Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC Possibly Infected!

Started by Betrayed , Dec 15 2015 04:17 PM

  • Please log in to reply

#1
Betrayed
Posted 15 December 2015 - 04:17 PM

Betrayed

    Member

  • Member
  • PipPipPip
  • 119 posts

I would like to get my PC checked up as it has got slugish and feel I may have downloaded malware of some kind.

 

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by Betrayed (administrator) on BETRAYED (10-12-2015 19:16:00)
Running from E:\Users\Betrayed\Desktop
Loaded Profiles: Betrayed (Available Profiles: Betrayed)
Platform: Windows 8.1 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Pidgin developer community) E:\Program Files (x86)\Pidgin\pidgin.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(QFX Software Corporation) E:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(QFX Software Corporation) E:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Silverlight_x64.exe
(Microsoft Corporation) E:\87f44d2280115dedec5c40df904a45d7\install.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamSpeak Systems GmbH) E:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() E:\Program Files\Sublime Text 3\sublime_text.exe
() E:\Program Files\Sublime Text 3\plugin_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_66\launch4j-tmp\ArmA3Sync.exe
(NVIDIA Corporation) C:\Users\Betrayed\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-09-29] (Razer Inc.)
HKLM-x32\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe [113264 2015-04-28] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
HKLM-x32\...\Run: [KeyScrambler] => E:\Program Files (x86)\KeyScrambler\keyscrambler.exe [509216 2015-10-12] (QFX Software Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [13253952 2015-11-17] (Corsair Components, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Spotify Web Helper] => C:\Users\Betrayed\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-30] (Spotify Ltd)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Spotify] => C:\Users\Betrayed\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-30] (Spotify Ltd)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [uTorrent] => C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Clownfish] => E:\Program Files (x86)\Clownfish\Clownfish.exe [1341192 2015-05-20] (Bogdan Sharkov)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3097912 2015-07-16] (Nota Inc.)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DuckDns.lnk [2015-12-07]
ShortcutTarget: DuckDns.lnk -> E:\Program Files (x86)\DuckDNS\DuckDns.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-04-10]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> E:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pidgin.lnk [2015-04-21]
ShortcutTarget: Pidgin.lnk -> E:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community)
Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-04-10]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9478278C-078A-470A-8F6E-61393289D336}: [DhcpNameServer] 10.211.254.254 8.8.8.8
Tcpip\..\Interfaces\{A0C7C18C-EAF9-4DB6-B1A5-46CFE9CB6313}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-25] (Avast Software s.r.o.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-25] (Avast Software s.r.o.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\p9bbor3d.default
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 9951
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> e:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @hola.org/vlc,version=1.8.747 -> C:\Users\Betrayed\AppData\Local\Hola\firefox_hola\app\vlc [No File]
FF Plugin HKU\S-1-5-21-2539508601-3164617073-3378887811-1001: @hola.org/FlashPlayer -> C:\Users\Betrayed\AppData\Local\Hola\firefox\app\flash\NPSWF32_18_0_0_232.dll [2015-12-04] ()
FF Plugin HKU\S-1-5-21-2539508601-3164617073-3378887811-1001: @hola.org/vlc -> C:\Users\Betrayed\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [2015-12-04] (Hola)
FF user.js: detected! => C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\p9bbor3d.default\user.js [2015-12-04]
FF Extension: Hola Better Internet - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\p9bbor3d.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-12-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com" 
CHR Profile: C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Heartbeat) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2015-12-08]
CHR Extension: (Adblock Plus) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-25]
CHR Extension: (Steam inventory helper) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-11-23]
CHR Extension: (Tampermonkey) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-11-07]
CHR Extension: (Avast SafePrice) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-30]
CHR Extension: (LoungeDestroyer) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-11-28]
CHR Extension: (Avast Online Security) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-07-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-25]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Opera: 
=======
OPR Extension: (2048 AI - bitcoin) - C:\Users\Betrayed\AppData\Roaming\Opera Software\Opera Stable\Extensions\chfnopmklmpinabemlmldefhbhgkglmc [2015-06-16]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-25] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-30] ()
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 celavimushost; E:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-11-20] (altPUG LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-10-03] (EasyAntiCheat Ltd)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [643880 2015-04-06] (Apple Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 MbaeSvc; E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-03-19] (The OpenVPN Project)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-20] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 TeamViewer; E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-07-06] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-07-06] (Corsair)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [459544 2013-08-22] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ESProtectionDriver; E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-11] ()
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-18] (QFX Software Corporation)
S3 KeyScramblerDrv; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-18] (QFX Software Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39032 2015-11-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-25] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-05-29] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [304128 2014-05-29] (VIA Technologies, Inc.)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 3ouuJHBhq; \??\F:\3ouuJHBhq.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 MvriXS68f; \??\F:\MvriXS68f.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 nvZqRK643hnvZq; \??\F:\nvZqRK643hnvZq.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.sys [X]
S3 wTnEgyJXCow; \??\F:\wTnEgyJXCow.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-09 20:00 - 2015-12-09 20:00 - 00000000 ____D C:\Rogue
2015-12-09 17:39 - 2015-10-08 16:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2015-12-09 17:39 - 2015-10-08 15:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2015-12-07 21:00 - 2015-12-07 21:00 - 00000000 ____D E:\Program Files (x86)\DuckDNS
2015-12-07 21:00 - 2015-12-07 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuckDns
2015-12-07 19:18 - 2015-12-10 19:10 - 00000000 ____D E:\Program Files (x86)\ArmA3Sync
2015-12-07 19:18 - 2015-12-07 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArmA3Sync
2015-12-05 10:33 - 2015-12-05 10:33 - 00000844 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-05 10:33 - 2015-12-05 10:33 - 00000844 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-05 10:33 - 2015-12-05 10:33 - 00000000 ____D E:\Program Files (x86)\Mozilla Firefox
2015-12-04 20:20 - 2015-12-04 20:20 - 00001145 _____ C:\Users\Public\Desktop\PROXIFIER.lnk
2015-12-04 20:20 - 2015-12-04 20:20 - 00001060 _____ C:\Users\Public\Desktop\SocksClient - HIDEPASS.lnk
2015-12-04 20:20 - 2015-12-04 20:20 - 00001040 _____ C:\Users\Public\Desktop\SocksClient.lnk
2015-12-04 20:20 - 2015-12-04 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIP72 Socks Client
2015-12-03 16:37 - 2015-12-03 16:37 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 16:37 - 2015-12-03 16:37 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 19:15 - 2015-12-02 19:15 - 00000693 _____ C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-11-20 17:33 - 2015-11-20 17:33 - 00000000 ____D C:\ProgramData\Celavimus
2015-11-20 17:32 - 2015-11-20 17:32 - 00000000 ____D E:\Program Files (x86)\CEVO
2015-11-20 17:32 - 2015-11-20 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
2015-11-20 17:05 - 2015-11-28 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-11-17 21:31 - 2015-11-17 21:31 - 00000000 ____D C:\Users\Betrayed\AppData\Local\RzStats
2015-11-12 17:32 - 2015-12-01 17:19 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 17:32 - 2015-12-01 17:19 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 17:46 - 2015-10-30 23:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 17:46 - 2015-10-30 23:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 17:46 - 2015-10-30 23:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 17:46 - 2015-10-30 23:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 17:46 - 2015-10-30 23:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 17:46 - 2015-10-30 22:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 17:46 - 2015-10-30 22:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 17:46 - 2015-10-30 22:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 17:46 - 2015-10-30 22:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 17:46 - 2015-10-30 22:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 17:46 - 2015-10-30 22:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 17:46 - 2015-10-30 22:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 17:46 - 2015-10-30 22:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 17:46 - 2015-10-30 22:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 17:46 - 2015-10-30 22:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 17:46 - 2015-10-30 22:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 17:46 - 2015-10-30 22:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 17:46 - 2015-10-30 22:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 17:46 - 2015-10-30 22:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 17:46 - 2015-10-30 21:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 17:46 - 2015-10-30 21:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 17:46 - 2015-10-30 21:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 17:46 - 2015-10-30 21:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 17:46 - 2015-10-20 21:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:46 - 2015-10-20 14:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:46 - 2015-10-20 14:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:46 - 2015-10-20 14:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:46 - 2015-10-20 14:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 17:46 - 2015-10-20 14:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:46 - 2015-10-20 14:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:46 - 2015-10-20 14:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:46 - 2015-10-20 14:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 17:46 - 2015-10-20 14:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 17:46 - 2015-10-20 14:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 17:46 - 2015-10-20 14:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 17:46 - 2015-10-15 16:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:46 - 2015-10-15 15:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 17:46 - 2015-10-14 23:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:46 - 2015-10-14 23:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 17:46 - 2015-10-14 23:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 17:46 - 2015-10-14 23:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 17:46 - 2015-10-14 23:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 17:46 - 2015-10-13 17:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:46 - 2015-10-13 17:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:46 - 2015-10-13 15:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 17:46 - 2015-10-11 06:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 17:46 - 2015-10-11 06:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:46 - 2015-10-10 18:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:46 - 2015-10-10 18:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:46 - 2015-10-10 18:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 17:46 - 2015-10-10 17:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:46 - 2015-10-10 17:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:46 - 2015-10-10 17:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 17:46 - 2015-10-10 16:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 17:46 - 2015-10-08 16:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 17:46 - 2015-09-29 12:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 17:46 - 2015-09-12 13:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 17:46 - 2015-09-07 16:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 17:46 - 2015-09-07 15:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 17:46 - 2015-09-07 15:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 17:46 - 2015-09-04 19:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 17:46 - 2015-08-28 22:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 17:46 - 2015-08-20 20:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 17:46 - 2015-08-20 17:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 17:46 - 2015-08-10 18:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 17:46 - 2015-08-10 18:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 17:46 - 2015-08-10 17:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 17:46 - 2015-08-10 16:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 17:46 - 2015-08-10 16:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 17:45 - 2015-10-17 14:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-10 19:16 - 2015-07-02 15:44 - 00000000 ____D C:\FRST
2015-12-10 19:16 - 2015-04-10 22:15 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\Skype
2015-12-10 19:13 - 2015-04-16 16:05 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\vlc
2015-12-10 19:10 - 2015-04-10 16:20 - 00000000 ____D C:\Users\Betrayed\AppData\Local\CrashDumps
2015-12-10 19:00 - 2015-06-16 21:56 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-10 18:50 - 2015-04-21 16:12 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\.purple
2015-12-10 18:47 - 2015-04-10 10:56 - 00000000 ____D E:\Program Files (x86)\Steam
2015-12-10 18:46 - 2015-04-12 15:52 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\TS3Client
2015-12-10 18:20 - 2015-04-10 03:47 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-10 18:20 - 2015-04-10 03:47 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-10 17:56 - 2015-04-12 15:14 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\uTorrent
2015-12-10 17:31 - 2015-04-10 03:45 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2539508601-3164617073-3378887811-1001
2015-12-10 17:17 - 2015-04-10 11:13 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\MultiBit
2015-12-10 17:08 - 2015-07-11 20:20 - 00000000 ____D E:\Program Files\Microsoft Silverlight
2015-12-10 17:08 - 2015-07-11 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 17:08 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-12-10 17:08 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-12-10 17:08 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2015-12-10 17:07 - 2015-04-10 22:54 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 17:07 - 2015-04-10 12:44 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Adobe
2015-12-10 17:04 - 2015-04-25 11:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-10 17:04 - 2015-04-10 22:54 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 19:45 - 2015-06-22 09:57 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Arma 3
2015-12-08 19:00 - 2015-06-16 21:56 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-07 20:36 - 2015-06-22 11:44 - 00001428 _____ C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Options.ini
2015-12-07 20:26 - 2015-06-22 11:42 - 00000299 _____ C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Login.ini
2015-12-07 19:32 - 2015-04-12 15:52 - 00000000 ____D E:\Program Files\TeamSpeak 3 Client
2015-12-06 22:06 - 2015-04-10 03:40 - 00000000 ____D C:\Users\Betrayed
2015-12-06 17:54 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-06 15:19 - 2015-04-10 22:36 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Steam
2015-12-06 15:13 - 2014-03-18 15:26 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-06 15:13 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Inf
2015-12-06 15:07 - 2015-04-10 20:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-06 15:07 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 22:52 - 2015-08-03 19:55 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\Kodi
2015-12-03 19:15 - 2015-05-10 16:43 - 00000000 ____D C:\ProgramData\Nimoru
2015-12-03 18:14 - 2013-08-22 13:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-12-02 18:15 - 2015-04-10 03:47 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 18:15 - 2015-04-10 03:47 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-28 13:11 - 2015-05-02 17:19 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\TeamViewer
2015-11-25 17:57 - 2015-04-25 11:12 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-24 18:22 - 2015-04-10 03:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-24 18:00 - 2015-04-25 12:46 - 00000000 ____D E:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-11-24 18:00 - 2015-04-25 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-11-24 18:00 - 2015-04-25 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-11-22 10:15 - 2013-08-22 14:44 - 05109440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-21 12:18 - 2015-04-10 22:46 - 00000000 ____D C:\ProgramData\Oracle
2015-11-21 12:11 - 2015-09-19 10:07 - 00000000 ____D C:\Users\Betrayed\.oracle_jre_usage
2015-11-21 12:11 - 2015-04-25 11:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-21 12:11 - 2015-04-25 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-18 19:36 - 2015-06-16 17:17 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434475024
2015-11-18 19:36 - 2015-06-16 17:17 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-15 13:43 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\rescache
2015-11-12 17:32 - 2013-08-22 13:36 - 00000000 ____D C:\Windows
2015-11-11 21:37 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-10 17:44 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\ModemLogs
 
==================== Files in the root of some directories =======
 
2015-03-11 11:18 - 2015-03-11 11:18 - 5519128 _____ (Piriform Ltd) E:\Program Files\Speccy.exe
2015-03-11 11:18 - 2015-03-11 11:18 - 7088408 _____ (Piriform Ltd) E:\Program Files\Speccy64.exe
2015-03-11 11:20 - 2015-03-11 11:20 - 0132336 _____ (Piriform Ltd) E:\Program Files\uninst.exe
2015-08-01 18:15 - 2015-08-03 10:52 - 1305195 _____ () C:\Users\Betrayed\AppData\Roaming\betrayed_64
2015-06-22 11:42 - 2015-12-07 20:26 - 0000299 _____ () C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Login.ini
2015-06-22 11:44 - 2015-12-07 20:36 - 0001428 _____ () C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Options.ini
2015-06-16 22:47 - 2015-07-18 16:00 - 0001456 _____ () C:\Users\Betrayed\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-04-10 22:24 - 2015-04-10 22:24 - 0000003 _____ () C:\Users\Betrayed\AppData\Local\updater.log
2015-04-10 22:24 - 2015-04-23 13:22 - 0000424 _____ () C:\Users\Betrayed\AppData\Local\UserProducts.xml
2015-04-10 03:46 - 2015-04-10 03:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Betrayed\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.631.exe
C:\Users\Betrayed\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Betrayed\AppData\Local\Temp\jshortcut-6103120319409491681.dll
C:\Users\Betrayed\AppData\Local\Temp\jshortcut-6397251574441412873.dll
C:\Users\Betrayed\AppData\Local\Temp\jshortcut-6777438745836335024.dll
C:\Users\Betrayed\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-10 17:31
 
==================== End of FRST.txt ============================
 
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-12-2015
Ran by Betrayed (2015-12-10 19:16:21)
Running from E:\Users\Betrayed\Desktop
Windows 8.1 (X64) (2015-04-10 10:49:59)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2539508601-3164617073-3378887811-500 - Administrator - Disabled)
Guest (S-1-5-21-2539508601-3164617073-3378887811-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2539508601-3164617073-3378887811-1003 - Limited - Enabled)
Betrayed (S-1-5-21-2539508601-3164617073-3378887811-1001 - Administrator - Enabled) => C:\Users\Betrayed
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
A3Launcher version 0.0.0.11 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1) (Version: 0.0.0.11 - Maca134)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ArmA3Sync 1.5.72 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.72 - The [S.o.E] team)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Assassin’s Creed Unity (HKLM-x32\...\Steam App 289650) (Version:  - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
Breaking Point (x32 Version: 5.0.2.9 - The Zombie Infection) Hidden
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version:  - Treyarch)
CAM (HKLM-x32\...\{8E86129E-48D3-4814-8D2D-66221881F370}) (Version: 2.0.16 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Chains (HKLM-x32\...\Steam App 11360) (Version:  - 2DEngine.com)
Chronicles of a Dark Lord: Episode II War of The Abyss (HKLM-x32\...\Steam App 341780) (Version:  - Kisareth Studios)
Corsair Utility Engine (HKLM-x32\...\{C6BECCF7-108F-4676-9471-E98F9AB40ABC}) (Version: 1.12.75 - Corsair)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZLauncher version 0.0.0.15 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4E6CFD40DF}_is1) (Version: 0.0.0.15 - Maca134)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
Dropbox (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
DuckDns version 1.0.5 (HKLM-x32\...\{72C90F4B-DDFB-410B-8761-9769CCF481AA}}_is1) (Version: 1.0.5 - ETX Software Inc.)
Dying Light (HKLM-x32\...\Steam App 239140) (Version:  - Techland)
FileSeek 4.3 (HKLM-x32\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 4.3.0.0 - Binary Fortress Software)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.1.4 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
H1Z1 Test Server (HKLM-x32\...\Steam App 362300) (Version:  - )
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel® Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.8.2.0 - QFX Software Corporation)
Kodi (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Kodi) (Version:  - XBMC-Foundation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Memories of a Vagabond (HKLM-x32\...\Steam App 307070) (Version:  - DarkElite)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-GB)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
MultiBit Classic 0.5.19 (HKLM-x32\...\0884-5076-5786-4986) (Version: 0.5.19 - Bitcoin Solutions Ltd)
MultiBit HD 0.1.3 (HKLM\...\6925-4794-5772-4956) (Version: 0.1.3 - Bitcoin Solutions Ltd)
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.87 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.87 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I603  (HKLM\...\OpenVPN) (Version: 2.3.6-I603 - )
Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
pidgin-otr 4.0.1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.1 - Cypherpunks CA)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Popcorn Time (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Popcorn Time) (Version:  - Popcorn Official)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 beta r2402 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27748 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.2.19 - Red Giant, LLC)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Skyperious 3.5 (HKLM-x32\...\Skyperious) (Version: 3.5 - Erki Suurjaak)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version:  - Beam Team Games)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Super Killer Hornet: Resurrection (HKLM-x32\...\Steam App 271860) (Version:  - Flump Studios)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version:  - SkyGoblin)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{2F50AD39-44F4-48CB-94E4-5C5AEFB0DAC6}) (Version: 12.1.4 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.4 - Red Giant) Hidden
Trapcode Suite v12.1.7 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.7 - Red Giant, LLC)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Grep 2.3 (HKLM-x32\...\Windows Grep_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WS Launcher (HKLM-x32\...\WS Launcher 26.0.3.9) (Version: 26.0.3.9 - WS.ARMA.SU)
WS Launcher (x32 Version: 26.0.3.9 - WS.ARMA.SU) Hidden
XSplit Broadcaster (HKLM-x32\...\{4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}) (Version: 2.2.1502.1633 - SplitmediaLabs)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
19-11-2015 17:46:20 Scheduled Checkpoint
29-11-2015 11:24:05 Scheduled Checkpoint
10-12-2015 17:03:59 Windows Modules Installer
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00ADCC5F-EF6B-46E0-BEF7-8F8555FAD857} - System32\Tasks\{9160FE5B-F82C-4BFC-9992-9169DEA38B81} => pcalua.exe -a C:\Users\Betrayed\Downloads\multibit-0.5.18-windows-setup.exe -d C:\Users\Betrayed\Downloads
Task: {18EB8C59-74CF-418C-BABA-B2174449CC1A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1DDD6182-A270-407B-A314-2353FAB5C130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {32A6098A-5ABB-480F-84BC-CEA6A40053E0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software)
Task: {3CB3DD9D-BF09-4518-B1FB-353C279E3F4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {3D387587-856C-4071-BD8D-655D666AAFAA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49494390-E068-4843-8D57-F2F61906D7F3} - System32\Tasks\AdobeAAMUpdater-1.0-Betrayed-Betrayed => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {4AE115FA-E485-47AD-96AA-75C82317F86F} - System32\Tasks\Opera scheduled Autoupdate 1434475024 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {6B2B5D71-4DB2-4520-AA0C-868F29624658} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {93827CB0-3478-4578-AFB2-A4F271F49610} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated)
Task: {C63368DB-141C-4A27-8B15-A2DC758DA40A} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.exe [2015-04-28] ()
Task: {D734CDAC-1B35-4EAA-B072-B2A56F503A41} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2539508601-3164617073-3378887811-1001 => C:\Users\Betrayed\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-03] (Microsoft Corporation)
Task: {D7A48855-C268-4A01-B6A1-9947A3A408B5} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-07-16] ()
Task: {D9BF4303-F390-4856-AF2A-75411CD17DA8} - System32\Tasks\Red Giant Link => E:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {E95697FF-DCA6-409C-819B-21AC944950E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {EEF6461A-AB78-4D91-9D44-EB2A7374F248} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F8D1AD39-2D82-4FBE-9816-10268D8A5D9A} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-07-16] ()
Task: {FFD5F675-58E7-48C6-9127-7A163E413E9A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-20 03:27 - 2015-04-20 03:27 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-23 19:11 - 2015-06-23 19:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-11 14:13 - 2015-02-11 14:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-04-10 13:43 - 2015-11-02 13:22 - 00116528 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-06 12:25 - 2015-04-06 12:25 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-04-06 12:25 - 2015-04-06 12:25 - 00777920 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-02-11 14:12 - 2015-02-11 14:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-02-28 09:14 - 2015-10-22 16:21 - 00175080 _____ () E:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 13:43 - 2015-10-22 16:21 - 00103400 _____ () E:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 13:43 - 2015-10-22 16:21 - 00108008 _____ () E:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-12-07 19:32 - 2015-06-16 22:09 - 00210944 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\ClownfishForTeamspeak_win64.dll
2015-12-07 19:32 - 2015-10-22 16:21 - 00312296 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-12-07 19:32 - 2015-12-05 20:04 - 00025600 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\last_channel_win64.dll
2015-12-07 19:32 - 2015-11-29 18:39 - 00486912 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2015-12-07 19:32 - 2015-06-10 11:28 - 04018176 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\task_force_radio_win64.dll
2015-12-07 19:32 - 2015-10-22 16:21 - 00483816 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 13:48 - 2015-09-24 17:21 - 00317440 _____ () E:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 13:48 - 2015-09-24 17:21 - 01709056 _____ () E:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-04-11 09:55 - 2015-03-26 17:23 - 05678848 _____ () E:\Program Files\Sublime Text 3\sublime_text.exe
2015-04-11 09:55 - 2015-03-26 15:17 - 00645632 _____ () E:\Program Files\Sublime Text 3\plugin_host.exe
2015-04-11 09:55 - 2015-03-18 12:49 - 01065472 _____ () E:\Program Files\Sublime Text 3\_hashlib.pyd
2015-04-25 11:11 - 2015-04-25 11:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-25 11:11 - 2015-04-25 11:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-06 10:51 - 2015-12-06 10:51 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120600\algo.dll
2015-12-10 17:15 - 2015-12-10 17:15 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121000\algo.dll
2014-09-03 10:03 - 2014-09-03 10:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-11 09:08 - 2015-10-12 03:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-15 17:38 - 2015-04-13 21:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-15 17:38 - 2015-04-13 21:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00036878 _____ () E:\Program Files (x86)\Pidgin\libssp-0.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00671031 _____ () E:\Program Files (x86)\Pidgin\exchndl.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00904525 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00100352 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00279059 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00553382 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00216992 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 01274655 _____ () E:\Program Files (x86)\Pidgin\libxml2-2.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00177586 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00475580 _____ () E:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00021075 _____ () E:\Program Files (x86)\Pidgin\plugins\.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00020997 _____ () E:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00013253 _____ () E:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00024924 _____ () E:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015702 _____ () E:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00014147 _____ () E:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00018882 _____ () E:\Program Files (x86)\Pidgin\plugins\history.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00012865 _____ () E:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00019043 _____ () E:\Program Files (x86)\Pidgin\plugins\idle.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00018555 _____ () E:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015074 _____ () E:\Program Files (x86)\Pidgin\plugins\libaim.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00311021 _____ () E:\Program Files (x86)\Pidgin\liboscar.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00092398 _____ () E:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00328186 _____ () E:\Program Files (x86)\Pidgin\plugins\libgg.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00016005 _____ () E:\Program Files (x86)\Pidgin\plugins\libicq.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00107365 _____ () E:\Program Files (x86)\Pidgin\plugins\libirc.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00190464 _____ () E:\Program Files (x86)\Pidgin\libsasl.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00374169 _____ () E:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00150598 _____ () E:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00106671 _____ () E:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00123540 _____ () E:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00116071 _____ () E:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00152852 _____ () E:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00171123 _____ () E:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 02097721 _____ () E:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00818985 _____ () E:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00055880 _____ () E:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00021337 _____ () E:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00417758 _____ () E:\Program Files (x86)\Pidgin\libjabber.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00022832 _____ () E:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00236666 _____ () E:\Program Files (x86)\Pidgin\libymsg.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00019793 _____ () E:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00047934 _____ () E:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00021795 _____ () E:\Program Files (x86)\Pidgin\plugins\markerline.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00013456 _____ () E:\Program Files (x86)\Pidgin\plugins\newline.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00029225 _____ () E:\Program Files (x86)\Pidgin\plugins\notify.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00017023 _____ () E:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2014-10-21 09:07 - 2014-10-21 09:07 - 00750080 _____ () E:\Program Files (x86)\Pidgin\plugins\pidgin-otr.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00029256 _____ () E:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015380 _____ () E:\Program Files (x86)\Pidgin\plugins\psychic.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015429 _____ () E:\Program Files (x86)\Pidgin\plugins\relnot.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015045 _____ () E:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00069625 _____ () E:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00031993 _____ () E:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00012004 _____ () E:\Program Files (x86)\Pidgin\plugins\ssl.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015978 _____ () E:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00030353 _____ () E:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00032020 _____ () E:\Program Files (x86)\Pidgin\plugins\ticker.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00018399 _____ () E:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00023851 _____ () E:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00029791 _____ () E:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00030771 _____ () E:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00037191 _____ () E:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00044494 _____ () E:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00102400 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00115712 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00140288 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00102912 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00102912 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00486400 _____ () E:\Program Files (x86)\Pidgin\sqlite3.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00090496 _____ () E:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2015-10-01 06:28 - 2015-10-01 06:28 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-02-15 13:58 - 2015-02-15 13:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-04-25 11:11 - 2015-04-25 11:11 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-17 15:23 - 2015-11-17 15:23 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2015-11-17 15:22 - 2015-11-17 15:22 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2015-11-17 15:21 - 2015-11-17 15:21 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2015-02-15 13:58 - 2015-02-15 13:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-02-15 13:58 - 2015-02-15 13:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-10-08 18:36 - 2015-10-05 16:18 - 00778752 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2015-07-22 13:32 - 2015-07-03 16:12 - 04962816 _____ () E:\Program Files (x86)\Steam\v8.dll
2015-11-11 17:40 - 2015-11-10 02:44 - 02541648 _____ () E:\Program Files (x86)\Steam\video.dll
2015-07-22 13:32 - 2015-07-03 16:12 - 01556992 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2015-07-22 13:32 - 2015-07-03 16:12 - 01187840 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 02549248 _____ () E:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00491008 _____ () E:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00332800 _____ () E:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00442880 _____ () E:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00485888 _____ () E:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-11 17:40 - 2015-11-10 02:44 - 00806992 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-06 16:33 - 2015-11-03 22:00 - 00201728 _____ () E:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-10-09 16:08 - 2015-10-08 22:20 - 45010208 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
2015-10-08 18:36 - 2015-09-24 23:56 - 00119208 _____ () E:\Program Files (x86)\Steam\winh264.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "CAM"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E8E2E117-012A-42B0-B3CD-90287E834962}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90E5C2DB-8DCF-459D-84A1-C51CDCA91ECC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C494CD36-DE80-4970-A5E1-6DAA9F0BB69B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C06926B8-6248-40C2-9BDF-4B994E084663}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC0E8B0C-54CD-4AF3-802D-B524A9234BAF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{63ACB157-203E-475B-8EDC-ACEAF3724063}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{216A1EA1-E7ED-4750-95F2-FA4FE52686FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{48F232BF-D935-4859-B712-95EC5689D9D0}] => (Allow) LPort=9143
FirewallRules: [{7D973E54-F2C5-47E1-8BB3-C82E06996E64}] => (Allow) LPort=2333
FirewallRules: [{6A311AA3-1784-4C4B-A095-82FD2C61E836}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFE6AF09-3421-4AB0-A6A9-C6275F1C409A}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{9ED3E9AF-6145-480E-BDB4-C97766836860}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F60C3A6D-AC9D-4CD2-ABC7-08D56DB73683}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EE040732-93AF-4F5C-A9D7-660A4D5E9994}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B64E2052-A8AA-4B4D-8A47-F1E1CD5119B4}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{87326815-01AF-4728-956D-CEACB38B2437}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{FB24A730-07BD-45EA-84C7-762F6483AED0}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{72C45C05-15DD-4A10-8C97-D94FACA9A178}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{39E9A74D-236F-4D09-B28F-8F0B9953F7F7}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A8CB3AC4-B596-4098-8BDB-5FD93BF6D5A9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{74739A6C-AC79-469C-97FD-34040FE31808}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{15EAA3CE-C3E8-4A90-B081-78C6B513FBBF}E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EF5042D6-89E6-4CFA-B0C3-A0119B79B8A8}E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{42919134-769E-48DB-BACD-DFAA15148D20}E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{1A2B136D-01A7-4096-8F0E-6078DDCE655D}E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{8B3E43CC-D9F7-47FA-AAE4-E044C817614D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{32518FF4-C6AA-440B-B354-818B4B1698E1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{B1055E01-D234-4795-8711-D8D0296810CD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKHR.exe
FirewallRules: [{029F3F9D-44CA-4975-81D7-C8FB7DE0E09B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKHR.exe
FirewallRules: [{60397ED4-2612-4839-B833-0A105AB2447C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKH\Hornet.exe
FirewallRules: [{ADE8AF1E-7397-456A-8CB5-307CDBDB11E6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKH\Hornet.exe
FirewallRules: [{4BEFA1C0-AE20-498A-8ABF-31EE07C1FE5E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{7D3F3AF0-51B5-4BA5-A0DF-64FE9C2D1E14}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{1EFEAD88-785A-40DF-BFB2-C5B3316751B3}] => (Allow) C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{89BE488C-3534-4E2D-ADCF-F3F8B3293FA1}] => (Allow) C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A599A173-7DE9-4AAB-B1CA-229AC4AC605D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{9628B48C-00D1-4F91-A8F0-39E613058563}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C9243AF8-347B-4FF7-8D5F-5291E9A5129F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7701BB00-74C0-47E9-AA8D-906FB994EE12}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E2997306-E4DE-42EB-8669-8874CAA52104}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{1038621A-22E6-4014-9CC2-686DD83D4093}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{B210C0FF-594F-4CB1-A528-5A18311F24A4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{D2AE4A9F-D898-43BC-9B0B-C4479A54AA6A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{84E41612-EF44-4752-9E6D-DCB8E356DA71}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{D47515D6-BD38-46C4-82FE-7ACBAC58A62D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{B32C2FBE-32C7-4F74-A153-049F08B1AB32}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E6311432-2759-44FE-9D7C-ED8098D6AD69}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{D546BA07-6474-49F8-A53C-E2E5A6D01905}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{FF56884A-AA1F-45C2-A741-1C051C00AD03}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{350776E7-60FA-4667-88FC-CABF7A0FEA04}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{AF5ABCA7-FA83-4976-B975-BF0DEC9B1E01}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{5B73CB3F-00AC-4709-AD9A-F8B85C08284F}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{4BA3805E-C2D1-425C-9518-1D5674B43B1A}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{490B896A-F97E-4C99-8B80-559602824ED1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3B75800F-3659-4DF8-818F-CACCBD6E45F8}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E6D90B3E-74A1-46FE-BFC6-6EC50339E1F8}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8C882019-120F-469B-A5B8-7F4E11E78A49}] => (Block) E:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{E69EC084-2680-4CEA-BC1A-EEB4D43E9A89}] => (Allow) E:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2292FCFB-19D7-480E-A1EE-E484296C9E39}] => (Allow) E:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6F13BD1-F10F-4880-BAFB-F76BDFC93A3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0113E25D-77DF-4933-911C-5C71767BA8FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E645933F-5010-47F5-AE4E-F061B809E131}] => (Allow) E:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E76A02FE-5151-46AD-A92D-18A4EBB2CF91}E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [UDP Query User{EB638B5E-1CAE-4804-A0D8-353DD81B1C47}E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [{183CC695-4E22-4653-82CC-C86502AA340D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C4363A8E-AEBC-41B4-A86B-64A832E2EF5E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{41E363D5-4782-4DCA-B534-A285F3309F55}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{02365D05-0638-4E43-AFA7-10E29A92E1AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{90DCE75B-392F-4835-A4D9-2CFCC737CD25}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{547B3DD3-6EAF-48FE-BEB0-2F227BCC8EA7}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BBB49219-7417-46C2-B123-45E1A52A737C}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{06F794AB-FB08-45A6-8E8D-180D99FF8439}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{12F67BFA-4818-4E32-A40C-F14D5FCC5216}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F67DB850-3B48-4CE4-A8EB-23870529F948}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{525590DB-153E-4E70-B00D-1B9F1063ACC6}] => (Allow) C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8FA5D15F-43AE-4D5F-825E-4A6F9A4B8452}] => (Allow) C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2A138DB1-7430-4100-9ECB-220837C83D0F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{F835258A-5B2A-4358-A9D6-15F960AC4DF3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{BC60B902-6923-49BA-9755-ED665D634766}] => (Allow) E:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{FF668B07-461E-4351-B96B-578423CBB206}] => (Allow) E:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [TCP Query User{F7C1A733-E3DE-4E47-8B88-F5D5564CFF70}E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{42F50269-658D-42A5-8B5D-12D11A1382B7}E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{213C4C2A-D817-410F-A19C-D7382F3CAE8B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EE6B2B7B-04C5-435C-BF69-F1E925890765}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D9C0BB87-6631-451E-A49D-A1153ACE2E4B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{6269ABB2-D946-4C13-B1CA-9D73232AE368}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{CB024652-B050-4B8C-984C-2975E9E8A14B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chains\Chains.exe
FirewallRules: [{81C7B5D4-820A-4D25-8EA0-2185E9FD5E8D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chains\Chains.exe
FirewallRules: [{81F90EFC-7603-49F0-9337-2CF6E7D92B2D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7D3E28FA-EFB0-4038-B5AC-8BB3C7E91BAD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{BED1FADD-8497-4C3C-9D59-4F73AB791823}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{92C430FE-DF5A-407A-989C-A41F29AD72F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [TCP Query User{47C025E6-F3B7-441D-BD93-EFCBD3F6AE2C}E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [UDP Query User{69C1A81F-DE95-4FE3-A015-BB63F818C866}E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [{1ACC1901-8CC1-4DED-BA8E-045E6FF9C9A8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{FED9749B-1042-4CBC-B872-B140A1A5E3CB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7542DFE5-693F-4C8A-AE86-65BDA22F83F6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{DA85D291-F488-40A8-87FA-A5A485A0C7FC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{3302FAEB-8BCE-4574-BC3F-91A6A4BF797C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Memories of a Vagabond\GAME.exe
FirewallRules: [{1CE4B90D-6F47-4B13-B408-1F17FB7C5AFF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Memories of a Vagabond\GAME.exe
FirewallRules: [{1B5E7032-767C-4372-8C78-79DD9E13C53E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chronicles of a Dark Lord Episode II War of The Abyss\Game.exe
FirewallRules: [{CD2A081D-74A1-485B-9C8F-BD7E0C4D37A0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chronicles of a Dark Lord Episode II War of The Abyss\Game.exe
FirewallRules: [{C19D7B2E-78C4-494A-9545-7F00BF7257D9}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{45547BDD-25F9-4A84-9F53-12B2F22557A1}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{723BB638-6C0B-4A27-9D96-78556081DFFF}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{976B044B-066A-406E-8710-48BA51A19C36}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{5BDE6AD9-CA9B-402C-81BA-9CACA6BA0907}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{6B82759C-375F-4D79-B954-93BF6341647D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{D2E03C58-5D7A-43FF-A2BB-1B746B519755}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{CE84E952-9F07-46E5-BF15-59F61DCD93BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{29BB4F5F-548D-4519-BB51-A8CE58A72161}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{0ECFF12C-BF1D-4513-AC2A-4E2EE52E1851}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [TCP Query User{DCD92225-9E3D-4658-92E5-F8D1B062C8BA}E:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) E:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{F993DA4A-7726-4557-8942-F517E757734D}E:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) E:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{48A9C57C-0D47-41EF-AA7E-F9C5E8D9C9D9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F78A5E94-CB41-4F6E-8D92-575391541530}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{A8FF5192-8964-4BF5-8DC7-71AE9D777B7C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{62A36456-1D38-4D59-B7A7-E3FD102BEC3A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{24E2C22E-93DB-49C7-8F6A-DD3F1231C9E2}E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{91011715-B20D-402A-9075-F2B667E91710}E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{17F9878B-01A6-4E55-B381-FCCF83680E77}E:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) E:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [UDP Query User{214B746B-249A-481C-AE9C-41723DD1D328}E:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) E:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [{251542A1-516B-4471-8DE2-2078B2A5EDD8}] => (Allow) E:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{F3D80361-135A-4F9A-B37D-E90FB5452AD4}] => (Allow) E:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{19E1188B-5B7C-4348-A6B7-734941D01C3C}] => (Allow) C:\Users\Betrayed\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{50EB8B45-0829-49CC-B84A-950AA5D618C8}] => (Allow) C:\Users\Betrayed\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{FD0C32DF-C4E7-471B-B18F-342DDF7452FD}E:\users\Betrayed\appdata\local\popcorn time\nw.exe] => (Allow) E:\users\Betrayed\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{6A233C4A-6000-4ECF-9FF0-A94F23E9CFF2}E:\users\Betrayed\appdata\local\popcorn time\nw.exe] => (Allow) E:\users\Betrayed\appdata\local\popcorn time\nw.exe
FirewallRules: [{B00441B6-0855-4E01-B556-5FCD2F06928C}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EE0A3081-EA1C-45C1-9B77-EA6EDB2F6356}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C119053F-EDAF-4809-A3AA-A5FC79CD63FF}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1BD8AA89-0815-4358-8EE3-99354657D5C5}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C30F52C1-5866-41E3-A4D5-41307465AC90}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7856FE51-8EB2-4A3A-8B17-85B201994C18}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{0796D3C5-1348-4624-8E03-FC36FE2705A7}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [{A613385E-B8C1-4FC5-9E2F-E8825E8DAAC5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{71DA221B-1F2D-4FF7-8FB4-56D503441A26}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{2C6740B2-6073-4977-ACF2-E46E23F8C3AD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{64308333-5821-4CB6-B6E0-A161DC8CB05D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{CE46178F-18AD-4406-B51F-EB0EE5000586}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{E46CE599-CF6D-4E48-95B6-2612A1D8E476}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{05FE6087-5B19-45DD-9291-922673FCE88B}] => (Allow) C:\Users\Betrayed\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{256C02C3-4873-46A6-9E27-BDF3915E5887}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FCA9C43B-727D-41DB-A819-5BF329CA2A07}] => (Allow) LPort=2869
FirewallRules: [{672A0318-DBA6-41C6-82C8-9BE9C2EDA8BE}] => (Allow) LPort=1900
FirewallRules: [{62EB95A0-3BEE-4EA9-8025-4C5E5BFBAC93}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D5E06514-BBD1-4941-9E18-27348E68BD1E}] => (Allow) LPort=27016
FirewallRules: [{AF85B44C-4663-4523-8FD8-2D31E11D3061}] => (Allow) LPort=27016
FirewallRules: [{4CF0C985-06CC-4583-8812-23E6EDD44FAD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{4FF5646C-CC6F-4BD5-BB44-3DAFCCA6C04A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{4D7FB2C0-40A3-4C35-A727-6A4E5C914F13}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{0E3FAA91-25A0-4D45-BD09-023284E7CE46}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{3806ADDA-DB3C-469E-8296-3606E4C12D18}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{C7105973-6A01-4A36-91EB-84FCF2C6C1A7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{16D42176-D35C-4DCB-A97D-CA8108F38746}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8BCE8E35-40A5-4EB9-A0EC-1C4C85CF74E5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{36FF49E3-CB53-4132-B133-05F5B0702395}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{632995C4-CA89-48EA-87C6-AF3A13AAFC3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{929FFDE2-54C6-4C85-BA75-48363B66F81E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [{1A9053C3-3814-4D22-9AA3-B256DBBEC34B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [{E4DA4B77-C999-41CF-84B6-2ED8609B6928}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{58D520CF-5550-44EA-BF03-8E6089F3185B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{607F6133-56BA-4F40-BBD7-B2E4E5F34D3C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{068C319C-79E1-4429-BD9A-6289093A99FE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{574A5FBB-2831-4695-94B1-39E93ECEF0D4}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60B5F74D-28E0-4003-BC87-132C1F79DF3A}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4DE8C07-34CA-45AE-9E23-CFFE5ED15AAA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EFAAC73C-5403-4701-B428-6A4A68FF17B6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/10/2015 07:10:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x5653d523
Faulting module name: tier0.dll, version: 0.0.0.0, time stamp: 0x5653d3d1
Exception code: 0xc0000005
Fault offset: 0x0001d4b9
Faulting process ID: 0x78c8
Faulting application start time: 0xcsgo.exe0
Faulting application path: csgo.exe1
Faulting module path: csgo.exe2
Report ID: csgo.exe3
Faulting package full name: csgo.exe4
Faulting package-relative application ID: csgo.exe5
 
Error: (12/10/2015 05:04:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
 
System Error:
0xC0000039 (unresolvable).
 
Error: (12/10/2015 05:03:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
 
System Error:
0xC0000039 (unresolvable).
 
Error: (12/10/2015 05:03:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
 
System Error:
0xC0000039 (unresolvable).
 
Error: (12/10/2015 05:03:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
 
System Error:
0xC0000039 (unresolvable).
 
Error: (12/10/2015 05:03:57 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
 
Error: (12/08/2015 05:40:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 4.1.2004.6464, time stamp: 0x561959d8
Faulting module name: ntdll.dll, version: 6.3.9600.18007, time stamp: 0x55c4c16b
Exception code: 0xc0000005
Fault offset: 0x000000000003b189
Faulting process ID: 0x388
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report ID: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
 
Error: (12/07/2015 08:52:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
 
Error: (12/07/2015 08:52:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (12/07/2015 08:52:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8
 
 
System errors:
=============
Error: (12/10/2015 05:40:44 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (12/10/2015 05:40:13 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (12/10/2015 05:36:32 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (12/10/2015 05:36:02 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (12/10/2015 05:32:19 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (12/10/2015 05:31:48 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (12/07/2015 05:49:27 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (12/07/2015 05:45:15 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (12/07/2015 05:41:33 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (12/07/2015 05:41:03 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 31%
Total physical RAM: 16279.26 MB
Available physical RAM: 11202.39 MB
Total Virtual: 18711.26 MB
Available Virtual: 12640.93 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.37 GB) (Free:143.56 GB) NTFS
Drive e: (Data) (Fixed) (Total:931.39 GB) (Free:389.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 

  • 0

Advertisements

#2
Betrayed
Posted 31 December 2015 - 08:02 PM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

Can I get some help here it has gotten worse!!!


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP