Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 Black Screen with cursor [Solved]


  • This topic is locked This topic is locked

#1
thealexandrev

thealexandrev

    New Member

  • Member
  • Pip
  • 8 posts

So I recently got a virus on my pc and after trying to remove it, windows just boots to a black screen with a cursor on it. My problem is almost exactly like this post: http://www.geekstogo...een-at-restart/ I am able to boot into safe mode with networking and everything works fine there. After trying to restore windows to a restore point, my pc will boot to the desktop but then freeze up. Im in desperate need of help as my pc has been like this for a few days and i have lots of important data on it.


Edited by thealexandrev, 23 October 2015 - 08:32 PM.

  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-



All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

Let's see if we can get you fixed up. Please do the following in Safe Mode With Networking.

 

Fresh Set of Logs Needed
Let's begin. Please follow the steps below.
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
    Only one of them will run on your system, that will be the right version.
2. Right click on the file and select Run as administrator (If you don't have this option simply double-click the file to open). When the tool opens click Yes to disclaimer.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should be the desktop)
5. Please copy and paste log back here.
6. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.
     Note: Please do not attach any logs unless specifically requested. It's easier if you simply copy and paste them into your reply. It's OK if you have to use more than one post to do so.


  • 0

#3
thealexandrev

thealexandrev

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hey Brian, thanks a bunch for the reply. Here's what FRST gave me: 

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015
Ran by Alex (administrator) on ALEX-PC (24-10-2015 23:44:29)
Running from C:\Users\Alex\Desktop
Loaded Profiles: Alex (Available Profiles: Alex)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\Run: [ContourCameraFinder] => C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe [233112 2013-05-06] ()
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\Run: [{3EFB5168-8101-4A26-BC0A-1C143EFFA2B2}] => regsvr32.exe "C:\Users\Alex\AppData\Roaming\Oacukf\EumoTmox.dll"
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: {2a69809f-4b32-11e3-b955-60a44c5226dc} - F:\SETUP.EXE
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
AppInit_DLLs: C:\ProgramData\KeyStream\KeyStream64.dll => No File
AppInit_DLLs-x32: C:\ProgramData\KeyStream\KeyStream32.dll => No File
IFEO\divxcontrolpanellauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1D207054-2633-4905-B5A0-0E3E8371F2A4}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{3269785F-E192-4699-913E-CB43DFA74DDB}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{54BD1089-F824-4592-A3C0-77BB08A274F4}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{D77A1D5A-7BDB-4F50-A8B8-BE9EAB9B54E4}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1593570779-2006387891-214409227-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: SBCONVERT Class -> {92A9ACF4-9333-43AE-9698-DB283326F87F} -> C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll => No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: GrabberObj Class -> {FF7C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\grabber.dll => No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll No File
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
DPF: HKLM-x32 {3746422E-4692-4429-9698-E3EB34FE07BC} hxxp://larrywillburg.no-ip.biz:98/FSIPCam.cab
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll [2013-05-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll [2013-05-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Users\Alex\Desktop\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-11-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-09-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-23] [not signed]
FF HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-09] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=F95zamobl010924,8906f740-4510-4ecc-b016-2bdb1d9300bf,
CHR StartupUrls: Default -> "hxxps://www.youtube.com/"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=F95zamobl010924,8906f740-4510-4ecc-b016-2bdb1d9300bf,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Republic For Chrome ROG Edition) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\baddhngpffecbmlmdpnfldobhaaaifde [2015-06-28]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-14]
CHR Extension: (agar.io server browser) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Click&Clean App) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-09-08]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [djcpfkccckpeeghiklnhienllljccglb] - C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Chrome\DownloaderChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [ledcpigomgblcmofccnacobhmcdkpiea] - C:\Program Files (x86)\SearchPredict\Chrome\SearchPredictChrome.crx <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [399744 2012-11-07] (ASUSTeK Computer Inc.)
S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-20] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-07-28] ()
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-24] (DTS, Inc)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-30] (EasyAntiCheat Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [391504 2013-06-25] (Hauppauge Computer Works, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-19] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-03] ()
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-06-03] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [31448 2013-04-22] (Razer)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
S2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
S2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [966640 2013-05-23] (Hauppauge Computer Work, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
S2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-21] (AO Kaspersky Lab)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-21] (AO Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-21] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-20] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2013-07-22] (http://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [52832 2013-01-24] (http://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-23] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128728 2013-04-18] (Razer USA Ltd)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [73944 2013-04-18] (Razer USA Ltd)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
R3 Thermnaltake MS2 Filter; C:\Windows\System32\Drivers\MS2Filter.sys [57072 2010-09-23] (Thermaltake)
R3 Thermnaltake MS2 Filter; C:\Windows\SysWOW64\Drivers\MS2Filter.sys [31360 2010-09-23] (Thermaltake) [File not signed]
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Alex\AppData\Local\Temp\ALSysIO64.sys [X]
S1 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S3 BS3562676826; \??\C:\Users\Alex\AppData\Local\Temp\NTFS.sys [X]
S0 mvs91xx; system32\DRIVERS\mvs91xx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-24 23:44 - 2015-10-24 23:45 - 00026442 _____ C:\Users\Alex\Desktop\FRST.txt
2015-10-24 23:44 - 2015-10-24 23:44 - 00000000 ____D C:\Users\Alex\Desktop\FRST-OlderVersion
2015-10-23 21:58 - 2015-10-23 21:58 - 00000080 _____ C:\Users\Public\Desktop\SimCityT.lnk
2015-10-23 21:47 - 2015-10-23 21:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-23 21:46 - 2015-10-23 21:58 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-23 21:46 - 2015-10-23 21:46 - 22908888 _____ (Malwarebytes ) C:\Users\Alex\Desktop\mbam-setup-2.2.0.1024.exe
2015-10-23 21:46 - 2015-10-23 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-23 21:46 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-23 21:46 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-23 21:46 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-23 18:46 - 2015-10-23 18:46 - 00002176 _____ C:\Users\Alex\Desktop\fixlist.txt
2015-10-23 13:01 - 2015-10-23 22:00 - 00028684 _____ C:\Windows\PFRO.log
2015-10-23 12:47 - 2015-10-23 12:47 - 00084077 _____ C:\Users\Alex\Desktop\Shortcut.txt
2015-10-23 12:44 - 2015-10-24 23:44 - 00000000 ____D C:\FRST
2015-10-23 12:40 - 2015-10-24 23:44 - 02196992 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2015-10-23 12:13 - 2015-10-23 12:13 - 05637412 _____ (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2015-10-22 21:09 - 2015-10-23 21:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-22 21:09 - 2015-10-22 21:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-22 20:47 - 2015-10-22 20:47 - 00000055 _____ C:\Users\Alex\Desktop\f.txt
2015-10-21 22:54 - 2015-10-23 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2015-10-21 22:54 - 2015-10-23 05:20 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-21 22:54 - 2015-10-21 22:54 - 00102616 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-10-21 22:54 - 2015-10-21 22:54 - 00003242 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-21 22:54 - 2015-10-21 22:54 - 00000000 ____D C:\ProgramData\Norton
2015-10-21 22:54 - 2015-10-21 22:54 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-21 22:24 - 2015-10-21 22:28 - 00004046 _____ C:\Windows\System32\Tasks\Chrome Cleanup Tool logs upload retry
2015-10-20 00:27 - 2015-10-20 00:27 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-20 00:27 - 2015-10-20 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-20 00:27 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-20 00:26 - 2015-10-21 16:35 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-20 00:26 - 2015-10-21 16:35 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-20 00:26 - 2015-10-20 00:26 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-19 22:24 - 2015-10-23 21:57 - 00002056 _____ C:\Users\Alex\Desktop\FL Studio 12 (64bit).lnk
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files\Common Files\VST2
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2015-10-19 21:50 - 2015-10-23 13:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-10-19 21:50 - 2015-10-23 13:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-10-19 21:50 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-10-19 21:50 - 2015-10-19 21:50 - 00000000 ____D C:\Users\Alex\Documents\Image-Line
2015-10-19 21:50 - 2015-10-19 21:50 - 00000000 ____D C:\Users\Alex\AppData\Roaming\FlowStone
2015-10-19 21:50 - 2015-10-19 21:50 - 00000000 ____D C:\Program Files\Image-Line
2015-10-19 21:48 - 2015-10-19 22:25 - 00000000 ____D C:\Program Files (x86)\Image-Line
2015-10-15 22:43 - 2011-06-22 22:25 - 00052895 ____N C:\Users\Alex\Desktop\file_contexts
2015-10-14 23:18 - 2015-10-14 23:18 - 00000000 ____D C:\Program Files (x86)\ClockworkMod
2015-10-14 12:06 - 2015-10-16 00:22 - 00000000 ____D C:\Users\Alex\Documents\SelfMV
2015-10-08 10:12 - 2015-10-08 22:10 - 00002207 _____ C:\Users\Alex\Desktop\fixit complaint.txt
2015-10-05 21:49 - 2015-10-20 00:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-09-30 21:06 - 2015-09-30 21:06 - 00000000 ____D C:\VideoOutput
2015-09-30 20:54 - 2015-09-30 20:54 - 00000000 ____D C:\Users\Alex\.cache
2015-09-30 20:53 - 2015-09-30 20:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Apowersoft
2015-09-30 20:53 - 2015-09-30 20:53 - 00000000 ____D C:\Users\Alex\Documents\Video Download Capture
2015-09-30 20:53 - 2014-04-09 21:05 - 00031920 _____ (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2015-09-30 20:47 - 2015-09-30 20:47 - 00109696 _____ C:\Windows\SysWOW64\EasyHook64.dll
2015-09-30 20:47 - 2015-09-30 20:47 - 00091264 _____ C:\Windows\SysWOW64\EasyHook32.dll
2015-09-30 20:47 - 2015-09-30 20:47 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Toolbar4
2015-09-30 20:47 - 2015-09-30 20:47 - 00000000 ____D C:\ProgramData\SpeedBit
2015-09-30 20:47 - 2015-09-30 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDbit Video Downloader
2015-09-30 20:47 - 1998-12-05 13:18 - 00172032 _____ (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com)C:\Windows\SysWOW64\AniGIF.ocx
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-23 22:01 - 2015-08-09 22:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-23 22:01 - 2013-04-23 21:27 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-23 22:00 - 2015-07-26 12:28 - 00024138 _____ C:\Windows\setupact.log
2015-10-23 22:00 - 2015-05-28 20:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-23 22:00 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-23 22:00 - 2009-07-14 00:45 - 00000000 ____D C:\Windows\Setup
2015-10-23 21:58 - 2015-08-09 23:10 - 00000825 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-23 21:58 - 2015-06-14 15:52 - 00001179 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2015-10-23 21:58 - 2013-10-02 16:45 - 00001191 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk
2015-10-23 21:58 - 2013-04-23 21:07 - 00001413 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet-Explorer.lnk
2015-10-23 21:57 - 2015-08-14 17:33 - 00001060 _____ C:\Users\Alex\Desktop\Kerbal Space Program.lnk
2015-10-23 21:57 - 2014-07-18 21:20 - 00002156 _____ C:\Users\Alex\Desktop\ArmA II Launcher.lnk
2015-10-23 21:57 - 2014-03-21 17:35 - 00001203 _____ C:\Users\Alex\Desktop\TeamSpeak 3 Client.lnk
2015-10-23 21:57 - 2013-12-14 00:44 - 00000963 _____ C:\Users\Alex\Desktop\YaTQA.lnk
2015-10-23 21:57 - 2013-08-27 19:05 - 00002052 _____ C:\Users\Alex\Desktop\TADST- A2.lnk
2015-10-23 21:57 - 2013-08-27 19:05 - 00001830 _____ C:\Users\Alex\Desktop\TADST - A3.lnk
2015-10-23 21:57 - 2013-04-23 21:38 - 00000000 ____D C:\ProgramData\APN
2015-10-23 13:02 - 2015-08-09 22:24 - 00000000 ____D C:\Users\Alex\Desktop\Tor Browser
2015-10-23 13:02 - 2015-03-31 20:47 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SIX Networks
2015-10-23 13:02 - 2014-12-23 00:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-23 13:02 - 2014-07-20 11:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-10-23 13:02 - 2014-07-20 11:55 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-10-23 13:02 - 2014-05-03 14:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C&C Generals
2015-10-23 13:02 - 2014-04-21 16:33 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Surgeon Simulator 2013 Steam Edition 1.0
2015-10-23 13:02 - 2014-03-21 17:35 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-10-23 13:02 - 2014-02-02 14:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2015-10-23 13:02 - 2013-12-14 00:44 - 00000000 ____D C:\Users\Alex\AppData\Roaming\YaTQA
2015-10-23 13:02 - 2013-10-03 00:04 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hauppauge
2015-10-23 13:02 - 2013-07-11 15:23 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager
2015-10-23 13:02 - 2013-07-08 00:53 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-10-23 13:02 - 2013-05-31 18:00 - 00000000 ____D C:\Users\Alex\Desktop\Hacks
2015-10-23 13:02 - 2013-05-03 19:38 - 00000000 ____D C:\Users\Alex\Desktop\Editing
2015-10-23 13:02 - 2013-04-24 20:43 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City Life RPG
2015-10-23 13:02 - 2013-04-23 21:59 - 00000000 ____D C:\Users\Alex\Desktop\desktop [bleep]
2015-10-23 13:02 - 2013-04-23 21:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client
2015-10-23 13:02 - 2013-04-23 21:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-23 13:02 - 2013-04-23 21:06 - 00000000 ___RD C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-23 13:02 - 2013-04-23 21:06 - 00000000 ___RD C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-23 13:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-23 13:01 - 2015-05-10 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-23 13:01 - 2013-04-23 23:01 - 00000021 _____ C:\Users\Alex\AppData\Roaming\config_data.dat
2015-10-23 13:01 - 2013-04-23 21:55 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype
2015-10-23 13:01 - 2013-04-23 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-23 13:01 - 2013-04-23 21:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-23 13:01 - 2013-04-23 21:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-23 13:01 - 2013-04-23 21:38 - 00000000 ____D C:\Program Files\Core Temp
2015-10-23 13:01 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-10-23 13:01 - 2009-07-13 23:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-23 13:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-10-23 12:59 - 2013-06-18 13:25 - 00000000 ____D C:\ProgramData\Origin
2015-10-23 12:59 - 2013-04-23 21:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-23 12:49 - 2015-09-23 20:50 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Temp
2015-10-23 12:22 - 2013-04-23 21:12 - 01607420 _____ C:\Windows\WindowsUpdate.log
2015-10-23 12:01 - 2013-04-23 21:06 - 00000000 ____D C:\Users\Alex
2015-10-22 21:27 - 2013-05-01 18:11 - 00000000 ____D C:\Windows\PCHEALTH
2015-10-21 23:39 - 2013-05-03 19:08 - 00007652 _____ C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2015-10-21 21:49 - 2013-04-23 21:27 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 21:16 - 2015-06-27 21:16 - 00000442 _____ C:\Windows\Tasks\EasyRésumé.job
2015-10-21 16:34 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-21 16:25 - 2009-07-14 00:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-21 16:25 - 2009-07-14 00:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-20 19:33 - 2013-04-23 21:33 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-20 00:36 - 2013-04-26 00:48 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Azureus
2015-10-20 00:35 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-19 22:44 - 2013-06-18 17:52 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-18 22:01 - 2013-04-23 22:07 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-10-16 21:02 - 2015-09-15 17:11 - 00000000 ____D C:\Users\Alex\Desktop\New folder (2)
2015-10-16 00:13 - 2013-05-03 19:40 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Audacity
2015-10-13 16:09 - 2013-05-31 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 16:09 - 2013-04-26 01:14 - 00000000 ____D C:\ProgramData\Adobe
2015-10-13 16:08 - 2014-12-29 12:29 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-11 10:49 - 2015-05-02 14:56 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-11 10:49 - 2013-05-22 08:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-09 20:36 - 2015-01-12 16:41 - 00000000 ____D C:\Users\Alex\AppData\Roaming\SpinTires
2015-09-25 19:12 - 2009-07-14 01:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2013-05-02 16:21 - 2015-08-19 22:16 - 0000132 _____ () C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-04-23 21:33 - 2015-04-07 17:46 - 0000627 _____ () C:\Users\Alex\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-05-03 13:46 - 2014-05-03 13:46 - 0001218 _____ () C:\Users\Alex\AppData\Roaming\aps.scan.quick.results
2014-05-03 13:46 - 2014-05-03 13:46 - 0002636 _____ () C:\Users\Alex\AppData\Roaming\aps.scan.results
2014-05-03 13:46 - 2014-05-03 13:46 - 0000316 _____ () C:\Users\Alex\AppData\Roaming\aps.uninstall.scan.results
2013-04-23 23:01 - 2015-10-23 13:01 - 0000021 _____ () C:\Users\Alex\AppData\Roaming\config_data.dat
2013-04-23 21:46 - 2014-12-21 22:44 - 0000285 _____ () C:\Users\Alex\AppData\Roaming\GPU MeterV2_Settings.ini
2013-05-24 17:51 - 2013-05-24 17:52 - 0001091 _____ () C:\Users\Alex\AppData\Roaming\Network Meter_Settings.ini
2013-05-24 17:57 - 2013-08-14 21:26 - 0000022 _____ () C:\Users\Alex\AppData\Roaming\Network Meter_Usage.ini
2009-07-13 19:19 - 2009-07-13 21:52 - 0000242 _____ () C:\Users\Alex\AppData\Roaming\PBS3562676826.ini
2013-04-24 20:56 - 2013-04-24 21:04 - 0034816 _____ () C:\Users\Alex\AppData\Roaming\RZR_0010a4dd4775a217d02dfcce52af.db
2013-05-30 16:54 - 2015-07-25 21:18 - 0000498 _____ () C:\Users\Alex\AppData\Roaming\XP500UserMetrics.osl
2013-08-29 17:51 - 2013-08-29 17:52 - 0000587 _____ () C:\Users\Alex\AppData\Roaming\ZoombiesUniversalLauncher.xml
2015-04-23 21:38 - 2015-04-23 21:38 - 8723608 _____ () C:\Users\Alex\AppData\Local\0796D59C_stp.CIS
2015-04-23 21:38 - 2015-04-23 21:38 - 0000382 _____ () C:\Users\Alex\AppData\Local\0796D59C_stp.CIS.part
2015-06-21 13:56 - 2015-06-21 13:56 - 0000064 _____ () C:\Users\Alex\AppData\Local\12706a5b16177763a2f1136e508def2a
2015-04-23 21:38 - 2015-04-23 21:38 - 0200047 _____ () C:\Users\Alex\AppData\Local\59ED2468_stp.CIS
2015-04-23 21:38 - 2015-04-23 21:38 - 0000290 _____ () C:\Users\Alex\AppData\Local\59ED2468_stp.CIS.part
2015-04-23 21:37 - 2015-04-23 21:38 - 0385602 _____ () C:\Users\Alex\AppData\Local\5D515C96_stp.CIS
2015-04-23 21:38 - 2015-04-23 21:38 - 0000220 _____ () C:\Users\Alex\AppData\Local\5D515C96_stp.CIS.part
2013-04-28 00:27 - 2013-04-28 00:27 - 0001456 _____ () C:\Users\Alex\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-07-13 11:55 - 2013-07-13 11:55 - 0011123 _____ () C:\Users\Alex\AppData\Local\CleanupUninstall.txt
2013-05-20 23:31 - 2015-06-09 23:17 - 1065984 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2013-05-03 19:08 - 2015-10-21 23:39 - 0007652 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2008-02-05 17:28 - 2008-02-05 17:28 - 0000051 _____ () C:\Users\Alex\AppData\Local\setup.txt
2015-09-18 13:25 - 2015-09-18 13:25 - 0000000 _____ () C:\Users\Alex\AppData\Local\{DF0900B1-0BB0-44A3-A302-FE8C34763C43}
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-21 17:11
 
==================== End of FRST.txt ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015
Ran by Alex (2015-10-24 23:45:41)
Running from C:\Users\Alex\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-04-24 01:06:40)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1593570779-2006387891-214409227-500 - Administrator - Disabled)
Alex (S-1-5-21-1593570779-2006387891-214409227-1000 - Administrator - Enabled) => C:\Users\Alex
Guest (S-1-5-21-1593570779-2006387891-214409227-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1593570779-2006387891-214409227-1012 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AI Carriers (HKLM-x32\...\AICarriers) (Version:  - )
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ArmA II Launcher (HKLM-x32\...\{EACFCDA4-3286-4DEB-92D8-53006239F347}) (Version: 1.4.1.0 - Spirited Machine)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CL2 Launcher (HKLM-x32\...\CL2 Launcher) (Version: 1.0.0.471 - ArMaTeC)
CL3 Launcher (HKLM-x32\...\CL3 Launcher) (Version: 3.0.1.178 - City Life RPG)
Contour Storyteller (HKLM-x32\...\Contour Storyteller 3.5.3) (Version: 3.5.3 - Contour)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.4.5110 - Corsair)
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskMark 3.0.3b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3b - Crystal Dew World)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dxtory version 2.0.128 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.128 - ExKode Co. Ltd.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Far Cry 4 (HKLM-x32\...\Steam App 298110) (Version:  - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
FileZilla Client 3.7.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.2 - FileZilla Project)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 6.5.1.415 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.1.415 - DVDVideoSoft Ltd.)
Free Video Converter V 3.2 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.2.0.0 - Koyote Soft)
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hauppauge Capture (HKLM-x32\...\Hauppauge Capture) (Version: 1.0.31248 - Hauppauge Computer Works)
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.2.31173 - Hauppauge Computer Works, Inc.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Network Connections 17.2.154.0 (HKLM\...\PROSetDX) (Version: 17.2.154.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.450 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kerbal Space Program (HKLM-x32\...\Kerbal Space Program_is1) (Version:  - )
L&H TTS3000 British English (HKLM-x32\...\LHTTSENG) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Loadout Editor For ArmA2 Combined Operations & ACE 2 version 1.4 Update 4, build 1.4.74 (HKLM-x32\...\{9D374F73-F47B-4637-B1D2-75173CFBF6B3}_is1) (Version: 1.4 Update 4, build 1.4.74 - The [S.o.E] team)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-AU, Hayley) (HKLM-x32\...\{C58363BD-6CB1-447F-9FEE-5F9542981D15}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-CA, Heather) (HKLM-x32\...\{6483CAE5-A44C-4CC4-8DD2-4F73C00471EC}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-GB, Hazel) (HKLM-x32\...\{9F1B2D5B-E203-4A4F-9EBD-AF04489EE058}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-IN, Heera) (HKLM-x32\...\{A9AD7528-7979-4472-8D61-A9F2994C8AAD}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (HKLM-x32\...\{C7CDC27F-0952-4DF1-9E41-B75140933BC6}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI Kombustor 2.5.2 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSRedists64 (Version: 2.00.0000 - Ingres Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 -  )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1022.0 - Passmark Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
Play withSIX Windows client (HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\PlaywithSIX) (Version: 1.66.1178.2 - SIX Networks GmbH)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 0.01.137 - Razer USA Ltd.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Registrar Registry Manager 7.70 (HKLM\...\RegistrarHome_is1) (Version:  - Resplendence Software Projects Sp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SimCity™ Limited Edition (HKLM-x32\...\SimCity™ Limited Edition) (Version:  - GameStop)
SimCity™: Cities of Tomorrow (HKLM-x32\...\SimCity™: Cities of Tomorrow) (Version:  - GameStop)
Six Updater (HKLM-x32\...\{AD42165D-FF3C-4975-A130-7AA2801AB5DD}) (Version: 2.09.7042 - Six Projects)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surgeon Simulator 2013 Steam Edition 1.0 (HKLM-x32\...\Surgeon Simulator 2013 Steam Edition 1.0) (Version: 1.0 - Cat-A-Cat)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Sims 4 Update v1.4.83.1010 inc Outdoor Retreat DLC (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Train Simulator 2013 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
Tt eSPORTS BLACK Element (HKLM-x32\...\{BCE1F657-CD3C-434A-9724-09A43783A8EA}) (Version: 0.0.1 - Tt eSPORTS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VRS F/A-18E Superbug X (HKLM-x32\...\{0F1F6144-F13A-433D-B66E-129C5E8D504B}_is1) (Version: 1.4.2.4 - Vertical Reality Simulations)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
War Thunder Launcher 1.0.1.322 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version:  - Eugen Systems)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XP500 Advanced Sound Editor (HKLM-x32\...\{5BF6D4DE-C915-44C4-9176-AF6D3B27052F}) (Version: 1.0.0.1 - Turtle Beach)
XSplit Broadcaster (HKLM-x32\...\{3A1F3A32-7E9D-4AD2-A2E2-DFC98BAA9DC7}) (Version: 1.3.1403.1202 - SplitMediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1593570779-2006387891-214409227-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\appmgr.dll => No File <==== ATTENTION
 
==================== Restore Points =========================
 
20-10-2015 12:38:11 Scheduled Checkpoint
21-10-2015 22:28:06 Chrome Cleanup Tool
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0044473E-8470-4609-904E-84C6B7AC6F41} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {05385BE6-90C4-49C7-8E23-46363120D58A} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\CorsairLINK2\CorsairLink.exe
Task: {0BF7E028-CF72-4D0D-BA24-F6C4DE37B881} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {0C4D5E7F-E5F9-4265-8D22-6869577E5EEE} - System32\Tasks\{C859F03D-3AEC-4391-8390-BA7BE5061B11} => pcalua.exe -a C:\Users\Alex\Desktop\Mafia.II.PLUS.11.TRAINER-BReWErS\brew-mii.exe -d C:\Users\Alex\Desktop\Mafia.II.PLUS.11.TRAINER-BReWErS
Task: {0E81521D-A843-499E-9342-530BCD03605F} - \SMW_UpdateTask_Time_313331313734353133342d5737325a786c5a3237344541 -> No File <==== ATTENTION
Task: {15DDD226-19E4-42AC-A347-6E2CD4F3A03C} - \ZIYBY -> No File <==== ATTENTION
Task: {1979244B-15A8-44DC-B1D2-D766DAAB4279} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {1B1E4123-58A1-4977-9B41-3AC1C040E2F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
Task: {1E96CFD2-C3A7-4D25-8E2A-EBEC2AE9EC83} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: {27E402D4-D77B-40EC-9715-FACB66662E87} - System32\Tasks\{DBDDACCC-288B-4ED0-BCCD-D2FBC862F953} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.0.104/en/abandoninstall?page=tsMain
Task: {28C2D0CE-B39D-4871-A2C0-7B642435FBA6} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {2C165ED5-7373-4769-8C27-68E472FE9A46} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-07-23] (ASUSTeK Computer Inc.)
Task: {2F6414F1-4572-4308-9574-5BE0BD25D4F0} - System32\Tasks\{ABFD0871-54FB-4AFE-B202-AC22C2C55024} => pcalua.exe -a "C:\Users\Alex\Desktop\6.08-nvidia-system-tools (1).exe" -d C:\Users\Alex\Desktop
Task: {3BC45E15-252D-4274-9BB6-785A1785B50A} - System32\Tasks\{D9A9A741-8C00-4D50-97C5-7CEB0DF3B9A1} => pcalua.exe -a C:\Users\Alex\Desktop\Setup_product_25030.exe -d C:\Users\Alex\Desktop
Task: {3DC38F87-D96A-4623-8307-58065C72D37D} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: {5648A806-379A-4016-8109-80F533FC405D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)
Task: {5FBCC090-C4AD-4CC6-B379-F36924C6CF02} - \Inst_Rep -> No File <==== ATTENTION
Task: {7C7F5B19-EE0D-4D33-9874-94ED66F37F95} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {8A809FE5-0D41-40DF-AA65-219A5C72F7B4} - System32\Tasks\{58CB19B2-D8B5-45B4-A63C-19B1D90BB0AD} => pcalua.exe -a "C:\Users\Alex\Desktop\Flight Simulator X Acceleration\setup.exe" -d "C:\Users\Alex\Desktop\Flight Simulator X Acceleration"
Task: {90D9A208-338B-4E29-9D37-E6C03B5D83C1} - System32\Tasks\{5C5C7534-C419-4A02-8A9D-F85FB4EE35F7} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NTUNE\setup.exe -d C:\NVIDIA\SystemTools\6.08\NTUNE
Task: {9544D1F9-50A2-408E-B54B-9E2B356568E2} - System32\Tasks\Core Temp Autostart Alex => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {A6968CBF-27E5-418A-8628-5649B554CD5B} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {AC8DF956-C7A5-4719-AABD-86A21B31CEC1} - System32\Tasks\EasyRésumé => c:\programdata\{ba6d0c99-93f4-fe0a-ba6d-d0c9993f3266}\wondershare mobilego for android pro crack serial number download.exe <==== ATTENTION
Task: {C7584D78-09E9-42E9-8B1A-8CFDA73A111F} - System32\Tasks\{E10BC480-CA2D-444F-BFBD-0867657B227B} => pcalua.exe -a "C:\Users\Alex\Desktop\odinV3.1.6 (2).exe" -d C:\Users\Alex\Desktop
Task: {D21FCBEE-DED7-4F97-80E4-1E674C5889C7} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {D5E48E90-9490-48A8-912C-C972675FB367} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.)
Task: {E40741B3-F755-4BE3-ABCE-05245AAA2473} - System32\Tasks\Google Updater and Installer => C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E86816AF-6075-4D2A-92D2-01CB021CD924} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {EB4B5B7B-4B56-4C93-9B49-0CB18C77E622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
Task: {F9B052DE-A9BC-4339-B73C-C2537B1F0722} - System32\Tasks\Chrome Cleanup Tool logs upload retry => C:\Users\Alex\AppData\Local\Temp\4D6C.exe <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\EasyRésumé.job => c:\programdata\{ba6d0c99-93f4-fe0a-ba6d-d0c9993f3266}\wondershare mobilego for android pro crack serial number download.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-28 20:21 - 2012-06-28 20:21 - 00019456 _____ () C:\Program Files\PBO Manager v.1.4 beta\PboShellExt.dll
2013-05-26 11:53 - 2013-05-26 11:53 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-12-21 13:09 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Alex\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-12-21 13:09 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Alex\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:3F30E778
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Hauppauge Device Properties.lnk => C:\Windows\pss\Hauppauge Device Properties.lnk.Startup
MSCONFIG\startupreg: ContourCameraFinder => "C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe" 
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{23BD272A-9FBD-4134-81EC-F87B7351DB66}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7AD581DD-A58F-4A72-BE8B-C8230E0E81A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{177EB9C4-3ADC-4F0E-B7AA-2577D1BF2662}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
FirewallRules: [{E2056161-7145-4CBD-9747-BD90A88C1DDA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{D741ED09-ACFD-4BC6-B4A0-E004DD10BE23}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{681A9F9A-3E9A-4F5A-A91E-01D6C8440919}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{141B3920-0CDD-4FC1-A9D6-DDBC3E8629F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{18E53D3D-AE35-4D2D-AEE8-599763FE4705}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [TCP Query User{898F768E-03EB-44AC-B3D7-C326672582CC}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{0ABE4F96-2AF0-4570-9EBB-A7EEE586D20B}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{B176C2E5-9F92-4E5A-98FC-C8236562BD6A}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [UDP Query User{32A25899-10CC-46E3-B112-1A88005ACC1E}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [TCP Query User{0EE344AE-1F1F-4369-AFA7-EE342CD90553}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [UDP Query User{5AB97124-DDEE-48ED-B1C0-3483FDAD1451}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [{9F6D947B-4CFD-42A8-B1FD-033F9008F4F4}] => (Allow) LPort=80
FirewallRules: [{B539A385-36D0-45D2-A865-4583BC9C3ECC}] => (Allow) LPort=443
FirewallRules: [{62F324E6-DDF6-45B4-A7C9-D41AB7CB79C0}] => (Allow) LPort=20010
FirewallRules: [{61E5F0B2-4A31-4634-B6A7-AD63AC81C49A}] => (Allow) LPort=3478
FirewallRules: [{248A2F32-92D1-403B-B89A-C74201A4C8D4}] => (Allow) LPort=7850
FirewallRules: [{2E2CFABC-A025-40A4-B25A-200C481CB214}] => (Allow) LPort=27022
FirewallRules: [{C4D68349-6395-4EF4-9428-904E53BEFD91}] => (Allow) LPort=6881
FirewallRules: [{50098D90-536D-436B-81E1-52975296B977}] => (Allow) LPort=33333
FirewallRules: [{57C08874-D2E5-4361-A1C4-3DE57705D291}] => (Allow) LPort=20443
FirewallRules: [{169E6F6E-D202-4A18-97AC-FEA20B50E0B1}] => (Allow) LPort=8090
FirewallRules: [{D9A48101-F0BA-4015-8887-704D3666BF60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{7453F4F0-DCD1-4C28-AE70-E02E53E3AD98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{28F36E5B-B4E9-44FA-86E2-9C032209E5ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{F069ABDE-046D-413F-A1D8-FCFEA54923A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{D0987072-804E-4688-BD5C-DD2895791DC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{046A43BA-268B-4929-A2A6-8C64DE21DB2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{15DFC7C6-4BEB-45A1-90A8-978063357BEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{04EE24E3-30D5-46AD-A43A-CCCF13326D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [TCP Query User{A59D90B4-63B1-4C50-8499-C2CFBB6221E4}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe
FirewallRules: [UDP Query User{0B08C657-BC82-48F5-A4B0-CB892E451696}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe
FirewallRules: [{E0718CEF-3AC4-490C-9348-AC576EFD3282}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{42228AC3-F8BA-445C-948B-DC921D4BEBCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{3EAD1C6C-498A-4715-BF3A-2713F9FAF380}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{ACC1A7AC-3916-46C7-970D-20A7CA79C376}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{59C573F5-3035-43C2-863B-7D2D8364AE77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{66B9670C-51E2-4131-AE90-244E16F2A2AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{3354D5DB-DF08-4C2D-A2DC-4542C4C02343}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{A71873B6-629B-4C85-AEDE-3CE21E068F01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{FE78F9BB-2702-4714-AC5C-54AB188F5524}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{70C316CF-E9B8-4D43-ABF1-6BF756CFF588}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{95FC4ACE-291D-4937-AB25-BC23A6C1B1A3}C:\program files\core temp\core temp.exe] => (Block) C:\program files\core temp\core temp.exe
FirewallRules: [UDP Query User{380D94F7-7736-4D5F-A54F-EF89AD85690B}C:\program files\core temp\core temp.exe] => (Block) C:\program files\core temp\core temp.exe
FirewallRules: [{405CE79C-CB93-4CED-A92A-D833C12B38E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{F2233BC2-7C35-4544-9FC8-F92F2AA84F99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{D8FFA419-899C-4AA9-9423-7828340F6626}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{AF1EFE77-1021-4847-8534-9D5785C69339}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{A1016E36-05E6-4E0B-94F6-81270B8039F6}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{27DC63DA-15C0-4D0A-9F50-7EE669AAB678}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{561291C0-B4DD-4198-A13E-31A4506813B3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{98DA2D95-0B77-43BC-9FD7-2AD8EA6E5B83}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{05378058-384E-4721-A06D-E29A338A6A8B}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{59C59A2B-3556-4E47-88D5-14CA21BB874A}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{BE227551-5FFC-4F25-8E8B-DB0AE2F03DD0}] => (Allow) LPort=7852
FirewallRules: [{1151E12C-C45C-433C-86E2-767300F8BB49}] => (Allow) LPort=7853
FirewallRules: [TCP Query User{D4DD590C-83D2-47E6-ABB0-9A80EFB1D100}C:\program files (x86)\cncgenerals\zerohour\generals.exe] => (Allow) C:\program files (x86)\cncgenerals\zerohour\generals.exe
FirewallRules: [UDP Query User{0F352D83-92EF-4B31-9D04-B458B9D158FA}C:\program files (x86)\cncgenerals\zerohour\generals.exe] => (Allow) C:\program files (x86)\cncgenerals\zerohour\generals.exe
FirewallRules: [{19C01F4E-07D8-4A31-A39C-10FA9835D281}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A3F783E1-228B-4066-954E-33B904D70CB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A7FDAE8-7ECE-4769-99ED-71A44572D1D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3C346B07-0007-4654-BE57-F7B3BB79B3C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{67CC93AE-2FA5-4BBB-BFC5-14E6CECBAD94}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{F56925DC-A448-4B8A-825F-010B641F99FB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C0AC20A1-77DB-4D32-A131-C2E1CC3ECE55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{2D978D8B-4028-4F30-8A63-36D3662F1101}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9CD9BF72-5A72-4855-9802-E3362348BB90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{5E1B7A22-881F-4A25-9A2D-1C3B506F7425}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{D50F4F7C-6E6E-4B19-8643-338F44E98864}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B80AD3FF-4CBC-40C4-9594-28E2ECDB1E21}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03A92041-037C-4B7F-A373-51862FF88CEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{EF6ABDE1-AB0B-45CB-8A02-9858C7577B14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{81706F99-684F-422C-BBB4-42B9A2030047}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{AD69B04B-3C1A-4100-B4B9-9A9D5A746535}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [{1823AF47-48A6-49A7-9171-B4FD14F89FA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{645532B4-CF2A-49AB-813E-D654DDA7E3FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{D9640C7A-FD22-46C9-B3FE-36DC61C86F8C}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{B5332004-5FDD-44D3-91B6-686E4B4FC775}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{6637D651-EEB3-40B7-9F99-1675D0F0D03D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{1D9861BF-B330-4E96-A6BB-6EE40E5C7AAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{4B276C4A-0911-4D84-9C36-806FBEEB58FB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{089E0BEC-1F8A-42DA-85D1-8CE628DA4B13}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{499A7BFA-0D92-4BD7-9DB6-48960123447B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1BC68F8D-DF9E-4EBF-A254-06FC60817A14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{74DC6DF4-69DB-4BD8-AEAD-E3FA9D724D2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{8053584C-C601-4F98-9612-535172B9F35C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{6B3F62C1-FA2C-404F-8C4A-1C18F9C34D90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\Rust.exe
FirewallRules: [{FB300C52-8E0C-409C-BA45-482738DA7E41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\Rust.exe
FirewallRules: [{BE007947-770C-4364-AA04-E84250FD678B}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{EA0A4AD5-9790-44C7-83F7-0C5AE1745F8C}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{CB26CECA-EF85-4FD1-BF84-4EE2F8E8A0D9}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{43540037-DF1D-4688-B329-F84F8B2E72EC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{A51315E4-3572-4BB4-8660-75DEE39A2521}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{52AB9A8E-47F9-40C9-943F-5C89E48C4525}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{BC3A94DE-2CA1-474A-898F-8FC4EF9AAD01}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{23995B64-D86B-4109-A5FF-1FC588EE66DE}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{39C33869-DB8A-4ACA-960F-222AB26031F6}C:\program files (x86)\cain\cain.exe] => (Allow) C:\program files (x86)\cain\cain.exe
FirewallRules: [UDP Query User{B3BD0B76-10C6-4243-AFBB-EF419E014525}C:\program files (x86)\cain\cain.exe] => (Allow) C:\program files (x86)\cain\cain.exe
FirewallRules: [{3E98DA33-2E33-4BC9-9A13-B592DD7155B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4C30CF68-C4DA-47EC-8636-F602BD244C2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{093F8B1C-5AFD-49EB-B19B-6F207628FEA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CCE7FD74-19EA-445F-B30E-B67AD8BA3BF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BA86209A-7C56-402B-8EB8-8D4F9915F30C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A5077840-3815-4A7F-8BB6-BE4ED57ED93B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2804930E-1143-4A35-A4F3-C1EBE29190E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BAB4ED02-45C1-4E73-893B-CDA1F312DE60}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4E00BEF-08C9-4697-AF3C-584546AA4020}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1D90C2A-BCD6-4739-912C-172E280700BE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A0D6636A-9D44-4C06-BC22-AD7A46FFF429}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{AB336E3B-D3D2-46CC-BE1B-83842CCAFC90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{8E0FC3F6-F0CB-49CE-AB8D-8C31DABB6D20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{53C736D9-4727-4350-BC6A-8337C5A19AB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C396B5B5-068E-4EC4-B8BD-527BEAB74810}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{2B7D8FF7-F8F6-4B99-BC40-5A347D55C561}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{D09DAEBC-AB2A-4B63-BA0D-59522F0C0526}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{40662682-EDB1-40CA-A9A0-AEBD40152800}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{22FFAD99-4059-4482-90C0-20B384B07969}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{9573D44D-CB6D-4DDF-AE7F-0913D7606983}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{E1B611D8-E167-43EA-B135-6783D85658B2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{98C5E0BA-5041-4C76-AB1E-7CDD04F089C5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{F9EF5655-C251-41FF-9E8A-5B2C507CB82B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{9745D7B8-C3C7-404A-9F99-AADB2C0AF220}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{DD85A9B0-62A9-4835-B7DA-1D1A231AE908}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{464E8E57-9DF8-4F88-8345-E53E72BED6D0}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{3D6985CC-6A9C-4F64-B21B-ABBCBDD9E7BB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{3E7F0C5D-96C7-4757-A996-BECC3B4B01D3}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{8A0D673F-E020-496D-BE73-AE8C24F035BE}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{A0A90714-D86F-4C54-BD9D-7965112A1AFF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{7D418775-E850-4982-B930-D62B6BF85EB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CB2776BE-52C1-43D8-AAF4-8FBB43FB3DF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{25E0C422-C8A0-40BC-86C8-0C216741B071}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{846A273E-CA11-4857-980A-3DA493D63857}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F003FA07-7FFA-4B25-8DD0-2F6B15B439FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D63370EC-885A-4EEF-82BB-0BB34C2E25C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{920563BB-0431-4BD2-8A82-977BFD8A9A79}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FD876946-639E-48A8-9C23-22A0E2D6490D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{94E82A32-A586-4887-B538-463067AD76AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/24/2015 11:45:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/23/2015 10:02:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/23/2015 06:42:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/23/2015 12:05:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2015 09:32:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2015 09:03:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2015 05:15:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2015 01:22:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2015 01:15:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/21/2015 10:38:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program avpui.exe version 16.0.0.625 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 10bc
 
Start Time: 01d10c3da041905f
 
Termination Time: 60000
 
Application Path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
 
Report Id: ce180ab0-7865-11e5-97bd-60a44c5226dc
 
 
System errors:
=============
Error: (10/24/2015 11:45:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (10/24/2015 11:45:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (10/24/2015 11:45:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
CodeIntegrity:
===================================
  Date: 2015-10-22 20:48:13.914
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 20:30:55.244
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 17:14:52.370
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 13:15:51.137
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 13:12:14.743
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 12:27:55.597
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 01:41:28.316
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 01:41:27.739
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 01:41:27.164
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-22 01:41:26.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3930K CPU @ 3.20GHz
Percentage of memory in use: 11%
Total physical RAM: 16325.69 MB
Available physical RAM: 14477.02 MB
Total Virtual: 32649.55 MB
Available Virtual: 30739.41 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:118.41 GB) NTFS
Drive d: (Secondary) (Fixed) (Total:298.09 GB) (Free:114.06 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:149.05 GB) (Free:32.82 GB) NTFS
Drive h: (New Volume) (Fixed) (Total:55.89 GB) (Free:46.68 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9DDF56E0)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 006E528C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 26E2D4AE)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 53E160E6)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks for the info. Please run the following fix and then let me know if you can boot normally.

 

Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   2.85KB   97 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.


  • 0

#5
thealexandrev

thealexandrev

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Alright, so I applied the fix and my pc did boot normally. However it did take a LOT longer than normal to load to the desktop from the black screen with the cursor. Thanks a ton. Here's what FRST gave me: 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:25-10-2015
Ran by Alex (2015-10-25 11:17:18) Run:2
Running from C:\Users\Alex\Desktop
Loaded Profiles: Alex (Available Profiles: Alex)
Boot Mode: Safe Mode (with Networking)
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\Run: [{3EFB5168-8101-4A26-BC0A-1C143EFFA2B2}] => regsvr32.exe "C:\Users\Alex\AppData\Roaming\Oacukf\EumoTmox.dll"
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\MountPoints2: {2a69809f-4b32-11e3-b955-60a44c5226dc} - F:\SETUP.EXE
AppInit_DLLs: C:\ProgramData\KeyStream\KeyStream64.dll => No File
AppInit_DLLs-x32: C:\ProgramData\KeyStream\KeyStream32.dll => No File
Hosts:
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: SBCONVERT Class -> {92A9ACF4-9333-43AE-9698-DB283326F87F} -> C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll => No File
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=F95zamobl010924,8906f740-4510-4ecc-b016-2bdb1d9300bf,
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault&prd=smw&pid=s&shr=d&q={searchTerms}&s=F95zamobl010924,8906f740-4510-4ecc-b016-2bdb1d9300bf,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [djcpfkccckpeeghiklnhienllljccglb] - C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Chrome\DownloaderChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ledcpigomgblcmofccnacobhmcdkpiea] - C:\Program Files (x86)\SearchPredict\Chrome\SearchPredictChrome.crx <not found>
CustomCLSID: HKU\S-1-5-21-1593570779-2006387891-214409227-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\appmgr.dll => No File <==== ATTENTION
Task: {0E81521D-A843-499E-9342-530BCD03605F} - \SMW_UpdateTask_Time_313331313734353133342d5737325a786c5a3237344541 -> No File <==== ATTENTION
Task: {15DDD226-19E4-42AC-A347-6E2CD4F3A03C} - \ZIYBY -> No File <==== ATTENTION
Task: {5FBCC090-C4AD-4CC6-B379-F36924C6CF02} - \Inst_Rep -> No File <==== ATTENTION
Task: {AC8DF956-C7A5-4719-AABD-86A21B31CEC1} - System32\Tasks\EasyRésumé => c:\programdata\{ba6d0c99-93f4-fe0a-ba6d-d0c9993f3266}\wondershare mobilego for android pro crack serial number download.exe <==== ATTENTION
Task: {F9B052DE-A9BC-4339-B73C-C2537B1F0722} - System32\Tasks\Chrome Cleanup Tool logs upload retry => C:\Users\Alex\AppData\Local\Temp\4D6C.exe <==== ATTENTION
Task: C:\Windows\Tasks\EasyRésumé.job => c:\programdata\{ba6d0c99-93f4-fe0a-ba6d-d0c9993f3266}\wondershare mobilego for android pro crack serial number download.exe <==== ATTENTION
EmptyTemp:
 
*****************
 
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{3EFB5168-8101-4A26-BC0A-1C143EFFA2B2} => value removed successfully
"HKU\S-1-5-21-1593570779-2006387891-214409227-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => key removed successfully
"HKU\S-1-5-21-1593570779-2006387891-214409227-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-1593570779-2006387891-214409227-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => key removed successfully
"HKU\S-1-5-21-1593570779-2006387891-214409227-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a69809f-4b32-11e3-b955-60a44c5226dc}" => key removed successfully
HKCR\CLSID\{2a69809f-4b32-11e3-b955-60a44c5226dc} => key not found. 
"C:\ProgramData\KeyStream\KeyStream64.dll" => Value data removed successfully.
"C:\ProgramData\KeyStream\KeyStream32.dll" => Value data removed successfully.
Hosts restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
Chrome HomePage => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\djcpfkccckpeeghiklnhienllljccglb" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ledcpigomgblcmofccnacobhmcdkpiea" => key removed successfully
"HKU\S-1-5-21-1593570779-2006387891-214409227-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E81521D-A843-499E-9342-530BCD03605F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E81521D-A843-499E-9342-530BCD03605F}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_313331313734353133342d5737325a786c5a3237344541 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15DDD226-19E4-42AC-A347-6E2CD4F3A03C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15DDD226-19E4-42AC-A347-6E2CD4F3A03C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZIYBY" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FBCC090-C4AD-4CC6-B379-F36924C6CF02}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FBCC090-C4AD-4CC6-B379-F36924C6CF02}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Inst_Rep => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC8DF956-C7A5-4719-AABD-86A21B31CEC1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC8DF956-C7A5-4719-AABD-86A21B31CEC1}" => key removed successfully
C:\Windows\System32\Tasks\EasyRésumé => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyRésumé" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9B052DE-A9BC-4339-B73C-C2537B1F0722}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9B052DE-A9BC-4339-B73C-C2537B1F0722}" => key removed successfully
C:\Windows\System32\Tasks\Chrome Cleanup Tool logs upload retry => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Chrome Cleanup Tool logs upload retry" => key removed successfully
C:\Windows\Tasks\EasyRésumé.job => moved successfully
EmptyTemp: => 90.9 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 11:17:23 ====

  • 0

#6
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Good news about being able to boot normally. Please provide a fresh set of logs while booted normally.

 

Step#1 - Fresh Set of Logs
 
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check box this log will be created as well. Please copy and paste this log as well.
 
 
 
Items for your next post
1. FRST and Addition logs


  • 0

#7
thealexandrev

thealexandrev

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by Alex (administrator) on ALEX-PC (25-10-2015 22:38:27)
Running from C:\Users\Alex\Desktop
Loaded Profiles: Alex (Available Profiles: Alex)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
() C:\Program Files\Core Temp\Core Temp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Razer) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Azureus Software, Inc) C:\Program Files\Vuze\Azureus.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\Run: [ContourCameraFinder] => C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe [233112 2013-05-06] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
IFEO\divxcontrolpanellauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:54811;https=127.0.0.1:54811
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1D207054-2633-4905-B5A0-0E3E8371F2A4}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{3269785F-E192-4699-913E-CB43DFA74DDB}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{54BD1089-F824-4592-A3C0-77BB08A274F4}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{D77A1D5A-7BDB-4F50-A8B8-BE9EAB9B54E4}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1593570779-2006387891-214409227-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: GrabberObj Class -> {FF7C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\grabber.dll => No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll No File
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
DPF: HKLM-x32 {3746422E-4692-4429-9698-E3EB34FE07BC} hxxp://larrywillburg.no-ip.biz:98/FSIPCam.cab
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll [2013-05-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll [2013-05-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Users\Alex\Desktop\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-11-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-09-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-23] [not signed]
FF HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-09] [not signed]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.youtube.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Republic For Chrome ROG Edition) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\baddhngpffecbmlmdpnfldobhaaaifde [2015-06-28]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-14]
CHR Extension: (agar.io server browser) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Click&Clean App) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-09-08]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [399744 2012-11-07] (ASUSTeK Computer Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-20] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-07-28] ()
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-24] (DTS, Inc)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-30] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [391504 2013-06-25] (Hauppauge Computer Works, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-19] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-06-03] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [31448 2013-04-22] (Razer)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [966640 2013-05-23] (Hauppauge Computer Work, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-21] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-21] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-20] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2013-07-22] (http://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [52832 2013-01-24] (http://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128728 2013-04-18] (Razer USA Ltd)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [73944 2013-04-18] (Razer USA Ltd)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
R3 Thermnaltake MS2 Filter; C:\Windows\System32\Drivers\MS2Filter.sys [57072 2010-09-23] (Thermaltake)
R3 Thermnaltake MS2 Filter; C:\Windows\SysWOW64\Drivers\MS2Filter.sys [31360 2010-09-23] (Thermaltake) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\Alex\AppData\Local\Temp\ALSysIO64.sys [X]
S1 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S3 BS3562676826; \??\C:\Users\Alex\AppData\Local\Temp\NTFS.sys [X]
S0 mvs91xx; system32\DRIVERS\mvs91xx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-25 15:58 - 2015-10-25 15:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\NVIDIA
2015-10-24 23:45 - 2015-10-24 23:45 - 00063375 _____ C:\Users\Alex\Desktop\Addition.txt
2015-10-24 23:44 - 2015-10-25 22:38 - 00028799 _____ C:\Users\Alex\Desktop\FRST.txt
2015-10-24 23:44 - 2015-10-25 22:38 - 00000000 ____D C:\Users\Alex\Desktop\FRST-OlderVersion
2015-10-23 21:47 - 2015-10-25 15:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-23 21:46 - 2015-10-23 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-23 21:46 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-23 21:46 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-23 21:46 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-23 13:01 - 2015-10-25 12:36 - 00029038 _____ C:\Windows\PFRO.log
2015-10-23 12:47 - 2015-10-23 12:47 - 00084077 _____ C:\Users\Alex\Desktop\Shortcut.txt
2015-10-23 12:44 - 2015-10-25 22:38 - 00000000 ____D C:\FRST
2015-10-23 12:40 - 2015-10-25 22:38 - 02197504 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2015-10-23 12:13 - 2015-10-23 12:13 - 05637412 _____ (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2015-10-22 21:09 - 2015-10-23 21:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-22 21:09 - 2015-10-22 21:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-22 20:47 - 2015-10-22 20:47 - 00000055 _____ C:\Users\Alex\Desktop\f.txt
2015-10-21 22:54 - 2015-10-23 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security with Backup
2015-10-21 22:54 - 2015-10-23 05:20 - 00000000 ____D C:\Program Files (x86)\Norton Security with Backup
2015-10-21 22:54 - 2015-10-21 22:54 - 00102616 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-10-21 22:54 - 2015-10-21 22:54 - 00003242 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-10-21 22:54 - 2015-10-21 22:54 - 00000000 ____D C:\ProgramData\Norton
2015-10-21 22:54 - 2015-10-21 22:54 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-10-20 00:27 - 2015-10-20 00:27 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-20 00:27 - 2015-10-20 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-20 00:27 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-20 00:26 - 2015-10-21 16:35 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-20 00:26 - 2015-10-21 16:35 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-20 00:26 - 2015-10-20 00:26 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-19 22:24 - 2015-10-23 21:57 - 00002056 _____ C:\Users\Alex\Desktop\FL Studio 12 (64bit).lnk
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files\Common Files\VST2
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-10-19 22:24 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2015-10-19 21:50 - 2015-10-23 13:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-10-19 21:50 - 2015-10-23 13:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-10-19 21:50 - 2015-10-19 22:24 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-10-19 21:50 - 2015-10-19 21:50 - 00000000 ____D C:\Users\Alex\Documents\Image-Line
2015-10-19 21:50 - 2015-10-19 21:50 - 00000000 ____D C:\Users\Alex\AppData\Roaming\FlowStone
2015-10-19 21:50 - 2015-10-19 21:50 - 00000000 ____D C:\Program Files\Image-Line
2015-10-19 21:48 - 2015-10-19 22:25 - 00000000 ____D C:\Program Files (x86)\Image-Line
2015-10-15 22:43 - 2011-06-22 22:25 - 00052895 ____N C:\Users\Alex\Desktop\file_contexts
2015-10-14 23:18 - 2015-10-14 23:18 - 00000000 ____D C:\Program Files (x86)\ClockworkMod
2015-10-14 12:06 - 2015-10-16 00:22 - 00000000 ____D C:\Users\Alex\Documents\SelfMV
2015-10-08 10:12 - 2015-10-08 22:10 - 00002207 _____ C:\Users\Alex\Desktop\1.txt
2015-10-05 21:49 - 2015-10-20 00:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-09-30 21:06 - 2015-09-30 21:06 - 00000000 ____D C:\VideoOutput
2015-09-30 20:54 - 2015-09-30 20:54 - 00000000 ____D C:\Users\Alex\.cache
2015-09-30 20:53 - 2015-09-30 20:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Apowersoft
2015-09-30 20:53 - 2015-09-30 20:53 - 00000000 ____D C:\Users\Alex\Documents\Video Download Capture
2015-09-30 20:53 - 2014-04-09 21:05 - 00031920 _____ (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2015-09-30 20:47 - 2015-09-30 20:47 - 00109696 _____ C:\Windows\SysWOW64\EasyHook64.dll
2015-09-30 20:47 - 2015-09-30 20:47 - 00091264 _____ C:\Windows\SysWOW64\EasyHook32.dll
2015-09-30 20:47 - 2015-09-30 20:47 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Toolbar4
2015-09-30 20:47 - 2015-09-30 20:47 - 00000000 ____D C:\ProgramData\SpeedBit
2015-09-30 20:47 - 2015-09-30 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDbit Video Downloader
2015-09-30 20:47 - 1998-12-05 13:18 - 00172032 _____ (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com)C:\Windows\SysWOW64\AniGIF.ocx
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-25 22:38 - 2013-04-23 23:01 - 00000021 _____ C:\Users\Alex\AppData\Roaming\config_data.dat
2015-10-25 22:35 - 2013-04-26 00:48 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Azureus
2015-10-25 21:48 - 2013-04-23 21:27 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-25 20:57 - 2015-08-09 22:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-25 15:57 - 2013-04-23 21:33 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-25 14:48 - 2013-04-23 21:27 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-25 13:01 - 2013-04-23 21:12 - 01715235 _____ C:\Windows\WindowsUpdate.log
2015-10-25 12:44 - 2009-07-14 00:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-25 12:44 - 2009-07-14 00:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-25 12:36 - 2015-07-26 12:28 - 00024474 _____ C:\Windows\setupact.log
2015-10-25 12:36 - 2015-05-28 20:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-25 12:36 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-23 22:00 - 2009-07-14 00:45 - 00000000 ____D C:\Windows\Setup
2015-10-23 21:58 - 2015-08-09 23:10 - 00000825 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-23 21:58 - 2015-06-14 15:52 - 00001179 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2015-10-23 21:58 - 2013-10-02 16:45 - 00001191 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk
2015-10-23 21:58 - 2013-04-23 21:07 - 00001413 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet-Explorer.lnk
2015-10-23 21:57 - 2015-08-14 17:33 - 00001060 _____ C:\Users\Alex\Desktop\Kerbal Space Program.lnk
2015-10-23 21:57 - 2014-07-18 21:20 - 00002156 _____ C:\Users\Alex\Desktop\ArmA II Launcher.lnk
2015-10-23 21:57 - 2014-03-21 17:35 - 00001203 _____ C:\Users\Alex\Desktop\TeamSpeak 3 Client.lnk
2015-10-23 21:57 - 2013-12-14 00:44 - 00000963 _____ C:\Users\Alex\Desktop\YaTQA.lnk
2015-10-23 21:57 - 2013-08-27 19:05 - 00002052 _____ C:\Users\Alex\Desktop\TADST- A2.lnk
2015-10-23 21:57 - 2013-08-27 19:05 - 00001830 _____ C:\Users\Alex\Desktop\TADST - A3.lnk
2015-10-23 21:57 - 2013-04-23 21:38 - 00000000 ____D C:\ProgramData\APN
2015-10-23 13:02 - 2015-08-09 22:24 - 00000000 ____D C:\Users\Alex\Desktop\Browser
2015-10-23 13:02 - 2015-03-31 20:47 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SIX Networks
2015-10-23 13:02 - 2014-12-23 00:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-23 13:02 - 2014-07-20 11:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-10-23 13:02 - 2014-07-20 11:55 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-10-23 13:02 - 2014-05-03 14:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C&C Generals
2015-10-23 13:02 - 2014-04-21 16:33 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Surgeon Simulator 2013 Steam Edition 1.0
2015-10-23 13:02 - 2014-03-21 17:35 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-10-23 13:02 - 2014-02-02 14:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2015-10-23 13:02 - 2013-12-14 00:44 - 00000000 ____D C:\Users\Alex\AppData\Roaming\YaTQA
2015-10-23 13:02 - 2013-10-03 00:04 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hauppauge
2015-10-23 13:02 - 2013-07-11 15:23 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager
2015-10-23 13:02 - 2013-07-08 00:53 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-10-23 13:02 - 2013-05-31 18:00 - 00000000 ____D C:\Users\Alex\Desktop\Game Hacks
2015-10-23 13:02 - 2013-05-03 19:38 - 00000000 ____D C:\Users\Alex\Desktop\Editing
2015-10-23 13:02 - 2013-04-24 20:43 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City Life RPG
2015-10-23 13:02 - 2013-04-23 21:59 - 00000000 ____D C:\Users\Alex\Desktop\Misc
2015-10-23 13:02 - 2013-04-23 21:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client
2015-10-23 13:02 - 2013-04-23 21:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-23 13:02 - 2013-04-23 21:06 - 00000000 ___RD C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-23 13:02 - 2013-04-23 21:06 - 00000000 ___RD C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-23 13:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-23 13:01 - 2015-05-10 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-23 13:01 - 2013-04-23 21:55 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype
2015-10-23 13:01 - 2013-04-23 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-23 13:01 - 2013-04-23 21:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-23 13:01 - 2013-04-23 21:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-23 13:01 - 2013-04-23 21:38 - 00000000 ____D C:\Program Files\Core Temp
2015-10-23 13:01 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-10-23 13:01 - 2009-07-13 23:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-23 13:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-10-23 12:59 - 2013-06-18 13:25 - 00000000 ____D C:\ProgramData\Origin
2015-10-23 12:59 - 2013-04-23 21:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-23 12:49 - 2015-09-23 20:50 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Temp
2015-10-23 12:01 - 2013-04-23 21:06 - 00000000 ____D C:\Users\Alex
2015-10-22 21:27 - 2013-05-01 18:11 - 00000000 ____D C:\Windows\PCHEALTH
2015-10-21 23:39 - 2013-05-03 19:08 - 00007652 _____ C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2015-10-21 16:34 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-20 00:35 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-19 22:44 - 2013-06-18 17:52 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-18 22:01 - 2013-04-23 22:07 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-10-16 21:02 - 2015-09-15 17:11 - 00000000 ____D C:\Users\Alex\Desktop\New folder (2)
2015-10-16 00:13 - 2013-05-03 19:40 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Audacity
2015-10-13 16:09 - 2013-05-31 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 16:09 - 2013-04-26 01:14 - 00000000 ____D C:\ProgramData\Adobe
2015-10-13 16:08 - 2014-12-29 12:29 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-11 10:49 - 2015-05-02 14:56 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-11 10:49 - 2013-05-22 08:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-09 20:36 - 2015-01-12 16:41 - 00000000 ____D C:\Users\Alex\AppData\Roaming\SpinTires
2015-09-25 19:12 - 2009-07-14 01:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2013-05-02 16:21 - 2015-08-19 22:16 - 0000132 _____ () C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-04-23 21:33 - 2015-04-07 17:46 - 0000627 _____ () C:\Users\Alex\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-05-03 13:46 - 2014-05-03 13:46 - 0001218 _____ () C:\Users\Alex\AppData\Roaming\aps.scan.quick.results
2014-05-03 13:46 - 2014-05-03 13:46 - 0002636 _____ () C:\Users\Alex\AppData\Roaming\aps.scan.results
2014-05-03 13:46 - 2014-05-03 13:46 - 0000316 _____ () C:\Users\Alex\AppData\Roaming\aps.uninstall.scan.results
2013-04-23 23:01 - 2015-10-25 22:38 - 0000021 _____ () C:\Users\Alex\AppData\Roaming\config_data.dat
2013-04-23 21:46 - 2014-12-21 22:44 - 0000285 _____ () C:\Users\Alex\AppData\Roaming\GPU MeterV2_Settings.ini
2013-05-24 17:51 - 2013-05-24 17:52 - 0001091 _____ () C:\Users\Alex\AppData\Roaming\Network Meter_Settings.ini
2013-05-24 17:57 - 2013-08-14 21:26 - 0000022 _____ () C:\Users\Alex\AppData\Roaming\Network Meter_Usage.ini
2009-07-13 19:19 - 2009-07-13 21:52 - 0000242 _____ () C:\Users\Alex\AppData\Roaming\PBS3562676826.ini
2013-04-24 20:56 - 2013-04-24 21:04 - 0034816 _____ () C:\Users\Alex\AppData\Roaming\RZR_0010a4dd4775a217d02dfcce52af.db
2013-05-30 16:54 - 2015-07-25 21:18 - 0000498 _____ () C:\Users\Alex\AppData\Roaming\XP500UserMetrics.osl
2013-08-29 17:51 - 2013-08-29 17:52 - 0000587 _____ () C:\Users\Alex\AppData\Roaming\ZoombiesUniversalLauncher.xml
2015-04-23 21:38 - 2015-04-23 21:38 - 8723608 _____ () C:\Users\Alex\AppData\Local\0796D59C_stp.CIS
2015-04-23 21:38 - 2015-04-23 21:38 - 0000382 _____ () C:\Users\Alex\AppData\Local\0796D59C_stp.CIS.part
2015-06-21 13:56 - 2015-06-21 13:56 - 0000064 _____ () C:\Users\Alex\AppData\Local\12706a5b16177763a2f1136e508def2a
2015-04-23 21:38 - 2015-04-23 21:38 - 0200047 _____ () C:\Users\Alex\AppData\Local\59ED2468_stp.CIS
2015-04-23 21:38 - 2015-04-23 21:38 - 0000290 _____ () C:\Users\Alex\AppData\Local\59ED2468_stp.CIS.part
2015-04-23 21:37 - 2015-04-23 21:38 - 0385602 _____ () C:\Users\Alex\AppData\Local\5D515C96_stp.CIS
2015-04-23 21:38 - 2015-04-23 21:38 - 0000220 _____ () C:\Users\Alex\AppData\Local\5D515C96_stp.CIS.part
2013-04-28 00:27 - 2013-04-28 00:27 - 0001456 _____ () C:\Users\Alex\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-07-13 11:55 - 2013-07-13 11:55 - 0011123 _____ () C:\Users\Alex\AppData\Local\CleanupUninstall.txt
2013-05-20 23:31 - 2015-06-09 23:17 - 1065984 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2013-05-03 19:08 - 2015-10-21 23:39 - 0007652 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2008-02-05 17:28 - 2008-02-05 17:28 - 0000051 _____ () C:\Users\Alex\AppData\Local\setup.txt
2015-09-18 13:25 - 2015-09-18 13:25 - 0000000 _____ () C:\Users\Alex\AppData\Local\{DF0900B1-0BB0-44A3-A302-FE8C34763C43}
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-21 17:11
 
==================== End of FRST.txt ============================
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Alex (2015-10-25 22:38:58)
Running from C:\Users\Alex\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-04-24 01:06:40)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1593570779-2006387891-214409227-500 - Administrator - Disabled)
Alex (S-1-5-21-1593570779-2006387891-214409227-1000 - Administrator - Enabled) => C:\Users\Alex
Guest (S-1-5-21-1593570779-2006387891-214409227-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1593570779-2006387891-214409227-1012 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AI Carriers (HKLM-x32\...\AICarriers) (Version:  - )
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ArmA II Launcher (HKLM-x32\...\{EACFCDA4-3286-4DEB-92D8-53006239F347}) (Version: 1.4.1.0 - Spirited Machine)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CL2 Launcher (HKLM-x32\...\CL2 Launcher) (Version: 1.0.0.471 - ArMaTeC)
CL3 Launcher (HKLM-x32\...\CL3 Launcher) (Version: 3.0.1.178 - City Life RPG)
Contour Storyteller (HKLM-x32\...\Contour Storyteller 3.5.3) (Version: 3.5.3 - Contour)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.4.5110 - Corsair)
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskMark 3.0.3b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3b - Crystal Dew World)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dxtory version 2.0.128 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.128 - ExKode Co. Ltd.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Far Cry 4 (HKLM-x32\...\Steam App 298110) (Version:  - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
FileZilla Client 3.7.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.2 - FileZilla Project)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 6.5.1.415 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.1.415 - DVDVideoSoft Ltd.)
Free Video Converter V 3.2 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.2.0.0 - Koyote Soft)
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hauppauge Capture (HKLM-x32\...\Hauppauge Capture) (Version: 1.0.31248 - Hauppauge Computer Works)
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.2.31173 - Hauppauge Computer Works, Inc.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Network Connections 17.2.154.0 (HKLM\...\PROSetDX) (Version: 17.2.154.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.450 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kerbal Space Program (HKLM-x32\...\Kerbal Space Program_is1) (Version:  - )
L&H TTS3000 British English (HKLM-x32\...\LHTTSENG) (Version:  - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Loadout Editor For ArmA2 Combined Operations & ACE 2 version 1.4 Update 4, build 1.4.74 (HKLM-x32\...\{9D374F73-F47B-4637-B1D2-75173CFBF6B3}_is1) (Version: 1.4 Update 4, build 1.4.74 - The [S.o.E] team)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-AU, Hayley) (HKLM-x32\...\{C58363BD-6CB1-447F-9FEE-5F9542981D15}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-CA, Heather) (HKLM-x32\...\{6483CAE5-A44C-4CC4-8DD2-4F73C00471EC}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-GB, Hazel) (HKLM-x32\...\{9F1B2D5B-E203-4A4F-9EBD-AF04489EE058}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-IN, Heera) (HKLM-x32\...\{A9AD7528-7979-4472-8D61-A9F2994C8AAD}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (HKLM-x32\...\{C7CDC27F-0952-4DF1-9E41-B75140933BC6}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI Kombustor 2.5.2 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSRedists64 (Version: 2.00.0000 - Ingres Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 -  )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1022.0 - Passmark Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
Play withSIX Windows client (HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\PlaywithSIX) (Version: 1.66.1178.2 - SIX Networks GmbH)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 0.01.137 - Razer USA Ltd.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Registrar Registry Manager 7.70 (HKLM\...\RegistrarHome_is1) (Version:  - Resplendence Software Projects Sp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SimCity™ Limited Edition (HKLM-x32\...\SimCity™ Limited Edition) (Version:  - GameStop)
SimCity™: Cities of Tomorrow (HKLM-x32\...\SimCity™: Cities of Tomorrow) (Version:  - GameStop)
Six Updater (HKLM-x32\...\{AD42165D-FF3C-4975-A130-7AA2801AB5DD}) (Version: 2.09.7042 - Six Projects)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surgeon Simulator 2013 Steam Edition 1.0 (HKLM-x32\...\Surgeon Simulator 2013 Steam Edition 1.0) (Version: 1.0 - Cat-A-Cat)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Sims 4 Update v1.4.83.1010 inc Outdoor Retreat DLC (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Train Simulator 2013 (HKLM-x32\...\Steam App 24010) (Version:  - RailSimulator.com)
Tt eSPORTS BLACK Element (HKLM-x32\...\{BCE1F657-CD3C-434A-9724-09A43783A8EA}) (Version: 0.0.1 - Tt eSPORTS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VRS F/A-18E Superbug X (HKLM-x32\...\{0F1F6144-F13A-433D-B66E-129C5E8D504B}_is1) (Version: 1.4.2.4 - Vertical Reality Simulations)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
War Thunder Launcher 1.0.1.322 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version:  - Eugen Systems)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XP500 Advanced Sound Editor (HKLM-x32\...\{5BF6D4DE-C915-44C4-9176-AF6D3B27052F}) (Version: 1.0.0.1 - Turtle Beach)
XSplit Broadcaster (HKLM-x32\...\{3A1F3A32-7E9D-4AD2-A2E2-DFC98BAA9DC7}) (Version: 1.3.1403.1202 - SplitMediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
20-10-2015 12:38:11 Scheduled Checkpoint
21-10-2015 22:28:06 Chrome Cleanup Tool
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-25 11:17 - 2015-10-25 11:17 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0044473E-8470-4609-904E-84C6B7AC6F41} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {05385BE6-90C4-49C7-8E23-46363120D58A} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\CorsairLINK2\CorsairLink.exe
Task: {0BF7E028-CF72-4D0D-BA24-F6C4DE37B881} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {0C4D5E7F-E5F9-4265-8D22-6869577E5EEE} - System32\Tasks\{C859F03D-3AEC-4391-8390-BA7BE5061B11} => pcalua.exe -a C:\Users\Alex\Desktop\Mafia.II.PLUS.11.TRAINER-BReWErS\brew-mii.exe -d C:\Users\Alex\Desktop\Mafia.II.PLUS.11.TRAINER-BReWErS
Task: {1979244B-15A8-44DC-B1D2-D766DAAB4279} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {1B1E4123-58A1-4977-9B41-3AC1C040E2F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
Task: {1E96CFD2-C3A7-4D25-8E2A-EBEC2AE9EC83} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: {27E402D4-D77B-40EC-9715-FACB66662E87} - System32\Tasks\{DBDDACCC-288B-4ED0-BCCD-D2FBC862F953} => Chrome.exe hxxp://ui.skype.com/ui/0/6.21.0.104/en/abandoninstall?page=tsMain
Task: {28C2D0CE-B39D-4871-A2C0-7B642435FBA6} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {2C165ED5-7373-4769-8C27-68E472FE9A46} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-07-23] (ASUSTeK Computer Inc.)
Task: {2F6414F1-4572-4308-9574-5BE0BD25D4F0} - System32\Tasks\{ABFD0871-54FB-4AFE-B202-AC22C2C55024} => pcalua.exe -a "C:\Users\Alex\Desktop\6.08-nvidia-system-tools (1).exe" -d C:\Users\Alex\Desktop
Task: {3BC45E15-252D-4274-9BB6-785A1785B50A} - System32\Tasks\{D9A9A741-8C00-4D50-97C5-7CEB0DF3B9A1} => pcalua.exe -a C:\Users\Alex\Desktop\Setup_product_25030.exe -d C:\Users\Alex\Desktop
Task: {3DC38F87-D96A-4623-8307-58065C72D37D} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: {5648A806-379A-4016-8109-80F533FC405D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)
Task: {7C7F5B19-EE0D-4D33-9874-94ED66F37F95} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {8A809FE5-0D41-40DF-AA65-219A5C72F7B4} - System32\Tasks\{58CB19B2-D8B5-45B4-A63C-19B1D90BB0AD} => pcalua.exe -a "C:\Users\Alex\Desktop\Flight Simulator X Acceleration\setup.exe" -d "C:\Users\Alex\Desktop\Flight Simulator X Acceleration"
Task: {90D9A208-338B-4E29-9D37-E6C03B5D83C1} - System32\Tasks\{5C5C7534-C419-4A02-8A9D-F85FB4EE35F7} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NTUNE\setup.exe -d C:\NVIDIA\SystemTools\6.08\NTUNE
Task: {9544D1F9-50A2-408E-B54B-9E2B356568E2} - System32\Tasks\Core Temp Autostart Alex => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {A6968CBF-27E5-418A-8628-5649B554CD5B} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {C7584D78-09E9-42E9-8B1A-8CFDA73A111F} - System32\Tasks\{E10BC480-CA2D-444F-BFBD-0867657B227B} => pcalua.exe -a "C:\Users\Alex\Desktop\odinV3.1.6 (2).exe" -d C:\Users\Alex\Desktop
Task: {D21FCBEE-DED7-4F97-80E4-1E674C5889C7} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {D5E48E90-9490-48A8-912C-C972675FB367} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.)
Task: {E40741B3-F755-4BE3-ABCE-05245AAA2473} - System32\Tasks\Google Updater and Installer => C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E86816AF-6075-4D2A-92D2-01CB021CD924} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {EB4B5B7B-4B56-4C93-9B49-0CB18C77E622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-28 20:36 - 2015-08-07 00:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-28 20:21 - 2012-06-28 20:21 - 00019456 _____ () C:\Program Files\PBO Manager v.1.4 beta\PboShellExt.dll
2012-06-18 11:24 - 2012-06-18 11:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-04-23 21:38 - 2013-10-08 14:23 - 00890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2013-12-16 23:53 - 2011-09-08 14:41 - 00008192 _____ () C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2013-04-23 21:38 - 2012-06-01 20:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-07-22 09:48 - 2014-07-22 09:48 - 00012520 _____ () C:\Users\Alex\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-07-22 09:48 - 2014-07-22 09:48 - 00015080 _____ () C:\Users\Alex\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-07-22 09:48 - 2014-07-22 09:48 - 00014056 _____ () C:\Users\Alex\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2013-08-11 22:46 - 2013-05-06 14:23 - 00233112 _____ () C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
2013-08-30 23:57 - 2014-06-03 23:09 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-30 23:57 - 2014-06-03 23:09 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-08-04 08:26 - 2015-08-04 08:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-08-04 08:26 - 2015-08-04 08:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2013-04-26 00:48 - 2014-04-15 10:26 - 00097592 _____ () C:\Program Files\Vuze\aereg64.dll
2014-10-28 20:45 - 2014-06-24 15:12 - 00217600 _____ () C:\Users\Alex\AppData\Roaming\Azureus\plugins\azitunes\jacob-1.17-M2-x64.dll
2014-10-28 20:45 - 2014-06-24 15:12 - 00015840 _____ () C:\Users\Alex\AppData\Roaming\Azureus\plugins\azitunes\libProcessAccess64.dll
2013-04-23 21:38 - 2015-10-25 12:36 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-04-23 21:38 - 2010-06-29 13:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-07-27 22:36 - 2013-07-26 14:33 - 00140288 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-05-26 20:19 - 2015-07-24 00:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-04-23 21:44 - 2012-05-17 21:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-04-23 21:44 - 2012-07-05 15:05 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-04-23 21:42 - 2011-07-12 19:14 - 00147456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-04-23 21:42 - 2010-10-05 08:22 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-04-23 21:42 - 2012-03-21 12:07 - 00972288 ____N () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-04-23 21:43 - 2012-07-20 12:39 - 01047040 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-04-23 21:42 - 2012-05-25 10:33 - 00883712 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-04-23 21:42 - 2012-05-28 21:27 - 01622528 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-04-23 21:42 - 2011-09-19 20:18 - 01243136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-04-23 21:42 - 2011-07-21 09:06 - 00846848 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-04-23 21:42 - 2011-10-14 20:03 - 00885248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-04-23 21:38 - 2010-08-23 13:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-04-23 21:42 - 2010-10-05 08:22 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-04-23 21:42 - 2009-08-12 20:15 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-03-18 17:47 - 2015-03-18 17:47 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\9a896369e090fab5f58e7076181a1a0d\PSIClient.ni.dll
2013-03-25 17:23 - 2015-10-05 12:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:06 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 16:06 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:06 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 19:40 - 2015-10-14 16:56 - 02423376 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 22:08 - 2015-09-23 20:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 22:08 - 2015-09-23 20:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 22:08 - 2015-09-23 20:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 22:08 - 2015-09-23 20:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 22:08 - 2015-09-23 20:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-04-19 16:10 - 2015-10-14 16:56 - 00705104 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-21 19:35 - 2015-10-09 14:13 - 00193024 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2013-03-26 19:16 - 2015-10-08 18:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-20 16:06 - 2015-09-24 19:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2013-05-26 11:53 - 2013-05-26 11:53 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-10-25 17:49 - 2015-10-20 10:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-25 17:49 - 2015-10-20 10:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:3F30E778
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1593570779-2006387891-214409227-1000\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Hauppauge Device Properties.lnk => C:\Windows\pss\Hauppauge Device Properties.lnk.Startup
MSCONFIG\startupreg: ContourCameraFinder => "C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe" 
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{23BD272A-9FBD-4134-81EC-F87B7351DB66}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7AD581DD-A58F-4A72-BE8B-C8230E0E81A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{177EB9C4-3ADC-4F0E-B7AA-2577D1BF2662}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
FirewallRules: [{E2056161-7145-4CBD-9747-BD90A88C1DDA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{D741ED09-ACFD-4BC6-B4A0-E004DD10BE23}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{681A9F9A-3E9A-4F5A-A91E-01D6C8440919}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{141B3920-0CDD-4FC1-A9D6-DDBC3E8629F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{18E53D3D-AE35-4D2D-AEE8-599763FE4705}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [TCP Query User{898F768E-03EB-44AC-B3D7-C326672582CC}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{0ABE4F96-2AF0-4570-9EBB-A7EEE586D20B}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{B176C2E5-9F92-4E5A-98FC-C8236562BD6A}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [UDP Query User{32A25899-10CC-46E3-B112-1A88005ACC1E}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe] => (Allow) C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe
FirewallRules: [TCP Query User{0EE344AE-1F1F-4369-AFA7-EE342CD90553}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [UDP Query User{5AB97124-DDEE-48ED-B1C0-3483FDAD1451}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [{9F6D947B-4CFD-42A8-B1FD-033F9008F4F4}] => (Allow) LPort=80
FirewallRules: [{B539A385-36D0-45D2-A865-4583BC9C3ECC}] => (Allow) LPort=443
FirewallRules: [{62F324E6-DDF6-45B4-A7C9-D41AB7CB79C0}] => (Allow) LPort=20010
FirewallRules: [{61E5F0B2-4A31-4634-B6A7-AD63AC81C49A}] => (Allow) LPort=3478
FirewallRules: [{248A2F32-92D1-403B-B89A-C74201A4C8D4}] => (Allow) LPort=7850
FirewallRules: [{2E2CFABC-A025-40A4-B25A-200C481CB214}] => (Allow) LPort=27022
FirewallRules: [{C4D68349-6395-4EF4-9428-904E53BEFD91}] => (Allow) LPort=6881
FirewallRules: [{50098D90-536D-436B-81E1-52975296B977}] => (Allow) LPort=33333
FirewallRules: [{57C08874-D2E5-4361-A1C4-3DE57705D291}] => (Allow) LPort=20443
FirewallRules: [{169E6F6E-D202-4A18-97AC-FEA20B50E0B1}] => (Allow) LPort=8090
FirewallRules: [{D9A48101-F0BA-4015-8887-704D3666BF60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{7453F4F0-DCD1-4C28-AE70-E02E53E3AD98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{28F36E5B-B4E9-44FA-86E2-9C032209E5ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{F069ABDE-046D-413F-A1D8-FCFEA54923A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{D0987072-804E-4688-BD5C-DD2895791DC7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{046A43BA-268B-4929-A2A6-8C64DE21DB2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{15DFC7C6-4BEB-45A1-90A8-978063357BEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{04EE24E3-30D5-46AD-A43A-CCCF13326D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [TCP Query User{A59D90B4-63B1-4C50-8499-C2CFBB6221E4}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe
FirewallRules: [UDP Query User{0B08C657-BC82-48F5-A4B0-CB892E451696}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe
FirewallRules: [{E0718CEF-3AC4-490C-9348-AC576EFD3282}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{42228AC3-F8BA-445C-948B-DC921D4BEBCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{3EAD1C6C-498A-4715-BF3A-2713F9FAF380}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{ACC1A7AC-3916-46C7-970D-20A7CA79C376}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{59C573F5-3035-43C2-863B-7D2D8364AE77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{66B9670C-51E2-4131-AE90-244E16F2A2AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{3354D5DB-DF08-4C2D-A2DC-4542C4C02343}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{A71873B6-629B-4C85-AEDE-3CE21E068F01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{FE78F9BB-2702-4714-AC5C-54AB188F5524}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{70C316CF-E9B8-4D43-ABF1-6BF756CFF588}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{95FC4ACE-291D-4937-AB25-BC23A6C1B1A3}C:\program files\core temp\core temp.exe] => (Block) C:\program files\core temp\core temp.exe
FirewallRules: [UDP Query User{380D94F7-7736-4D5F-A54F-EF89AD85690B}C:\program files\core temp\core temp.exe] => (Block) C:\program files\core temp\core temp.exe
FirewallRules: [{405CE79C-CB93-4CED-A92A-D833C12B38E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{F2233BC2-7C35-4544-9FC8-F92F2AA84F99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{D8FFA419-899C-4AA9-9423-7828340F6626}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{AF1EFE77-1021-4847-8534-9D5785C69339}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{A1016E36-05E6-4E0B-94F6-81270B8039F6}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{27DC63DA-15C0-4D0A-9F50-7EE669AAB678}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{561291C0-B4DD-4198-A13E-31A4506813B3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{98DA2D95-0B77-43BC-9FD7-2AD8EA6E5B83}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{05378058-384E-4721-A06D-E29A338A6A8B}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{59C59A2B-3556-4E47-88D5-14CA21BB874A}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{BE227551-5FFC-4F25-8E8B-DB0AE2F03DD0}] => (Allow) LPort=7852
FirewallRules: [{1151E12C-C45C-433C-86E2-767300F8BB49}] => (Allow) LPort=7853
FirewallRules: [TCP Query User{D4DD590C-83D2-47E6-ABB0-9A80EFB1D100}C:\program files (x86)\cncgenerals\zerohour\generals.exe] => (Allow) C:\program files (x86)\cncgenerals\zerohour\generals.exe
FirewallRules: [UDP Query User{0F352D83-92EF-4B31-9D04-B458B9D158FA}C:\program files (x86)\cncgenerals\zerohour\generals.exe] => (Allow) C:\program files (x86)\cncgenerals\zerohour\generals.exe
FirewallRules: [{19C01F4E-07D8-4A31-A39C-10FA9835D281}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A3F783E1-228B-4066-954E-33B904D70CB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5A7FDAE8-7ECE-4769-99ED-71A44572D1D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3C346B07-0007-4654-BE57-F7B3BB79B3C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{67CC93AE-2FA5-4BBB-BFC5-14E6CECBAD94}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{F56925DC-A448-4B8A-825F-010B641F99FB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C0AC20A1-77DB-4D32-A131-C2E1CC3ECE55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{2D978D8B-4028-4F30-8A63-36D3662F1101}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9CD9BF72-5A72-4855-9802-E3362348BB90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{5E1B7A22-881F-4A25-9A2D-1C3B506F7425}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{D50F4F7C-6E6E-4B19-8643-338F44E98864}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B80AD3FF-4CBC-40C4-9594-28E2ECDB1E21}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03A92041-037C-4B7F-A373-51862FF88CEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{EF6ABDE1-AB0B-45CB-8A02-9858C7577B14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{81706F99-684F-422C-BBB4-42B9A2030047}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{AD69B04B-3C1A-4100-B4B9-9A9D5A746535}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [{1823AF47-48A6-49A7-9171-B4FD14F89FA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{645532B4-CF2A-49AB-813E-D654DDA7E3FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{D9640C7A-FD22-46C9-B3FE-36DC61C86F8C}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{B5332004-5FDD-44D3-91B6-686E4B4FC775}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{6637D651-EEB3-40B7-9F99-1675D0F0D03D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{1D9861BF-B330-4E96-A6BB-6EE40E5C7AAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{4B276C4A-0911-4D84-9C36-806FBEEB58FB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{089E0BEC-1F8A-42DA-85D1-8CE628DA4B13}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{499A7BFA-0D92-4BD7-9DB6-48960123447B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1BC68F8D-DF9E-4EBF-A254-06FC60817A14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{74DC6DF4-69DB-4BD8-AEAD-E3FA9D724D2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{8053584C-C601-4F98-9612-535172B9F35C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{6B3F62C1-FA2C-404F-8C4A-1C18F9C34D90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\Rust.exe
FirewallRules: [{FB300C52-8E0C-409C-BA45-482738DA7E41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\Rust.exe
FirewallRules: [{BE007947-770C-4364-AA04-E84250FD678B}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{EA0A4AD5-9790-44C7-83F7-0C5AE1745F8C}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{CB26CECA-EF85-4FD1-BF84-4EE2F8E8A0D9}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{43540037-DF1D-4688-B329-F84F8B2E72EC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{A51315E4-3572-4BB4-8660-75DEE39A2521}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{52AB9A8E-47F9-40C9-943F-5C89E48C4525}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{BC3A94DE-2CA1-474A-898F-8FC4EF9AAD01}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{23995B64-D86B-4109-A5FF-1FC588EE66DE}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{39C33869-DB8A-4ACA-960F-222AB26031F6}C:\program files (x86)\cain\cain.exe] => (Allow) C:\program files (x86)\cain\cain.exe
FirewallRules: [UDP Query User{B3BD0B76-10C6-4243-AFBB-EF419E014525}C:\program files (x86)\cain\cain.exe] => (Allow) C:\program files (x86)\cain\cain.exe
FirewallRules: [{3E98DA33-2E33-4BC9-9A13-B592DD7155B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4C30CF68-C4DA-47EC-8636-F602BD244C2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{093F8B1C-5AFD-49EB-B19B-6F207628FEA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CCE7FD74-19EA-445F-B30E-B67AD8BA3BF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BA86209A-7C56-402B-8EB8-8D4F9915F30C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A5077840-3815-4A7F-8BB6-BE4ED57ED93B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2804930E-1143-4A35-A4F3-C1EBE29190E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BAB4ED02-45C1-4E73-893B-CDA1F312DE60}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4E00BEF-08C9-4697-AF3C-584546AA4020}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1D90C2A-BCD6-4739-912C-172E280700BE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A0D6636A-9D44-4C06-BC22-AD7A46FFF429}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{AB336E3B-D3D2-46CC-BE1B-83842CCAFC90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{8E0FC3F6-F0CB-49CE-AB8D-8C31DABB6D20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{53C736D9-4727-4350-BC6A-8337C5A19AB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C396B5B5-068E-4EC4-B8BD-527BEAB74810}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{2B7D8FF7-F8F6-4B99-BC40-5A347D55C561}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{D09DAEBC-AB2A-4B63-BA0D-59522F0C0526}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{40662682-EDB1-40CA-A9A0-AEBD40152800}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{22FFAD99-4059-4482-90C0-20B384B07969}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{9573D44D-CB6D-4DDF-AE7F-0913D7606983}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{E1B611D8-E167-43EA-B135-6783D85658B2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{98C5E0BA-5041-4C76-AB1E-7CDD04F089C5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{F9EF5655-C251-41FF-9E8A-5B2C507CB82B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{9745D7B8-C3C7-404A-9F99-AADB2C0AF220}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{DD85A9B0-62A9-4835-B7DA-1D1A231AE908}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{464E8E57-9DF8-4F88-8345-E53E72BED6D0}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{3D6985CC-6A9C-4F64-B21B-ABBCBDD9E7BB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{3E7F0C5D-96C7-4757-A996-BECC3B4B01D3}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{8A0D673F-E020-496D-BE73-AE8C24F035BE}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{A0A90714-D86F-4C54-BD9D-7965112A1AFF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{7D418775-E850-4982-B930-D62B6BF85EB3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CB2776BE-52C1-43D8-AAF4-8FBB43FB3DF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{25E0C422-C8A0-40BC-86C8-0C216741B071}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{846A273E-CA11-4857-980A-3DA493D63857}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D6301D7C-7FC5-46C8-830E-B2ABFE6B76BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{38866276-DD3E-487C-8977-B4D40D2A4E49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{582825D8-8FAE-4210-A43F-A56B7FBD02BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9DD4A9AA-82D5-497B-ADCF-F7A3C332F319}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9FD8B76A-6277-4E77-8374-D4F552894434}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{99EA328E-7EC1-47AA-8643-E20406786436}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{E34D0E99-5474-480A-9675-9462890EA5DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/25/2015 09:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(78:31:c1:51:47:[email protected]::7a31:c1ff:fe51:479c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
Error: (10/25/2015 09:14:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16
 
 
System errors:
=============
Error: (10/25/2015 12:36:40 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ALEX-PC        :20" could not be registered on the interface with IP address 10.0.0.34.
The computer with the IP address 10.0.0.14 did not allow the name to be claimed by
this computer.
 
Error: (10/25/2015 12:36:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Avgfwfd
cdrom
mvs91xx
 
Error: (10/25/2015 12:36:40 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{54BD1089-F824-4592-A3C0-77BB08A274F4} because another computer on the network has the same name.  The server could not start.
 
Error: (10/25/2015 12:36:14 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ALEX-PC        :0" could not be registered on the interface with IP address 10.0.0.34.
The computer with the IP address 10.0.0.14 did not allow the name to be claimed by
this computer.
 
Error: (10/25/2015 11:18:37 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ALEX-PC        :20" could not be registered on the interface with IP address 10.0.0.34.
The computer with the IP address 10.0.0.14 did not allow the name to be claimed by
this computer.
 
Error: (10/25/2015 11:18:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Avgfwfd
cdrom
mvs91xx
 
Error: (10/25/2015 11:18:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Kaspersky Anti-Virus Service 16.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (10/25/2015 11:18:37 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{54BD1089-F824-4592-A3C0-77BB08A274F4} because another computer on the network has the same name.  The server could not start.
 
Error: (10/25/2015 11:18:15 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "ALEX-PC        :0" could not be registered on the interface with IP address 10.0.0.34.
The computer with the IP address 10.0.0.14 did not allow the name to be claimed by
this computer.
 
Error: (10/25/2015 11:17:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
CodeIntegrity:
===================================
  Date: 2015-10-25 21:14:42.851
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 20:32:34.142
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 19:07:39.257
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 17:39:36.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 17:17:37.473
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 17:07:45.800
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 16:54:43.009
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 16:36:39.123
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 16:14:41.776
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-25 15:57:40.894
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3930K CPU @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 16325.69 MB
Available physical RAM: 11643.01 MB
Total Virtual: 32649.55 MB
Available Virtual: 27058.13 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:111.89 GB) NTFS
Drive d: (Secondary) (Fixed) (Total:298.09 GB) (Free:114.06 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:149.05 GB) (Free:32.82 GB) NTFS
Drive h: (New Volume) (Fixed) (Total:55.89 GB) (Free:46.68 GB) NTFS
 
==================== MBR & Partition Table ==================
 
==================== End of Addition.txt ============================

  • 0

#8
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks for the info. Please do the following.

 

Step#1 - Warnings
The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
 
Here are some information sources about the dangers of P2P programs:
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
 
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
 
Please uninstall the following Peer-to-Peer program(s): Vuze

 

Windows Sidebar/Gadgets
I see that you use the Windows Sidebar with Gadgets. Microsoft deems these as a security vulnerability and recommends that they are disabled. Unless you have good reason not to, please download and install the Microsoft Fix-It from here. Note: Please ensure you reboot when prompted. If you don't and continue this could leave your machine in an unstable state. 

 

 

Step#2 - Uninstalls
Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling.

AVG PC TuneUp 2015

 

Step#3 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   770bytes   76 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#4 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[C1].txt as well.

 

Items for your next post

1. Fixlog

2. AdwCleaner log
 


  • 0

#9
thealexandrev

thealexandrev

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hey Brian, thanks again for all the help and info. I do understand that peer to peer programs (Vuze) are risky and not recommended and are the reason I got a virus in the first place. However, I do use it for some legitimate purposes such as large mods for ArmA, so I want to keep it. I also understand that the sidebar gadgets have severe vulnerabilities but I do like the information my gadgets display about my CPU and GPUs so i would like to keep those too considering I have never had a problem with them on any of my machines in the past 6 years. I have removed AVG PC TuneUp, ran adwcleaner and used your fix. Here's what I got: 

 

Fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Alex (2015-10-26 23:58:42) Run:3
Running from C:\Users\Alex\Desktop
Loaded Profiles: Alex (Available Profiles: Alex)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
RemoveProxy:
BHO-x32: GrabberObj Class -> {FF7C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\grabber.dll => No File
Toolbar: HKLM-x32 - SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Users\Alex\Desktop\New folder (3)\SPEEDbit Video Downloader\Toolbar\tbcore3.dll No File
R3 ALSysIO; \??\C:\Users\Alex\AppData\Local\Temp\ALSysIO64.sys [X]
S1 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S3 BS3562676826; \??\C:\Users\Alex\AppData\Local\Temp\NTFS.sys [X]
S0 mvs91xx; system32\DRIVERS\mvs91xx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
EmptyTemp:
 
*****************
 
Restore point was successfully created.
 
========= RemoveProxy: =========
 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1593570779-2006387891-214409227-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000} => key not found. 
HKCR\Wow6432Node\CLSID\{FF7C3CF0-4B15-11D1-ABED-709549C10000} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} => value not found.
HKCR\Wow6432Node\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} => key not found. 
ALSysIO => Service stopped successfully.
ALSysIO => service removed successfully
Avgfwfd => service removed successfully
BS3562676826 => service removed successfully
mvs91xx => service removed successfully
VGPU => service removed successfully
WinRing0_1_2_0 => Unable to stop service.
WinRing0_1_2_0 => service removed successfully
EmptyTemp: => 1.6 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 00:00:30 ====

 

AdwCleaner log:

 

# AdwCleaner v5.014 - Logfile created 26/10/2015 at 23:51:57
# Updated 18/10/2015 by Xplode
# Database : 2015-10-26.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Alex - ALEX-PC
# Running from : C:\Users\Alex\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\Free Video Converter
[-] Folder Deleted : C:\Program Files (x86)\Cain
[-] Folder Deleted : C:\Program Files (x86)\Common Files\Speedbit
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\StarApp
[-] Folder Deleted : C:\ProgramData\Speedbit
[-] Folder Deleted : C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
[-] Folder Deleted : C:\ProgramData\Service0561
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedbit Video Downloader
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
[-] Folder Deleted : C:\Users\Alex\AppData\Local\Bundled software uninstaller
[-] Folder Deleted : C:\Users\Alex\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Alex\AppData\LocalLow\Toolbar4
[-] Folder Deleted : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
[-] Folder Deleted : C:\Users\Alex\Desktop\Browser
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Alex\AppData\Roaming\aps.scan.quick.results
[-] File Deleted : C:\Users\Alex\AppData\Roaming\aps.scan.results
[-] File Deleted : C:\Users\Alex\AppData\Roaming\aps.uninstall.scan.results
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
[-] Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\shell\SPEEDbitVideoConverter
[-] Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
[-] Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
[-] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{79F768ED-0B12-42EF-8257-36751A0ECF3A}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Free Video Converter
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\SpeedBit
[-] Key Deleted : HKCU\Software\cain
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\BI
[!] Key Not Deleted : [x64] HKCU\Software\Free Video Converter
[!] Key Not Deleted : [x64] HKCU\Software\OCS
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\SpeedBit
[!] Key Not Deleted : [x64] HKCU\Software\cain
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ledcpigomgblcmofccnacobhmcdkpiea
[-] [C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12875 bytes] ##########

  • 0

#10
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks for the info. Please do the following.

 

Step#1 - JRT by Malwarebytes
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3. The tool will open. Press any key at the Disclaimer screen and the program will start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. Post the contents of JRT.txt into your next message.

 

 

Step#2 - Security Check
1. Download Security Check from here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

 

Step#3 - Malwarebytes Scan

  • Download Malwarebytes to your desktop from here.
  • Right-click on the file that is downloaded to your desktop and select Run as administrator. Answer Yes when asked to Allow.
  • Select the appropriate language and click OK.
  • Click Next.
  • Select "I accept the agreement" and click Next.
  • Click Next
  • Change the install path if desired. Normally you will keep this as is. Click Next.
  • Click Next again.
  • Click Next again.
  • Click Install.
  • Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
  • Click Finish
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • ScanForRootkits.JPG
     
  • Click the Scan button at the top of the form and then click Start Scan button and let complete.
  • If malware was detected you can now click the Remove Selected Button. If no malware was detected you can skip the rest of these bullet items and go to the next step which is to retrieve the Malwarebytes log.
  • RemoveSelected.JPG
  • Once the malware is removed you may get a prompt asking you to reboot. Note: Please answer Yes.
  • Restart.JPG.

 
Step#4 - Retrieve Malwarebytes Log
1. Open up the Malwarebytes program again if it's not already. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Click on the most recent Scan Log as shown in the picture below.
ApplicationLog.JPG
 
5. The Scanning History Log screen will open. Click the Export button in the lower left and choose Copy to Clipboard. Paste the info into your next post (Right-click your mouse in the post and select Paste).
ScanningHistory.JPG

 

Items for your next post

1. Junkware log

2. Security Check log

3. Malwarebytes log

 


  • 0

Advertisements


#11
thealexandrev

thealexandrev

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Junkware:
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Ultimate x64
Ran by Alex on Tue 10/27/2015 at 17:08:38.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Alex\Appdata\Local\12706a5b16177763a2f1136e508def2a
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Program Files (x86)\miniget
Successfully deleted: [Folder] C:\Users\Alex\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Alex\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Alex\AppData\Roaming\cleanmypc software
Successfully deleted: [Folder] C:\Users\Alex\AppData\Roaming\miniget
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
 
 
 
~~~ Chrome
 
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/27/2015 at 17:12:41.60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 
Security check:
 
Results of screen317's Security Check version 1.011 --- 10/21/15  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 45  
 Java version 32-bit out of Date! 
  Adobe Flash Player 11.7.700.169 Flash Player out of Date!  
 Adobe Reader XI  
 Google Chrome (46.0.2490.71) 
 Google Chrome (46.0.2490.80) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 16.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 16.0.0 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
 

 
Malwarebytes:
 

Scan Date: 10/27/2015
Scan Time: 7:18 PM
Logfile: 
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.10.27.07
Rootkit Database: v2015.10.23.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Alex
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 367096
Time Elapsed: 11 min, 10 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
~~~ Chrome
 
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 

  • 0

#12
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Excellent. How is your machine booting now? Is it normal again?


  • 0

#13
thealexandrev

thealexandrev

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Yes, its booting much better, perhaps even a little faster than before the virus. Thank you soooo much  :D


  • 0

#14
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

No problem. If there is nothing else there are a few maintenance/cleanup items that should be done.

 

OK! Well done, your computer is clean again! :thumbsup: Part of our jobs here is to help you clean your computer. But beyond that and just as important is to provide you with some information to keep you safe and secure on the net as well as to share knowledge. Following is that information.
 
1. Clean Up!
We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
1. Download Delfix from here.
2. Ensure everything is checked.
3. Click Run.
Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
Note: Delete any  other .bat, .log, .reg, .txt,  and any other files created during this process, and left on the desktop and empty the Recycle Bin.

 

2. Keeping Java Updated
WARNING: Java is one of the most exploited programs at this time. The Department of Homeland Security recommends that computer users disable Java. You can read more about this here.
I would recommend that you completely uninstall Java unless you need it to run an important software. If you need it or are unsure or uncomfortable with removing it then I would recommend that you disable Java in your browsers until you need it and then enable it at that time. (See How to disable Java in your web browser and How to unplug Java from the browser). If you don't uninstall it, it's also important that you follow the directions below to update to the latest version of Java.
 
Note: If you don't use Java or don't know if you need it I would uninstall it.
 
If you wish to keep it please follow the instructions below to update to the newest version.
1. Click the Start button
2. Type Java
3. Click on Configure Java in the search results
4. Click the Update tab
5. Click the Update Now button and allow the update to download/install.
 
3. Windows Updates
Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically. Follow the instructions below to ensure your settings are optimal.
1. Click the Start Orb in the lower left corner of the screen.
2. Type Windows Update in the search box that appears
3. Click on the Windows Update program that appears in the search results.
Windows%20Update.JPG
4. Click on Change Settings.
CheckForUpdates.JPG
5. Select "Install updates automatically (recommended)" from the Important updates drop-down.
WUChangeSettings.JPG
6. Choose a day and a time when you know the computer will be on and connected to the internet. The default is 3:00AM every day.
7. Ensure that all of the other check boxes are checked.
8. Click OK.
 
4. Keeping Programs Updated
You need to ensure that any programs installed on your machine are kept current. The bad guys exploit vulnerabilities that are found in older versions of software. A very good piece of software that keeps your programs up-to-date is Secunia Personal Software Inspector (PSI). You can download and install it from here. You can read more information about this free software as well as a video walkthrough from here.
 
5. Antimalware- Preventative
Note: Let's keep Malwarebytes installed as it's a fantastic piece of software. Malwarebytes is an anti-malware software and not an antivirus software so it won't conflict with the Antivirus that you are running. I would recommend that you open up this program, allow it to update and scan your machine at least quarterly...monthly if you can.
 
6. Crypto Warning!!!! - Complete Data Loss can occur!
There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here.
 

  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will be prompted to click OK to continue and select your protection level. Go ahead and click OK.
  • Click the Apply button to set Default protection.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.
  • That's it. The protection is in place.

Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.
 
UpdatesV7.4.11.JPG
 

 

 
For more information about computer security and how to protect yourself when on the internet, please read this guide Best Practices for Safe Computing
 
OK, all the best, and stay safe!
 
Items for your next post
1. Contents of the delfix log


  • 0

#15
thealexandrev

thealexandrev

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Sorry about the late reply, heres what Delfix gave me:
 
# DelFix v1.011 - Logfile created 31/10/2015 at 01:46:31
# Updated 18/08/2015 by Xplode
# Username : Alex - ALEX-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
 
~ Activating UAC ... OK
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #402 [Chrome Cleanup Tool | 10/22/2015 02:28:06]
Deleted : RP #403 [Removed AVG PC TuneUp 2015 | 10/27/2015 03:47:44]
Deleted : RP #404 [Removed AVG PC TuneUp 2015 (en-US) | 10/27/2015 03:49:11]
Deleted : RP #406 [Restore Point Created by FRST | 10/27/2015 03:58:45]
Deleted : RP #407 [JRT Pre-Junkware Removal | 10/27/2015 21:08:41]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP