B29B4A19CAF4} - System32\Tasks\RVSCCJTAIRYAFTMB => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: {8B4EF551-A928-422A-87B8-8D606236BDED} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {8D60D829-1425-4384-A7E6-12B8056DB5F5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {99E4B1C5-560A-4A7C-9F29-8AD8C308D0C0} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-08-20] (AnyProtect.com) <==== ATTENTION
Task: {C76EF0BB-5A14-45D7-989E-64E242B30425} - System32\Tasks\CPGIAIDSLMSETGHO => C:\ProgramData\Service1291\Service1291.exe [2015-08-20] () <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\CPGIAIDSLMSETGHO.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\hnsd8DC2.tmp => No running process found
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C\knsi4999.tmpfs => No running process found
C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C => moved successfully
"C:\Program Files (x86)\00000000-1440005683-0000-0000-50E54946680C" => File/Folder not found.
C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe => No running process found
C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebApp.exe => No running process found
C:\Users\Speed X8\AppData\Local\SmartWeb => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_gb_014010064 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010064 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010065 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010066 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SmartWeb => value removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CrashService => value removed successfully
"C:\Users\Speed X8\AppData\Local\BoBrowser" => File/Folder not found.
C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk => moved successfully
C:\Users\Speed X8\AppData\Local\SmartWeb\SmartWebHelper.exe not found.
"HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value removed successfully
"HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully
HKCR\CLSID\{ielnksrch} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D} => value removed successfully
HKCR\Wow6432Node\CLSID\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D} => key not found. 
Firefox "newtab" removed successfully
C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo" => key removed successfully
"C:\Users\Speed X8\AppData\Local\APN" => File/Folder not found.
cobomiku => service removed successfully
dinofiky => service not found.
idmzwpit => service removed successfully
wsafd_1_10_0_19 => service removed successfully
015-08-20 21:49 - 2015-08-20 21:49 - 00002834 _____ C:\Windows\System32\Tasks\APSnotifierPP1 => Error: No automatic fix found for this entry.
C:\Windows\System32\Tasks\APSnotifierPP3 => moved successfully
C:\Windows\System32\Tasks\APSnotifierPP2 => moved successfully
"C:\Users\Speed X8\Desktop\AnyProtect.lnk" => File/Folder not found.
C:\Windows\Tasks\APSnotifierPP1.job => moved successfully
C:\Windows\Tasks\APSnotifierPP3.job => moved successfully
C:\Windows\Tasks\APSnotifierPP2.job => moved successfully
"C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup" => File/Folder not found.
"C:\Program Files (x86)\AnyProtectEx" => File/Folder not found.
C:\Users\Speed X8\AppData\Roaming\AnyProtectEx => moved successfully
C:\Users\Speed X8\AppData\Local\nsrEF14.tmp => moved successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully
C:\Windows\System32\Tasks\CPGIAIDSLMSETGHO => moved successfully
"C:\Users\Speed X8\AppData\Local\SmartWeb" => File/Folder not found.
C:\Windows\Tasks\CPGIAIDSLMSETGHO.job => moved successfully
C:\Users\Speed X8\AppData\Local\nsr895F.tmp => moved successfully
C:\Users\Speed X8\AppData\Local\nse5B1F.tmp => moved successfully
C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job => moved successfully
C:\Windows\System32\Tasks\RVSCCJTAIRYAFTMB => moved successfully
C:\ProgramData\Service1291 => moved successfully
"C:\ProgramData\Service1291" => File/Folder not found.
C:\Program Files (x86)\baidu => moved successfully
C:\Users\Speed X8\AppData\Roaming\Baidu => moved successfully
C:\ProgramData\Baidu => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04AEBEC7-7A68-4592-8A41-65A436199A00}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04AEBEC7-7A68-4592-8A41-65A436199A00}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP1 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{335296FD-CB04-489C-9898-B29B4A19CAF4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{335296FD-CB04-489C-9898-B29B4A19CAF4}" => key removed successfully
C:\Windows\System32\Tasks\RVSCCJTAIRYAFTMB not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RVSCCJTAIRYAFTMB" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B4EF551-A928-422A-87B8-8D606236BDED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B4EF551-A928-422A-87B8-8D606236BDED}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D60D829-1425-4384-A7E6-12B8056DB5F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D60D829-1425-4384-A7E6-12B8056DB5F5}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP2 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99E4B1C5-560A-4A7C-9F29-8AD8C308D0C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99E4B1C5-560A-4A7C-9F29-8AD8C308D0C0}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C76EF0BB-5A14-45D7-989E-64E242B30425}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C76EF0BB-5A14-45D7-989E-64E242B30425}" => key removed successfully
C:\Windows\System32\Tasks\CPGIAIDSLMSETGHO not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CPGIAIDSLMSETGHO" => key removed successfully
C:\Windows\Tasks\APSnotifierPP1.job not found.
C:\Windows\Tasks\APSnotifierPP2.job not found.
C:\Windows\Tasks\APSnotifierPP3.job not found.
C:\Windows\Tasks\CPGIAIDSLMSETGHO.job not found.
C:\Windows\Tasks\RVSCCJTAIRYAFTMB.job not found.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{288E03B8-73E5-4793-8E72-A28E6FA08944} canceled.
{1F405973-93B9-43D1-BFAA-DA64E4A7D777} canceled.
{4C911FBB-C78A-40E6-92DB-EC5C86CAAF77} canceled.
{59CDBB4D-9DAD-49CE-A26C-CAC3D31D3192} canceled.
{5E4DF731-A0DB-4502-B708-31FD1D67BB9D} canceled.
5 out of 5 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
EmptyTemp: => 1.3 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 10:49:09 ====
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 7 Home Premium x64
Ran by Speed X8 on 21/08/2015 at 10:59:16.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully deleted: [Service] financealert [Reboot required]
Successfully deleted: [Service] sushileadsupdaterservice [Reboot required]
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\SushiLeads
Successfully deleted: [Task] C:\Windows\system32\tasks\SushiLeads
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_F1BA588C2AF109267478C15A136C8EC3
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\sushileadsapplication
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL\\Default
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Speed X8\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Successfully deleted: [File] C:\Users\Speed X8\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
 
 
 
~~~ Folders
 
Failed to delete: [Folder] C:\Program Files (x86)\ninja loader
Failed to delete: [Folder] C:\Users\Speed X8\Appdata\Local\ninja loader
Successfully deleted: [Empty Folder] C:\Users\Speed X8\Appdata\Local\{426350ED-ED5C-49CB-9368-682844450019}
Successfully deleted: [Empty Folder] C:\Users\Speed X8\Appdata\Local\{DAE96846-2289-4E43-8768-E43CBDC09EFC}
Successfully deleted: [Folder] C:\Program Files (x86)\norton safe web lite
Successfully deleted: [Folder] C:\Program Files (x86)\predm
Successfully deleted: [Folder] C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56
Successfully deleted: [Folder] C:\ProgramData\financealert
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bcool
Successfully deleted: [Folder] C:\users\Public\Documents\guid
Successfully deleted: [Folder] C:\users\Public\Documents\pc faster
Successfully deleted: [Folder] C:\Users\Speed X8\Appdata\Local\financealert
Successfully deleted: [Folder] C:\Users\Speed X8\Appdata\LocalLow\smartweb
Successfully deleted: [Folder] C:\Users\Speed X8\AppData\Roaming\nico mak computing
Successfully deleted: [Folder] C:\Program Files (x86)\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56
Successfully deleted: [Folder] C:\ProgramData\28341ff220e0446c9fff27c4493d622e
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\Speed X8\AppData\Roaming\mozilla\firefox\profiles\6p4gp8b1.default\prefs.js
 
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, cor);
user_pref(browser.search.searchengine.uid, ST2000DL001-9VT156_5YD0G85QXXXX5YD0G85Q);
 
 
 
~~~ Chrome
 
 
[C:\Users\Speed X8\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Speed X8\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Speed X8\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Speed X8\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/08/2015 at 11:05:15.75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v5.003 - Logfile created 21/08/2015 at 11:12:54
# Updated 20/08/2015 by Xplode
# Database : 2015-08-20.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Speed X8 - SPEEDX8-PC
# Running from : C:\Users\Speed X8\Desktop\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : FinanceAlert
[-] Service Deleted : SushiLeadsUpdaterService
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\sushileads
[-] Folder Deleted : C:\ProgramData\sushileads
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
[-] File Deleted : C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : SushiLeads
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\Microsoft\KanarCore
[-] Key Deleted : HKCU\Software\TutoTag
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\NpApp
[-] Key Deleted : HKLM\SOFTWARE\Tutorials
[-] Key Deleted : HKLM\SOFTWARE\FlashBeat
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FinanceAlert
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sushileads
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[!] Key Not Deleted : [x64] HKCU\Software\AnyProtect
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\KanarCore
[!] Key Not Deleted : [x64] HKCU\Software\TutoTag
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[!] Key Not Deleted : [x64] HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : [x64] HKLM\SOFTWARE\FlashBeat
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
[-] [C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : street-fighter-mugen.en.softonic.com
[-] [C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : feed.snapdo.com
 
*************************
 
:: TCP/IP settings cleared
:: Firewall settings cleared
:: IPSec settings cleared
:: BITS queue cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [3945 bytes] ##########
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
Ran by Speed X8 (administrator) on SPEEDX8-PC (21-08-2015 11:22:41)
Running from C:\Users\Speed X8\Desktop
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\SystemSearchIndexer\SystemSearchIndexer.exe
() C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11858536 2011-06-07] (Realtek Semiconductor)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [697640 2010-02-10] (CyberLink Corporation.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-18] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [Mirroring360] => C:\Program Files (x86)\Mirroring360\Mirroring360.exe [9966416 2014-10-15] (Splashtop Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-20] (AVAST Software)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [IndieCity Client] => C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe -m
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk [2012-09-14]
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-20] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-975855429-1586840072-3018677650-1000] => http=127.0.0.1:8800
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{283D9FDB-27F4-4CC0-B300-A9CF3572C5A7}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{5FECFA46-5C30-449C-90BC-691D6E34E6C0}: [DhcpNameServer] 192.168.42.129
 
FireFox:
========
FF ProfilePath: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Speed X8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-20] ()
FF SearchPlugin: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\searchplugins\google-avast.xml [2015-08-20]
FF Extension: LastPass - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-08-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-12]
 
Chrome: 
=======
CHR Profile: C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-20]
CHR Extension: (Subscriptions Grid For YouTube™) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjhgnfnmijfkmcddcmffeamphmmeed [2015-08-20]
CHR Extension: (AdBlock) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-20]
CHR Extension: (Avast Online Security) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-20]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-12]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-20] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-20] (Avast Software)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [938776 2013-05-17] (BitRaider, LLC)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-26] (EasyAntiCheat Ltd)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2928128 2012-11-19] (PACE Anti-Piracy, Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-15] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NinjaLoaderService; "C:\Program Files (x86)\Ninja Loader\NinjaMaintainer.exe" /svc [X]
S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-20] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-20] (AVAST Software)
R5 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-20] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-20] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-20] (AVAST Software)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-04-04] (BitRaider)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-03-16] ()
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-09-29] (MotioninJoy) [File not signed]
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-20] (AVAST Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 Tpkd; C:\Windows\System32\Drivers\Tpkd.sys [105624 2012-11-17] (PACE Anti-Piracy, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-20] (Avast Software)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-21 11:22 - 2015-08-21 11:23 - 00031584 _____ C:\Users\Speed X8\Desktop\FRST.txt
2015-08-21 11:16 - 2015-08-21 11:16 - 00004084 _____ C:\Users\Speed X8\Desktop\AdwCleaner[C3].txt
2015-08-21 11:05 - 2015-08-21 11:05 - 00004405 _____ C:\Users\Speed X8\Desktop\JRT.txt
2015-08-21 10:58 - 2015-08-21 10:58 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Speed X8\Downloads\JRT.exe
2015-08-21 10:58 - 2015-08-21 10:58 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Speed X8\Desktop\JRT.exe
2015-08-21 10:32 - 2015-08-21 10:36 - 00000000 ____D C:\ProgramData\SystemSearchIndexer
2015-08-21 10:32 - 2015-08-21 10:32 - 00003944 _____ C:\Windows\System32\Tasks\SystemSearchIndexer
2015-08-21 10:32 - 2015-08-21 10:32 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Loader
2015-08-20 22:45 - 2015-08-21 11:14 - 00000436 _____ C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2015-08-20 22:45 - 2015-08-20 22:45 - 00003540 _____ C:\Windows\System32\Tasks\ToolsUpdatePlatform_ScheduledTask
2015-08-20 22:45 - 2015-08-20 22:45 - 00000000 ____D C:\Program Files (x86)\ToolsUpdatePlatform
2015-08-20 21:52 - 2015-08-20 21:53 - 00137859 _____ C:\Users\Speed X8\Downloads\Addition.txt
2015-08-20 21:51 - 2015-08-21 11:22 - 00000000 ___DC C:\FRST
2015-08-20 21:51 - 2015-08-20 21:53 - 00084307 _____ C:\Users\Speed X8\Downloads\FRST.txt
2015-08-20 21:51 - 2015-08-20 21:51 - 02173952 _____ (Farbar) C:\Users\Speed X8\Desktop\FRST64.exe
2015-08-20 21:32 - 2015-08-20 21:32 - 00246100 _____ C:\Users\Speed X8\Downloads\Extras.Txt
2015-08-20 21:30 - 2015-08-20 21:30 - 00177820 _____ C:\Users\Speed X8\Downloads\OTL.Txt
2015-08-20 20:47 - 2015-08-20 20:42 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-20 20:46 - 2015-08-20 20:47 - 01605632 _____ C:\Users\Speed X8\Desktop\AdwCleaner (1).exe
2015-08-20 20:46 - 2015-08-20 20:46 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-20 20:44 - 2015-08-20 20:44 - 00602112 _____ (OldTimer Tools) C:\Users\Speed X8\Downloads\OTL.exe
2015-08-20 20:42 - 2015-08-20 20:42 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-08-20 20:34 - 2015-08-20 20:34 - 00000000 ____D C:\Users\Speed X8\Documents\ProcAlyzer Dumps
2015-08-20 09:42 - 2015-08-20 09:42 - 00001504 _____ C:\ProgramData\tempimage.bmp
2015-08-19 23:54 - 2015-08-11 02:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:54 - 2015-08-11 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 20:54 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150819-205448.backup
2015-08-19 19:55 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-19 19:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-19 19:50 - 2015-08-19 20:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-19 19:50 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2015-08-19 19:50 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-08-19 19:49 - 2015-08-19 19:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Speed X8\Downloads\spybot-2.4.exe
2015-08-19 18:46 - 2015-08-20 21:43 - 00000000 ____C C:\dummy.htm
2015-08-19 18:42 - 2015-08-19 18:43 - 00000904 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-08-19 18:35 - 2015-08-19 18:56 - 00002192 _____ C:\Users\Speed X8\Desktop\chrome.lnk
2015-08-19 18:35 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-19 18:31 - 2015-08-21 11:14 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2015-08-19 18:31 - 2015-08-19 18:31 - 00003200 _____ C:\Windows\System32\Tasks\crash_service
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Speed X8\AppData\Local\MiniService
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-08-19 18:30 - 2015-08-19 18:40 - 00000000 ____D C:\ProgramData\Sublight
2015-08-19 18:30 - 2015-08-19 18:30 - 00000000 ____D C:\ProgramData\Sublights
2015-08-19 16:43 - 2015-08-19 16:43 - 00003206 _____ C:\Windows\System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF}
2015-08-19 16:40 - 2015-08-19 16:40 - 00000053 _____ C:\Windows\Directx.log
2015-08-19 16:26 - 1999-12-16 15:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe
2015-08-18 19:43 - 2015-08-18 19:43 - 00000000 _____ C:\Users\Speed X8\apploc.msi
2015-08-18 19:31 - 2015-08-18 19:31 - 01391104 _____ C:\apploc.msi
2015-08-18 19:19 - 2015-08-18 19:19 - 00003216 _____ C:\Windows\System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77}
2015-08-12 00:37 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:37 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:02 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:02 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:02 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:02 - 2015-07-15 19:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 19:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:02 - 2015-07-15 19:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 21:02 - 2015-07-15 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 21:02 - 2015-07-15 19:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 21:02 - 2015-07-15 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 21:02 - 2015-07-15 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 21:02 - 2015-07-15 18:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 18:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 21:02 - 2015-07-15 18:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 21:02 - 2015-07-15 18:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 21:02 - 2015-07-15 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 21:02 - 2015-07-15 18:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 21:02 - 2015-07-15 17:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 21:02 - 2015-07-15 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 21:02 - 2015-07-15 17:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:01 - 2015-07-21 01:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 21:01 - 2015-07-21 01:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 21:01 - 2015-07-16 21:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 21:01 - 2015-07-16 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 21:01 - 2015-07-16 21:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 21:01 - 2015-07-16 21:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 21:01 - 2015-07-16 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 21:01 - 2015-07-16 20:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 21:01 - 2015-07-16 20:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 21:01 - 2015-07-16 20:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 21:01 - 2015-07-16 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 21:01 - 2015-07-16 20:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 21:01 - 2015-07-16 20:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 21:01 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 21:01 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 21:01 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 21:00 - 2015-07-30 17:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 21:00 - 2015-07-30 17:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 21:00 - 2015-07-30 17:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 21:00 - 2015-07-16 21:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 21:00 - 2015-07-16 21:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 21:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 21:00 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 21:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 21:00 - 2015-07-16 21:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 21:00 - 2015-07-16 20:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 21:00 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 21:00 - 2015-07-16 20:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 20:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 21:00 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 21:00 - 2015-07-16 20:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 21:00 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 21:00 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 21:00 - 2015-07-15 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 04:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 21:00 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 20:59 - 2015-07-20 18:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 20:59 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 20:59 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 20:59 - 2015-05-09 19:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-27 17:52 - 2015-07-27 17:52 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (9).plr
2015-07-26 18:19 - 2015-07-26 18:19 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (8).plr
2015-07-26 18:17 - 2015-07-26 18:17 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (7).plr
2015-07-26 18:13 - 2015-07-26 18:13 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (6).plr
2015-07-26 18:11 - 2015-07-26 18:11 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (5).plr
2015-07-26 18:05 - 2015-07-26 18:05 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (4).plr
2015-07-26 18:04 - 2015-07-26 18:04 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (3).plr
2015-07-26 17:54 - 2015-07-26 17:54 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (2).plr
2015-07-26 17:47 - 2015-07-26 17:47 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (1).plr
2015-07-23 16:23 - 2015-07-23 16:23 - 00000000 ____D C:\Users\Speed X8\AppData\Local\CEF
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-21 11:20 - 2012-03-14 14:10 - 01832597 _____ C:\Windows\WindowsUpdate.log
2015-08-21 11:18 - 2012-03-15 14:37 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-21 11:15 - 2012-06-03 15:43 - 00000000 ____D C:\Users\Speed X8\AppData\Local\LogMeIn Hamachi
2015-08-21 11:14 - 2014-12-30 20:48 - 00057788 _____ C:\Windows\setupact.log
2015-08-21 11:14 - 2013-11-08 13:06 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-21 11:14 - 2012-03-14 14:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-21 11:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 11:12 - 2014-08-29 10:37 - 00000000 ___DC C:\AdwCleaner
2015-08-21 11:08 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-21 11:08 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-21 10:59 - 2012-03-30 13:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-21 10:50 - 2014-12-31 11:41 - 00597546 _____ C:\Windows\PFRO.log
2015-08-21 10:50 - 2012-12-10 23:14 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2015-08-21 10:47 - 2013-11-08 13:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-21 10:47 - 2012-03-14 15:13 - 00000000 ____D C:\Windows\system32\temp
2015-08-21 10:38 - 2015-05-13 19:52 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\uTorrent
2015-08-21 10:35 - 2014-10-22 17:39 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-08-21 10:35 - 2014-10-22 17:39 - 00000000 ____D C:\Windows\system32\vbox
2015-08-21 10:33 - 2012-03-15 14:26 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{767B4E75-0A22-454C-8045-6C88693109B7}
2015-08-21 10:29 - 2013-03-16 17:46 - 00000392 _____ C:\Windows\Tasks\WpsUpdateTask_Speed X8.job
2015-08-21 10:28 - 2015-05-07 16:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-21 10:08 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-21 10:07 - 2012-03-14 14:11 - 00001317 _____ C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-20 23:28 - 2014-01-14 15:08 - 00000000 ____D C:\Users\Speed X8\AppData\Local\Battle.net
2015-08-20 20:58 - 2013-11-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-20 20:48 - 2015-03-12 17:48 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-20 20:43 - 2015-03-12 17:48 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-19 23:24 - 2012-03-17 21:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Mumble
2015-08-19 18:55 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-19 18:33 - 2015-04-19 12:30 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieBrowserModeList
2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieUserList
2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieSiteList
2015-08-19 16:34 - 2014-01-14 15:10 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-19 16:32 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-18 19:43 - 2012-03-14 14:10 - 00000000 ____D C:\Users\Speed X8
2015-08-14 21:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-08-14 20:32 - 2012-03-15 06:04 - 00000000 ____D C:\Windows\Panther
2015-08-14 20:28 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-12 10:22 - 2009-07-14 05:45 - 00290992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 10:19 - 2014-12-12 17:17 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 10:19 - 2014-05-07 00:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 00:37 - 2013-03-14 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 00:32 - 2014-08-29 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 00:26 - 2014-08-29 11:22 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:59 - 2012-03-30 13:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 21:59 - 2012-03-30 13:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 21:59 - 2012-03-22 20:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-10 11:07 - 2015-04-24 10:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-10 10:36 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-04 10:48 - 2012-06-03 15:42 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-03 12:12 - 2012-06-28 11:58 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-31 18:45 - 2014-05-17 18:29 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\.minecraft
 
==================== Files in the root of some directories =======
 
2015-05-23 23:43 - 2015-05-23 23:43 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-06-17 18:22 - 2013-06-17 18:21 - 0001160 _____ () C:\Users\Speed X8\AppData\Roaming\mods - Shortcut.lnk
2014-06-28 18:47 - 2015-04-25 22:19 - 0002031 _____ () C:\Users\Speed X8\AppData\Roaming\SpeedRunnersLog.txt
2015-04-25 22:20 - 2015-04-25 22:21 - 0002608 _____ () C:\Users\Speed X8\AppData\Roaming\TargetInvocationLog.txt
2013-06-17 18:22 - 2013-06-17 18:23 - 0047104 ___SH () C:\Users\Speed X8\AppData\Roaming\Thumbs.db
2013-09-30 09:34 - 2013-09-30 09:34 - 0000097 _____ () C:\Users\Speed X8\AppData\Roaming\WB.CFG
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\Speed X8\AppData\Local\datos.txt
2015-04-25 14:36 - 2015-04-25 14:36 - 0006605 _____ () C:\Users\Speed X8\AppData\Local\recently-used.xbel
2012-09-11 14:37 - 2012-07-13 14:37 - 0000032 ____R () C:\ProgramData\hash.dat
2014-08-31 23:22 - 2014-08-31 23:22 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-08-20 09:42 - 2015-08-20 09:42 - 0001504 _____ () C:\ProgramData\tempimage.bmp
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-14 21:22
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-08-2015
Ran by Speed X8 (2015-08-21 11:23:29)
Running from C:\Users\Speed X8\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-975855429-1586840072-3018677650-500 - Administrator - Disabled)
Guest (S-1-5-21-975855429-1586840072-3018677650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-975855429-1586840072-3018677650-1003 - Limited - Enabled)
Speed X8 (S-1-5-21-975855429-1586840072-3018677650-1000 - Administrator - Enabled) => C:\Users\Speed X8
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
AChat 1.18 (HKLM-x32\...\AChat_is1) (Version:  - AChat Animation Studios)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Airline Tycoon 2 (HKLM-x32\...\Steam App 201490) (Version:  - )
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Antares Auto-Tune 7 VST (HKLM\...\{8E7715AA-E19B-44E8-AE4C-FB5B37B7E2D9}) (Version: 7.05.0004 - Antares Audio Technologies)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARMA 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2 Dedicated Server (HKLM-x32\...\Steam App 33905) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead - Dedicated Server (HKLM-x32\...\Steam App 33935) (Version:  - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Auto-Tune EFX 2 (HKLM\...\{CCF89E7D-8BFC-4B3C-8C9C-8C4E9EF8BA45}) (Version: 2.1 - Antares Audio Technologies)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)
Bloody Trapland (HKLM-x32\...\Steam App 257750) (Version:  - 2Play)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnInTest v7.0 Pro (HKLM\...\BurnInTest_is1) (Version: 7.0 - Passmark Software)
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version:  - Stainless Games Ltd)
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Crawl (HKLM-x32\...\Steam App 293780) (Version:  - Powerhoof)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3721 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.6210 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1423 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3518.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{BAD8395E-CE31-44AA-B9FE-A14FCD0ABE4A}) (Version: 0.9.110 - Dotjosh Studios)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
DUNGEONS - Steam Special Edition (HKLM-x32\...\Steam App 57650) (Version:  - Realmforge Studios)
DUNGEONS - The Dark Lord (Steam Special Edition) (HKLM-x32\...\Steam App 200550) (Version:  - )
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - )
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Easy Tune 6 B11.0630.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FaceTrackNoIR version 1.7 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7 - FaceTrackNoIR Team)
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeTrack v2.2.0.279 (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\FreeTrack v2.2.0.279) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - )
FrostWire 5.3.5 (HKLM-x32\...\FrostWire 5) (Version: 5.3.5.0 - FrostWire Team)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game Dev Tycoon version 1.3.2 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.2 - Greenheart Games Pty. Ltd.)
GameFly (HKLM-x32\...\GameFly) (Version: 1.2.378 - GameFly, Inc.)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Gang Beasts (HKLM-x32\...\Steam App 285900) (Version:  - Boneloaf)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version:  - Positech Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hidden in Plain Sight (HKLM-x32\...\Steam App 303590) (Version:  - Adam Spragg)
Hyrule Total War 3 Patch (HKLM-x32\...\{90D07AB1-663A-4F45-8BB8-E0763C8C8D1A}) (Version: 1.0.0 - Parallel Process)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java™ 6 Update 39 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416039FF}) (Version: 6.0.390 - Oracle)
Java™ 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
join.me (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\JoinMe) (Version: 1.17.1.162 - LogMeIn, Inc.)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
Kingsoft Spreadsheets  (8.1.0.3030) (HKLM-x32\...\Kingsoft Spreadsheets) (Version: 8.1.0.3030 - Kingsoft Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Magic The Gathering Online  (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\9f2df17776476c05) (Version: 3.4.77.332 - Wizards of the Coast)
Magic: The Gathering - Duels of the Planeswalkers (HKLM-x32\...\Steam App 49400) (Version:  - Stainless Games Ltd)
March of War: Face Off (HKLM-x32\...\Steam App 323900) (Version:  - ISOTX)
Marvel Heroes (HKLM-x32\...\marvelheroesbeta) (Version: 1.8.0.302 - Gazillion Entertainment)
Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version:  - )
Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version:  - )
Mashed (HKLM-x32\...\Steam App 281280) (Version:  - Supersonic Software)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version:  - The Creative Assembly)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Mirroring360 (HKLM-x32\...\{2143C7CF-6CBA-4513-AC73-D410DEC57BFC}) (Version: 1.2.0.4 - Splashtop Inc.)
MNR -2litres - Horndean (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\MNR -2litres - Horndean) (Version:  - )
Mobiloid Demo (HKLM-x32\...\IndieCity-{43591a95-bcfd-478c-86ca-003a99d5ae0b}) (Version:  - Montrezina)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-GB)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
NBTExplorer (HKLM-x32\...\{06107EDA-5B85-4CEC-AB1E-8350DEC15231}) (Version: 2.7.4.0 - Justin Aquadro)
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version:  - Bugbear)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version:  - Bugbear)
Ninja Loader (HKLM-x32\...\Ninja Loader) (Version: 198.0.0.605 - CLICK YES BELOW LP)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Orcs Must Die 2 Workshop Tool (HKLM-x32\...\Steam App 242150) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22479 - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version:  - PopCap)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version:  - PopCap)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version:  - PokerStars.uk)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version:  - )
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
RPG Maker XP (HKLM-x32\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
SecondLifeBetaViewer (remove only) (HKLM-x32\...\SecondLifeBetaViewer) (Version:  - )
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Shatter (HKLM-x32\...\Steam App 20820) (Version:  - Sidhe)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
Silent Storm (HKLM-x32\...\Steam App 254960) (Version:  - Nival)
Silent Storm Sentinels (HKLM-x32\...\Steam App 254980) (Version:  - )
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7016 - Six Projects)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
TerraTech Demo (HKLM-x32\...\Steam App 313990) (Version:  - Payload Studios)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
Tools Update Platform (HKLM-x32\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 1.1.0.15773 - Beijing Zhihuimen Techology co,.Ltd)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version:  - Creative Assembly)
Towns (HKLM-x32\...\Steam App 221020) (Version:  - )
Toy Soldiers (HKLM-x32\...\Steam App 98300) (Version:  - Signal Studios)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version:  - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Ino-Co Plus)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10650 - WinZip Computing, S.L. )
Wizorb (HKLM-x32\...\Steam App 207420) (Version:  - )
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version:  - Team17)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
21-08-2015 10:59:16 JRT Pre-Junkware Removal
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2015-08-19 20:54 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0793DEB0-D40C-4788-9C44-C530DE22B040} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {1531C316-5DD4-43F5-8BB7-D1094259E97B} - System32\Tasks\{286FED16-89AD-41FA-B336-C878763B2EBC} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {1C28571E-B8F9-4751-9B62-5DCACC1EBBE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1D855AD1-E04A-4E97-B733-8256DD0834C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {351EED9F-F898-461A-8A89-2F1F96EAE91B} - System32\Tasks\{015CF1CB-F6C9-49FB-A90E-982A10B08A69} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {37DF7685-46C7-46D6-B9F0-2B80072AFF8C} - System32\Tasks\SystemSearchIndexer => C:\ProgramData\SystemSearchIndexer\SystemSearchIndexer.exe [2015-08-21] () <==== ATTENTION
Task: {49CB8988-1A24-440D-88C0-19C4AFBEC1BC} - System32\Tasks\{0807DA71-B6F4-49B9-BBB0-E0854F2ABFC0} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {69C2FB89-A68C-41D5-B6A8-AF1028C409C0} - System32\Tasks\{9289B819-C4CD-43A3-953F-675C1133513F} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {6E04465B-6C12-4E56-93B0-2AB6FB9A0C7A} - System32\Tasks\{A03ADA05-3C49-42AF-9AA8-4F4D4799D68B} => pcalua.exe -a "C:\Users\Speed X8\Downloads\HorndeanRX.exe" -d "C:\Users\Speed X8\Downloads"
Task: {7FD075DA-E5A1-4DD6-BB1C-AEFB8DBF07C1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {83D175D2-F77D-4A18-AF1E-FF5C3F70A2A7} - System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF} => pcalua.exe -a "C:\Users\Speed X8\Desktop\New folder (2)\BUNNYUST.EXE" -d "C:\Users\Speed X8\Desktop\New folder (2)"
Task: {9473A819-07C7-4DE4-A5A9-D2E85121F58B} - System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => pcalua.exe -a "C:\Users\Speed X8\Desktop\JX^€Ch3D\Installer.exe" -d "C:\Users\Speed X8\Desktop\JX^€Ch3D"
Task: {97A20080-6D51-4DD1-8B9C-3A2F118F0613} - System32\Tasks\crash_service => C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe
Task: {9876CA81-F86B-4066-ADAF-F2113D0B9E96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {9A166EB4-E047-4F95-A1D7-3E93A73322C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A06419F4-D3A9-4255-A4FA-72451E12A59B} - System32\Tasks\{35EFDB9A-0F99-4935-81C2-571069624150} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1075-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {AA6DB421-83C3-446D-B99F-6F4D648F5C9C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {B2760364-CF81-4BDB-B568-B1ABF51C49AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {B4B6995A-60FD-4CF8-9BDE-CDE10962C7B2} - System32\Tasks\{94946A22-1B4E-4768-8F4C-08540FEB21F6} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {C2CE4F4E-BE46-41CF-BBB8-EBE279108B47} - System32\Tasks\{9D8E0C13-765B-4D19-BC69-2137BE3AABFB} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {CFB3BA4B-8C6A-4783-BB44-B320D35B5063} - System32\Tasks\{1A4338B1-89FF-4018-B394-19B364430E88} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {DD959D27-44EE-4B06-A828-F9132D437B3B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {F1CF0726-424C-4A74-BF6A-D135AFABC4CE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {F2A84BEA-2943-4CDA-920D-AE96FDA71A3E} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [2015-07-07] ()
Task: {FBF6EAD0-1555-45C6-8525-F36E7BE6394E} - System32\Tasks\{49BC5B3B-F531-493B-BB3D-34464A9E50E3} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {FC6E5ED8-4083-42BD-B512-A8100B08055E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-20] (AVAST Software)
Task: {FC88C451-A7A0-4EA4-94B3-E6F839EEA182} - System32\Tasks\WpsUpdateTask_Speed X8 => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe [2013-06-05] (Kingsoft Corp. Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Speed X8.job => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-04-08 00:19 - 2015-05-12 04:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-21 10:32 - 2015-08-21 10:32 - 00388160 _____ () C:\ProgramData\SystemSearchIndexer\SystemSearchIndexer.exe
2015-07-07 07:49 - 2015-07-07 07:49 - 00635128 _____ () C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
2013-08-15 18:59 - 2013-08-15 19:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-20 20:44 - 2015-08-20 20:44 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-20 20:25 - 2015-08-20 20:25 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15082001\algo.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-26 17:09 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2012-03-14 14:18 - 2010-02-09 11:52 - 33735976 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-03-12 17:47 - 2015-03-12 17:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-19 19:50 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-08-13 21:11 - 2015-08-08 01:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 21:11 - 2015-08-08 01:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-13 21:11 - 2015-08-08 01:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5D34EECB-21D4-424D-9DE7-470712A2D3D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{36BD4955-5723-430F-8244-E9B4B1A7CAA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/21/2015 11:15:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:54:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:47:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:46:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3ff12407-2778-4d0b-a8b5-d39944fede06}
 
Error: (08/21/2015 10:29:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:24:04 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvStreamUserAgent restarted too many times in a short period. Aborting. [0]).
 
Error: (08/21/2015 10:09:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:08:14 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2956) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
 
Error: (08/20/2015 09:02:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 09:01:34 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2732) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
 
 
System errors:
=============
Error: (08/21/2015 11:16:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (08/21/2015 11:16:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (08/21/2015 11:15:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (08/21/2015 11:15:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (08/21/2015 11:14:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error: 
%%2
 
Error: (08/21/2015 11:14:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Ninja Loader Service service failed to start due to the following error: 
%%2
 
Error: (08/21/2015 11:14:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: 
%%2
 
Error: (08/21/2015 11:14:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/21/2015 11:13:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error: 
%%1069
 
Error: (08/21/2015 11:13:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
 
Microsoft Office:
=========================
Error: (08/21/2015 11:15:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:54:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:47:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:46:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3ff12407-2778-4d0b-a8b5-d39944fede06}
 
Error: (08/21/2015 10:29:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:24:04 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvStreamUserAgent restarted too many times in a short period. Aborting. [0]
 
Error: (08/21/2015 10:09:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:08:14 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2956WindowsMail0:
 
Error: (08/20/2015 09:02:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/20/2015 09:01:34 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2732WindowsMail0:
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 16367.3 MB
Available physical RAM: 12419.22 MB
Total Virtual: 32732.81 MB
Available Virtual: 28472.23 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1333.05 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D2DB4A79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
==================== End of log ============================
 

  • 0

#4
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Hi,



Thanks for the fast response! :)

Hello, you're quite welcome. :)

I have a quick question: Are you running a proxy server on your machine, as I see one in the latest FRST log that you provided. Please let me know, and I'll prepare the next set of instructions. Also, how is the machine running at this time?
  • 0

#5
Alkalidum

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hmm..I'm not very good with computers so not really sure what a proxy server is, however after i ran AdwCleaner and my PC rebooted i tried to load up chrome and i wasn't able to load up any pages, it said about disabling a proxy setting which i did then chrome worked fine.

 

The PC seems to be running slower than usual and something called Ninja Loader is showing up in my start menu.


  • 0

#6
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Basically a proxy server Is a machine that your computer would go through before getting to the Internet. What it would do is all of your traffic that goes through the internet would go through it, and then to the internet anything coming back would go through it and then to your machine. If you have a Wi-Fi connection, or a direct connection to your router or modem, I will remove the proxy from the system. I didn't see it in your initial logs, and it looks like it is a known malware proxy.

I will have further instructions this evening, as I'm about to leave for work. we will also be removing the ninja loader that you are seeing as well. :-)
  • 0

#7
Alkalidum

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Ah i see, my PC is connected directly to my router.

 

 

 

I will have further instructions this evening, as I'm about to leave for work. we will also be removing the ninja loader that you are seeing as well. :-) 

 

Sounds good! :)


  • 0

#8
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Thank you for your response, let's continue. :thumbsup:


Step 1: Disable Spybot's Tea Timer


There are two ways to disable TeaTimer

1)
  • Launch Spybot Search & Destroy icon_Spybot_-_Search_and_Destroy.png
  • In the Menu, Select Mode and choose Advanced Mode
  • Click Yes in the confirmation dialogue box
  • click on Tools to expand the menu. Make sure that Resident is checked and then click Resident in the left pane.
  • In the right pane uncheck Resident "Tea timer" (Protection of over-all system settings) to disable it.
  • Uncheck the TeaTimer box and OK any prompts.
  • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
  • Exit Spybot S&D when done.
  • (Once you are clean, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.]
2)
  • Right click the TeaTimer icon in the system Tray MHoTT005.gif
  • Then click Exit Spybot-S&D Resident
  • (One you are clean you can restart TeaTimer by going to C:\Program Files\Spybot - Search & Destroy, and double clicking on TeaTimer.exe
Step 2: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
ProxyServer: [S-1-5-21-975855429-1586840072-3018677650-1000] => http=127.0.0.1:8800
S2 NinjaLoaderService; "C:\Program Files (x86)\Ninja Loader\NinjaMaintainer.exe" /svc [X]
C:\Program Files (x86)\Ninja Loader
C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Loader
C:\ProgramData\hash.dat
C:\Windows\System32\Tasks\crash_service
C:\Users\Speed X8\AppData\Local\BoBrowser
Task: {97A20080-6D51-4DD1-8B9C-3A2F118F0613} - System32\Tasks\crash_service => C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe
RemoveProxy:
Emptytemp:
Hosts:
End



Step 3: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Things I need to see in your next post

Fixlog.txt Log

Frest FRST.txt Log

  • 0

#9
Alkalidum

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hey,

 

Just got back from a night of drinking so will follow these steps in the morning, However after turning on my PC i got a popup about upgrading to Windows 10 and wasn't sure if it was legitimate or from the virus, Im currently using Windows 7. Thought i better let you know as ive never seen this popup before and looks genuine.


  • 0

#10
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
No problem, we do this on the schedule that works best for you. :thumbsup: That window is probably legitimate, as Microsoft is trying to get people to upgrade. But I would hold off if you plan to upgrade until we get finished with the cleaning. :-)
  • 0

Advertisements


#11
Alkalidum

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hey again :)

 

Just tried to do step 1 but i'm a bit confused, i launch spybot and there doesn't appear to be any menu with tools, im probably just being an idiot lol, i clicked 'startup tools' but couldn't see no resident or teatimer.

This is what i see:

 

http://postimg.org/image/jvltgfuih/

 

I also tried #2 in step one, i went to C:\Program Files\Spybot - Search & Destroy but nothing is there, however in C:\Program Files (x86) there is a folder called 'Spybot - Search & Destroy 2' but there is no TeaTimer.exe in that folder.

 

Edit: I think i know why my PC is running slower than usual too, just looked in task manager and my System Idle Process is running up my CPU like crazy  :wacko:


Edited by Alkalidum, 22 August 2015 - 03:22 AM.

  • 0

#12
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Hey again :)
 
Just tried to do step 1 but i'm a bit confused, i launch spybot and there doesn't appear to be any menu with tools, im probably just being an idiot lol, i clicked 'startup tools' but couldn't see no resident or teatimer.
This is what i see:
 
http://postimg.org/image/jvltgfuih/
 
I also tried #2 in step one, i went to C:\Program Files\Spybot - Search & Destroy but nothing is there, however in C:\Program Files (x86) there is a folder called 'Spybot - Search & Destroy 2' but there is no TeaTimer.exe in that folder.
 
Edit: I think i know why my PC is running slower than usual too, just looked in task manager and my System Idle Process is running up my CPU like crazy  :wacko:


No worries. :) Try these instructions below, and if they do not coincide with what you see, please continue on with the next steps in post #8. :thumbsup:

Run Spybot-S&D, switch to the Advanced mode via the menu bar item Mode → hit Yes → select Tools in the navigation bar on the left → Resident and there you can untick the checkboxes in front of the two tools.
  • 0

#13
Alkalidum

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

 

 

No worries.  :) Try these instructions below, and if they do not coincide with what you see, please continue on with the next steps in post #8.  :thumbsup:

Run Spybot-S&D, switch to the Advanced mode via the menu bar item Mode → hit Yes → select Tools in the navigation bar on the left → Resident and there you can untick the checkboxes in front of the two tools. 

 

Couldnt find these options either :upset:  so i went onto step 2

 

Fix result of Farbar Recovery Scan Tool (x64) Version:20-08-2015
Ran by Speed X8 (2015-08-22 12:10:04) Run:2
Running from C:\Users\Speed X8\Desktop
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
ProxyServer: [S-1-5-21-975855429-1586840072-3018677650-1000] => http=127.0.0.1:8800
S2 NinjaLoaderService; "C:\Program Files (x86)\Ninja Loader\NinjaMaintainer.exe" /svc [X]
C:\Program Files (x86)\Ninja Loader
C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Loader
C:\ProgramData\hash.dat
C:\Windows\System32\Tasks\crash_service
C:\Users\Speed X8\AppData\Local\BoBrowser
Task: {97A20080-6D51-4DD1-8B9C-3A2F118F0613} - System32\Tasks\crash_service => C:\Users\Speed X8\AppData\Local\BoBrowser\Application\crash_service.exe
RemoveProxy:
Emptytemp:
Hosts:
End
*****************
 
Restore point was successfully created.
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
NinjaLoaderService => service removed successfully
"C:\Program Files (x86)\Ninja Loader" => File/Folder not found.
C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ninja Loader => moved successfully
C:\ProgramData\hash.dat => moved successfully
C:\Windows\System32\Tasks\crash_service => moved successfully
"C:\Users\Speed X8\AppData\Local\BoBrowser" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97A20080-6D51-4DD1-8B9C-3A2F118F0613}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97A20080-6D51-4DD1-8B9C-3A2F118F0613}" => key removed successfully
C:\Windows\System32\Tasks\crash_service not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\crash_service" => key removed successfully
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 403.7 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 12:10:41 ====
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
Ran by Speed X8 (administrator) on SPEEDX8-PC (22-08-2015 12:16:40)
Running from C:\Users\Speed X8\Desktop
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\SystemSearchIndexer\SystemSearchIndexer.exe
() C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(NVIDIA Corporation) C:\Users\Speed X8\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11858536 2011-06-07] (Realtek Semiconductor)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [697640 2010-02-10] (CyberLink Corporation.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-18] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [Mirroring360] => C:\Program Files (x86)\Mirroring360\Mirroring360.exe [9966416 2014-10-15] (Splashtop Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-20] (AVAST Software)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [IndieCity Client] => C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe -m
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk [2012-09-14]
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-20] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
Tcpip\..\Interfaces\{283D9FDB-27F4-4CC0-B300-A9CF3572C5A7}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{5FECFA46-5C30-449C-90BC-691D6E34E6C0}: [DhcpNameServer] 192.168.42.129
 
FireFox:
========
FF ProfilePath: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Speed X8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-20] ()
FF SearchPlugin: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\searchplugins\google-avast.xml [2015-08-20]
FF Extension: LastPass - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-08-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-12]
 
Chrome: 
=======
CHR Profile: C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-20]
CHR Extension: (Subscriptions Grid For YouTube™) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjhgnfnmijfkmcddcmffeamphmmeed [2015-08-20]
CHR Extension: (AdBlock) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-20]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-12]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-20] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-20] (Avast Software)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [938776 2013-05-17] (BitRaider, LLC)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-26] (EasyAntiCheat Ltd)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2928128 2012-11-19] (PACE Anti-Piracy, Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-15] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-20] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-20] (AVAST Software)
R5 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-20] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-20] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-20] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-20] (AVAST Software)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-04-04] (BitRaider)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-03-16] ()
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-09-29] (MotioninJoy) [File not signed]
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-20] (AVAST Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 Tpkd; C:\Windows\System32\Drivers\Tpkd.sys [105624 2012-11-17] (PACE Anti-Piracy, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-20] (Avast Software)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-22 12:16 - 2015-08-22 12:17 - 00030599 _____ C:\Users\Speed X8\Desktop\FRST.txt
2015-08-22 00:23 - 2015-08-22 00:23 - 00000000 ____D C:\Users\Speed X8\AppData\Local\GWX
2015-08-21 10:58 - 2015-08-21 10:58 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Speed X8\Downloads\JRT.exe
2015-08-21 10:58 - 2015-08-21 10:58 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Speed X8\Desktop\JRT.exe
2015-08-21 10:32 - 2015-08-21 11:49 - 00000000 ____D C:\ProgramData\SystemSearchIndexer
2015-08-21 10:32 - 2015-08-21 10:32 - 00003944 _____ C:\Windows\System32\Tasks\SystemSearchIndexer
2015-08-20 22:45 - 2015-08-22 12:12 - 00000436 _____ C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2015-08-20 22:45 - 2015-08-20 22:45 - 00003540 _____ C:\Windows\System32\Tasks\ToolsUpdatePlatform_ScheduledTask
2015-08-20 22:45 - 2015-08-20 22:45 - 00000000 ____D C:\Program Files (x86)\ToolsUpdatePlatform
2015-08-20 21:52 - 2015-08-20 21:53 - 00137859 _____ C:\Users\Speed X8\Downloads\Addition.txt
2015-08-20 21:51 - 2015-08-22 12:16 - 00000000 ___DC C:\FRST
2015-08-20 21:51 - 2015-08-20 21:53 - 00084307 _____ C:\Users\Speed X8\Downloads\FRST.txt
2015-08-20 21:51 - 2015-08-20 21:51 - 02173952 _____ (Farbar) C:\Users\Speed X8\Desktop\FRST64.exe
2015-08-20 21:32 - 2015-08-20 21:32 - 00246100 _____ C:\Users\Speed X8\Downloads\Extras.Txt
2015-08-20 21:30 - 2015-08-20 21:30 - 00177820 _____ C:\Users\Speed X8\Downloads\OTL.Txt
2015-08-20 20:47 - 2015-08-20 20:42 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-20 20:46 - 2015-08-20 20:47 - 01605632 _____ C:\Users\Speed X8\Desktop\AdwCleaner (1).exe
2015-08-20 20:46 - 2015-08-20 20:46 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-20 20:44 - 2015-08-20 20:44 - 00602112 _____ (OldTimer Tools) C:\Users\Speed X8\Downloads\OTL.exe
2015-08-20 20:42 - 2015-08-20 20:42 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-08-20 20:34 - 2015-08-20 20:34 - 00000000 ____D C:\Users\Speed X8\Documents\ProcAlyzer Dumps
2015-08-20 09:42 - 2015-08-20 09:42 - 00001504 _____ C:\ProgramData\tempimage.bmp
2015-08-19 23:54 - 2015-08-11 02:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:54 - 2015-08-11 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 20:54 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150819-205448.backup
2015-08-19 19:55 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-19 19:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-19 19:50 - 2015-08-19 20:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-19 19:50 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2015-08-19 19:50 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-08-19 19:49 - 2015-08-19 19:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Speed X8\Downloads\spybot-2.4.exe
2015-08-19 18:46 - 2015-08-20 21:43 - 00000000 ____C C:\dummy.htm
2015-08-19 18:42 - 2015-08-19 18:43 - 00000904 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-08-19 18:35 - 2015-08-19 18:56 - 00002192 _____ C:\Users\Speed X8\Desktop\chrome.lnk
2015-08-19 18:35 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-19 18:31 - 2015-08-22 12:12 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Speed X8\AppData\Local\MiniService
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-08-19 18:30 - 2015-08-19 18:40 - 00000000 ____D C:\ProgramData\Sublight
2015-08-19 18:30 - 2015-08-19 18:30 - 00000000 ____D C:\ProgramData\Sublights
2015-08-19 16:43 - 2015-08-19 16:43 - 00003206 _____ C:\Windows\System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF}
2015-08-19 16:40 - 2015-08-19 16:40 - 00000053 _____ C:\Windows\Directx.log
2015-08-19 16:26 - 1999-12-16 15:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe
2015-08-18 19:43 - 2015-08-18 19:43 - 00000000 _____ C:\Users\Speed X8\apploc.msi
2015-08-18 19:31 - 2015-08-18 19:31 - 01391104 _____ C:\apploc.msi
2015-08-18 19:19 - 2015-08-18 19:19 - 00003216 _____ C:\Windows\System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77}
2015-08-12 00:37 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:37 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:02 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:02 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:02 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:02 - 2015-07-15 19:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 19:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:02 - 2015-07-15 19:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 21:02 - 2015-07-15 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 21:02 - 2015-07-15 19:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 21:02 - 2015-07-15 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 21:02 - 2015-07-15 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 21:02 - 2015-07-15 18:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 18:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 21:02 - 2015-07-15 18:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 21:02 - 2015-07-15 18:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 21:02 - 2015-07-15 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 21:02 - 2015-07-15 18:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 21:02 - 2015-07-15 17:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 21:02 - 2015-07-15 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 21:02 - 2015-07-15 17:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:01 - 2015-07-21 01:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 21:01 - 2015-07-21 01:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 21:01 - 2015-07-16 21:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 21:01 - 2015-07-16 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 21:01 - 2015-07-16 21:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 21:01 - 2015-07-16 21:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 21:01 - 2015-07-16 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 21:01 - 2015-07-16 20:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 21:01 - 2015-07-16 20:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 21:01 - 2015-07-16 20:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 21:01 - 2015-07-16 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 21:01 - 2015-07-16 20:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 21:01 - 2015-07-16 20:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 21:01 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 21:01 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 21:01 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 21:00 - 2015-07-30 17:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 21:00 - 2015-07-30 17:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 21:00 - 2015-07-30 17:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 21:00 - 2015-07-16 21:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 21:00 - 2015-07-16 21:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 21:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 21:00 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 21:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 21:00 - 2015-07-16 21:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 21:00 - 2015-07-16 20:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 21:00 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 21:00 - 2015-07-16 20:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 20:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 21:00 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 21:00 - 2015-07-16 20:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 21:00 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 21:00 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 21:00 - 2015-07-15 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 04:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 21:00 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 20:59 - 2015-07-20 18:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 20:59 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 20:59 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 20:59 - 2015-05-09 19:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-27 17:52 - 2015-07-27 17:52 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (9).plr
2015-07-26 18:19 - 2015-07-26 18:19 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (8).plr
2015-07-26 18:17 - 2015-07-26 18:17 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (7).plr
2015-07-26 18:13 - 2015-07-26 18:13 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (6).plr
2015-07-26 18:11 - 2015-07-26 18:11 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (5).plr
2015-07-26 18:05 - 2015-07-26 18:05 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (4).plr
2015-07-26 18:04 - 2015-07-26 18:04 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (3).plr
2015-07-26 17:54 - 2015-07-26 17:54 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (2).plr
2015-07-26 17:47 - 2015-07-26 17:47 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (1).plr
2015-07-23 16:23 - 2015-07-23 16:23 - 00000000 ____D C:\Users\Speed X8\AppData\Local\CEF
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-22 12:16 - 2012-03-15 14:37 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-22 12:14 - 2012-06-03 15:43 - 00000000 ____D C:\Users\Speed X8\AppData\Local\LogMeIn Hamachi
2015-08-22 12:12 - 2014-12-30 20:48 - 00058292 _____ C:\Windows\setupact.log
2015-08-22 12:12 - 2013-11-08 13:06 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 12:12 - 2012-03-14 14:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-22 12:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-22 12:11 - 2012-03-14 14:10 - 01882001 _____ C:\Windows\WindowsUpdate.log
2015-08-22 12:11 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-22 12:11 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-22 11:59 - 2012-03-30 13:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-22 11:42 - 2013-11-08 13:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-22 11:29 - 2013-03-16 17:46 - 00000392 _____ C:\Windows\Tasks\WpsUpdateTask_Speed X8.job
2015-08-22 11:29 - 2012-03-15 14:26 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{767B4E75-0A22-454C-8045-6C88693109B7}
2015-08-22 10:20 - 2014-01-14 15:08 - 00000000 ____D C:\Users\Speed X8\AppData\Local\Battle.net
2015-08-21 11:12 - 2014-08-29 10:37 - 00000000 ___DC C:\AdwCleaner
2015-08-21 10:50 - 2014-12-31 11:41 - 00597546 _____ C:\Windows\PFRO.log
2015-08-21 10:50 - 2012-12-10 23:14 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2015-08-21 10:47 - 2012-03-14 15:13 - 00000000 ____D C:\Windows\system32\temp
2015-08-21 10:38 - 2015-05-13 19:52 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\uTorrent
2015-08-21 10:35 - 2014-10-22 17:39 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-08-21 10:35 - 2014-10-22 17:39 - 00000000 ____D C:\Windows\system32\vbox
2015-08-21 10:28 - 2015-05-07 16:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-21 10:08 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-21 10:07 - 2012-03-14 14:11 - 00001317 _____ C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-20 20:58 - 2013-11-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-20 20:48 - 2015-03-12 17:48 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-20 20:43 - 2015-03-12 17:48 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-20 09:22 - 2015-04-25 22:05 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-19 23:24 - 2012-03-17 21:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Mumble
2015-08-19 18:55 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-19 18:33 - 2015-04-19 12:30 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieBrowserModeList
2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieUserList
2015-08-19 18:33 - 2014-06-10 22:53 - 00000000 __SHD C:\Users\Speed X8\AppData\Local\EmieSiteList
2015-08-19 16:34 - 2014-01-14 15:10 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-19 16:32 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-18 19:43 - 2012-03-14 14:10 - 00000000 ____D C:\Users\Speed X8
2015-08-14 21:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-08-14 20:32 - 2012-03-15 06:04 - 00000000 ____D C:\Windows\Panther
2015-08-14 20:28 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-12 10:22 - 2009-07-14 05:45 - 00290992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 10:19 - 2014-12-12 17:17 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 10:19 - 2014-05-07 00:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 00:37 - 2013-03-14 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 00:32 - 2014-08-29 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 00:26 - 2014-08-29 11:22 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:59 - 2012-03-30 13:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 21:59 - 2012-03-30 13:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 21:59 - 2012-03-22 20:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-10 11:07 - 2015-04-24 10:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-10 10:36 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-04 10:48 - 2012-06-03 15:42 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-03 12:12 - 2012-06-28 11:58 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-31 18:45 - 2014-05-17 18:29 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\.minecraft
 
==================== Files in the root of some directories =======
 
2015-05-23 23:43 - 2015-05-23 23:43 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-06-17 18:22 - 2013-06-17 18:21 - 0001160 _____ () C:\Users\Speed X8\AppData\Roaming\mods - Shortcut.lnk
2014-06-28 18:47 - 2015-04-25 22:19 - 0002031 _____ () C:\Users\Speed X8\AppData\Roaming\SpeedRunnersLog.txt
2015-04-25 22:20 - 2015-04-25 22:21 - 0002608 _____ () C:\Users\Speed X8\AppData\Roaming\TargetInvocationLog.txt
2013-06-17 18:22 - 2013-06-17 18:23 - 0047104 ___SH () C:\Users\Speed X8\AppData\Roaming\Thumbs.db
2013-09-30 09:34 - 2013-09-30 09:34 - 0000097 _____ () C:\Users\Speed X8\AppData\Roaming\WB.CFG
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\Speed X8\AppData\Local\datos.txt
2015-04-25 14:36 - 2015-04-25 14:36 - 0006605 _____ () C:\Users\Speed X8\AppData\Local\recently-used.xbel
2014-08-31 23:22 - 2014-08-31 23:22 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-08-20 09:42 - 2015-08-20 09:42 - 0001504 _____ () C:\ProgramData\tempimage.bmp
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-14 21:22
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-08-2015
Ran by Speed X8 (2015-08-22 12:18:07)
Running from C:\Users\Speed X8\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-975855429-1586840072-3018677650-500 - Administrator - Disabled)
Guest (S-1-5-21-975855429-1586840072-3018677650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-975855429-1586840072-3018677650-1003 - Limited - Enabled)
Speed X8 (S-1-5-21-975855429-1586840072-3018677650-1000 - Administrator - Enabled) => C:\Users\Speed X8
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
AChat 1.18 (HKLM-x32\...\AChat_is1) (Version:  - AChat Animation Studios)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Airline Tycoon 2 (HKLM-x32\...\Steam App 201490) (Version:  - )
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Antares Auto-Tune 7 VST (HKLM\...\{8E7715AA-E19B-44E8-AE4C-FB5B37B7E2D9}) (Version: 7.05.0004 - Antares Audio Technologies)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARMA 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2 Dedicated Server (HKLM-x32\...\Steam App 33905) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead - Dedicated Server (HKLM-x32\...\Steam App 33935) (Version:  - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Auto-Tune EFX 2 (HKLM\...\{CCF89E7D-8BFC-4B3C-8C9C-8C4E9EF8BA45}) (Version: 2.1 - Antares Audio Technologies)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)
Bloody Trapland (HKLM-x32\...\Steam App 257750) (Version:  - 2Play)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnInTest v7.0 Pro (HKLM\...\BurnInTest_is1) (Version: 7.0 - Passmark Software)
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version:  - Stainless Games Ltd)
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Crawl (HKLM-x32\...\Steam App 293780) (Version:  - Powerhoof)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3721 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.6210 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1423 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3518.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{BAD8395E-CE31-44AA-B9FE-A14FCD0ABE4A}) (Version: 0.9.110 - Dotjosh Studios)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
DUNGEONS - Steam Special Edition (HKLM-x32\...\Steam App 57650) (Version:  - Realmforge Studios)
DUNGEONS - The Dark Lord (Steam Special Edition) (HKLM-x32\...\Steam App 200550) (Version:  - )
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - )
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Easy Tune 6 B11.0630.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FaceTrackNoIR version 1.7 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7 - FaceTrackNoIR Team)
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeTrack v2.2.0.279 (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\FreeTrack v2.2.0.279) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - )
FrostWire 5.3.5 (HKLM-x32\...\FrostWire 5) (Version: 5.3.5.0 - FrostWire Team)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game Dev Tycoon version 1.3.2 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.2 - Greenheart Games Pty. Ltd.)
GameFly (HKLM-x32\...\GameFly) (Version: 1.2.378 - GameFly, Inc.)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Gang Beasts (HKLM-x32\...\Steam App 285900) (Version:  - Boneloaf)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version:  - Positech Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hidden in Plain Sight (HKLM-x32\...\Steam App 303590) (Version:  - Adam Spragg)
Hyrule Total War 3 Patch (HKLM-x32\...\{90D07AB1-663A-4F45-8BB8-E0763C8C8D1A}) (Version: 1.0.0 - Parallel Process)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java™ 6 Update 39 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416039FF}) (Version: 6.0.390 - Oracle)
Java™ 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
join.me (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\JoinMe) (Version: 1.17.1.162 - LogMeIn, Inc.)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
Kingsoft Spreadsheets  (8.1.0.3030) (HKLM-x32\...\Kingsoft Spreadsheets) (Version: 8.1.0.3030 - Kingsoft Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Magic The Gathering Online  (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\9f2df17776476c05) (Version: 3.4.77.332 - Wizards of the Coast)
Magic: The Gathering - Duels of the Planeswalkers (HKLM-x32\...\Steam App 49400) (Version:  - Stainless Games Ltd)
March of War: Face Off (HKLM-x32\...\Steam App 323900) (Version:  - ISOTX)
Marvel Heroes (HKLM-x32\...\marvelheroesbeta) (Version: 1.8.0.302 - Gazillion Entertainment)
Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version:  - )
Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version:  - )
Mashed (HKLM-x32\...\Steam App 281280) (Version:  - Supersonic Software)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version:  - The Creative Assembly)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Mirroring360 (HKLM-x32\...\{2143C7CF-6CBA-4513-AC73-D410DEC57BFC}) (Version: 1.2.0.4 - Splashtop Inc.)
MNR -2litres - Horndean (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\MNR -2litres - Horndean) (Version:  - )
Mobiloid Demo (HKLM-x32\...\IndieCity-{43591a95-bcfd-478c-86ca-003a99d5ae0b}) (Version:  - Montrezina)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-GB)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
NBTExplorer (HKLM-x32\...\{06107EDA-5B85-4CEC-AB1E-8350DEC15231}) (Version: 2.7.4.0 - Justin Aquadro)
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version:  - Bugbear)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version:  - Bugbear)
Ninja Loader (HKLM-x32\...\Ninja Loader) (Version: 198.0.0.605 - CLICK YES BELOW LP)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Orcs Must Die 2 Workshop Tool (HKLM-x32\...\Steam App 242150) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22479 - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version:  - PopCap)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version:  - PopCap)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version:  - PokerStars.uk)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version:  - )
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
RPG Maker XP (HKLM-x32\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
SecondLifeBetaViewer (remove only) (HKLM-x32\...\SecondLifeBetaViewer) (Version:  - )
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Shatter (HKLM-x32\...\Steam App 20820) (Version:  - Sidhe)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
Silent Storm (HKLM-x32\...\Steam App 254960) (Version:  - Nival)
Silent Storm Sentinels (HKLM-x32\...\Steam App 254980) (Version:  - )
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7016 - Six Projects)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
TerraTech Demo (HKLM-x32\...\Steam App 313990) (Version:  - Payload Studios)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
Tools Update Platform (HKLM-x32\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 1.1.0.15773 - Beijing Zhihuimen Techology co,.Ltd)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version:  - Creative Assembly)
Towns (HKLM-x32\...\Steam App 221020) (Version:  - )
Toy Soldiers (HKLM-x32\...\Steam App 98300) (Version:  - Signal Studios)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version:  - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Ino-Co Plus)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10650 - WinZip Computing, S.L. )
Wizorb (HKLM-x32\...\Steam App 207420) (Version:  - )
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version:  - Team17)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
21-08-2015 10:59:16 JRT Pre-Junkware Removal
22-08-2015 12:10:10 Restore Point Created by FRST
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2015-08-22 12:10 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0793DEB0-D40C-4788-9C44-C530DE22B040} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {1531C316-5DD4-43F5-8BB7-D1094259E97B} - System32\Tasks\{286FED16-89AD-41FA-B336-C878763B2EBC} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {1C28571E-B8F9-4751-9B62-5DCACC1EBBE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1D855AD1-E04A-4E97-B733-8256DD0834C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {351EED9F-F898-461A-8A89-2F1F96EAE91B} - System32\Tasks\{015CF1CB-F6C9-49FB-A90E-982A10B08A69} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {37DF7685-46C7-46D6-B9F0-2B80072AFF8C} - System32\Tasks\SystemSearchIndexer => C:\ProgramData\SystemSearchIndexer\SystemSearchIndexer.exe [2015-08-21] () <==== ATTENTION
Task: {49CB8988-1A24-440D-88C0-19C4AFBEC1BC} - System32\Tasks\{0807DA71-B6F4-49B9-BBB0-E0854F2ABFC0} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {69C2FB89-A68C-41D5-B6A8-AF1028C409C0} - System32\Tasks\{9289B819-C4CD-43A3-953F-675C1133513F} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {6E04465B-6C12-4E56-93B0-2AB6FB9A0C7A} - System32\Tasks\{A03ADA05-3C49-42AF-9AA8-4F4D4799D68B} => pcalua.exe -a "C:\Users\Speed X8\Downloads\HorndeanRX.exe" -d "C:\Users\Speed X8\Downloads"
Task: {7FD075DA-E5A1-4DD6-BB1C-AEFB8DBF07C1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {83D175D2-F77D-4A18-AF1E-FF5C3F70A2A7} - System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF} => pcalua.exe -a "C:\Users\Speed X8\Desktop\New folder (2)\BUNNYUST.EXE" -d "C:\Users\Speed X8\Desktop\New folder (2)"
Task: {9473A819-07C7-4DE4-A5A9-D2E85121F58B} - System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => pcalua.exe -a "C:\Users\Speed X8\Desktop\JX^€Ch3D\Installer.exe" -d "C:\Users\Speed X8\Desktop\JX^€Ch3D"
Task: {9876CA81-F86B-4066-ADAF-F2113D0B9E96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {9A166EB4-E047-4F95-A1D7-3E93A73322C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A06419F4-D3A9-4255-A4FA-72451E12A59B} - System32\Tasks\{35EFDB9A-0F99-4935-81C2-571069624150} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1075-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {AA6DB421-83C3-446D-B99F-6F4D648F5C9C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {B2760364-CF81-4BDB-B568-B1ABF51C49AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {B4B6995A-60FD-4CF8-9BDE-CDE10962C7B2} - System32\Tasks\{94946A22-1B4E-4768-8F4C-08540FEB21F6} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {C2CE4F4E-BE46-41CF-BBB8-EBE279108B47} - System32\Tasks\{9D8E0C13-765B-4D19-BC69-2137BE3AABFB} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {CFB3BA4B-8C6A-4783-BB44-B320D35B5063} - System32\Tasks\{1A4338B1-89FF-4018-B394-19B364430E88} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {DD959D27-44EE-4B06-A828-F9132D437B3B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {F1CF0726-424C-4A74-BF6A-D135AFABC4CE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {F2A84BEA-2943-4CDA-920D-AE96FDA71A3E} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [2015-07-07] ()
Task: {FBF6EAD0-1555-45C6-8525-F36E7BE6394E} - System32\Tasks\{49BC5B3B-F531-493B-BB3D-34464A9E50E3} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {FC6E5ED8-4083-42BD-B512-A8100B08055E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-20] (AVAST Software)
Task: {FC88C451-A7A0-4EA4-94B3-E6F839EEA182} - System32\Tasks\WpsUpdateTask_Speed X8 => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe [2013-06-05] (Kingsoft Corp. Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Speed X8.job => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-04-08 00:19 - 2015-05-12 04:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-21 10:32 - 2015-08-21 10:32 - 00388160 _____ () C:\ProgramData\SystemSearchIndexer\SystemSearchIndexer.exe
2015-07-07 07:49 - 2015-07-07 07:49 - 00635128 _____ () C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
2013-08-15 18:59 - 2013-08-15 19:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-20 20:44 - 2015-08-20 20:44 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-20 20:25 - 2015-08-20 20:25 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15082001\algo.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-26 17:09 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2012-03-14 14:18 - 2010-02-09 11:52 - 33735976 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-03-12 17:47 - 2015-03-12 17:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-19 19:50 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-08-19 19:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-19 19:50 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5D34EECB-21D4-424D-9DE7-470712A2D3D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{36BD4955-5723-430F-8244-E9B4B1A7CAA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{8C612AE7-408B-4B57-870C-6AE8C44A6123}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{575E7D19-5070-461A-8D98-F0752F9E0137}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1C8ABCAF-A7A7-4596-94EF-A1C804727180}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{AF18E4BD-032C-422C-B40A-CEA8723ED12D}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{92BA3D5F-F326-4BAC-B9AD-B7C49096CBDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{202E6A75-0D39-40C2-B324-709952A37C33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{E325BA99-B97F-44BE-8507-FE6E3C15671B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{32991B09-DA94-48AE-94F0-0B3C6148190B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{96984B82-FFC6-4F72-A9C9-7CB3D9CA72D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{96B02AA7-A8D4-4DA2-95E3-9158A9589C8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{85544358-43FE-4C67-BF69-781FBF443ECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{2B1EC88A-34A2-4F00-B3FD-C203BDE3DD75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe
FirewallRules: [{C88CDA11-419A-44D8-A146-F0FEBF250652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/22/2015 12:14:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/22/2015 12:10:10 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {348e6e00-1c8d-4bb8-8f8e-b779e7b020eb}
 
Error: (08/22/2015 09:26:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/22/2015 09:26:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/22/2015 09:04:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:55:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 11:15:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:54:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:47:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:46:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3ff12407-2778-4d0b-a8b5-d39944fede06}
 
 
System errors:
=============
Error: (08/22/2015 12:13:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (08/22/2015 12:13:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (08/22/2015 12:12:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error: 
%%2
 
Error: (08/22/2015 12:12:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: 
%%2
 
Error: (08/22/2015 12:12:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/22/2015 09:03:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (08/22/2015 09:03:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (08/22/2015 09:02:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error: 
%%2
 
Error: (08/22/2015 09:02:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Ninja Loader Service service failed to start due to the following error: 
%%2
 
Error: (08/22/2015 09:02:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: 
%%2
 
 
Microsoft Office:
=========================
Error: (08/22/2015 12:14:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/22/2015 12:10:10 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {348e6e00-1c8d-4bb8-8f8e-b779e7b020eb}
 
Error: (08/22/2015 09:26:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files\CCleaner\CCleaner64.exe
 
Error: (08/22/2015 09:26:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files\CCleaner\CCleaner64.exe
 
Error: (08/22/2015 09:04:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:55:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 11:15:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:54:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:47:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/21/2015 10:46:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3ff12407-2778-4d0b-a8b5-d39944fede06}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16367.3 MB
Available physical RAM: 13601.63 MB
Total Virtual: 32732.81 MB
Available Virtual: 29933.66 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1330.08 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D2DB4A79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
==================== End of log ============================

Edited by Alkalidum, 22 August 2015 - 05:23 AM.

  • 0

#14
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Couldnt find these options either :upset: so i went onto step 2


Hello :)

No problem, evidently Spybot has changed their interface and I need to check on that. I see that the fix has done it's job and removed the proxy along with the other items as well. However, I do see one file that is being flagged and I can't find any information on it. So, let's upload it to VirusTotal and let them have a go at scanning it. :thumbsup:


Step 1: Upload File to VirusTotal
  • Please go to VirusTotal.org by clicking here
  • Please click on Choose File
  • When the window opens, navigate to the location listed in the box below and select file that is listed in that location.

    C:\ProgramData\SystemSearchIndexer\SystemSearchIndexer.exe

  • Once you have selected the file, click the blue Scan It! button.
  • VirusTotal will scan the file and produce a report for you. Please copy the link in the address bar when it shows you the report and post it in your next reply.

  • 0

#15
Alkalidum

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hey :)

 

This the correct link? http://www.virustota...sis/1440272104/


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP