I would like to get my PC checked up as it has got slugish and feel I may have downloaded malware of some kind.
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by Betrayed (administrator) on BETRAYED (10-12-2015 19:16:00)
Running from E:\Users\Betrayed\Desktop
Loaded Profiles: Betrayed (Available Profiles: Betrayed)
Platform: Windows 8.1 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Pidgin developer community) E:\Program Files (x86)\Pidgin\pidgin.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(QFX Software Corporation) E:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(QFX Software Corporation) E:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Silverlight_x64.exe
(Microsoft Corporation) E:\87f44d2280115dedec5c40df904a45d7\install.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamSpeak Systems GmbH) E:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() E:\Program Files\Sublime Text 3\sublime_text.exe
() E:\Program Files\Sublime Text 3\plugin_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_66\launch4j-tmp\ArmA3Sync.exe
(NVIDIA Corporation) C:\Users\Betrayed\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-09-29] (Razer Inc.)
HKLM-x32\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe [113264 2015-04-28] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
HKLM-x32\...\Run: [KeyScrambler] => E:\Program Files (x86)\KeyScrambler\keyscrambler.exe [509216 2015-10-12] (QFX Software Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [13253952 2015-11-17] (Corsair Components, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Spotify Web Helper] => C:\Users\Betrayed\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-30] (Spotify Ltd)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Spotify] => C:\Users\Betrayed\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-30] (Spotify Ltd)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [uTorrent] => C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Clownfish] => E:\Program Files (x86)\Clownfish\Clownfish.exe [1341192 2015-05-20] (Bogdan Sharkov)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3097912 2015-07-16] (Nota Inc.)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DuckDns.lnk [2015-12-07]
ShortcutTarget: DuckDns.lnk -> E:\Program Files (x86)\DuckDNS\DuckDns.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-04-10]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> E:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (No File)
Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pidgin.lnk [2015-04-21]
ShortcutTarget: Pidgin.lnk -> E:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community)
Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-04-10]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9478278C-078A-470A-8F6E-61393289D336}: [DhcpNameServer] 10.211.254.254 8.8.8.8
Tcpip\..\Interfaces\{A0C7C18C-EAF9-4DB6-B1A5-46CFE9CB6313}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-25] (Avast Software s.r.o.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-25] (Avast Software s.r.o.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\p9bbor3d.default
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 9951
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> e:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @hola.org/vlc,version=1.8.747 -> C:\Users\Betrayed\AppData\Local\Hola\firefox_hola\app\vlc [No File]
FF Plugin HKU\S-1-5-21-2539508601-3164617073-3378887811-1001: @hola.org/FlashPlayer -> C:\Users\Betrayed\AppData\Local\Hola\firefox\app\flash\NPSWF32_18_0_0_232.dll [2015-12-04] ()
FF Plugin HKU\S-1-5-21-2539508601-3164617073-3378887811-1001: @hola.org/vlc -> C:\Users\Betrayed\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [2015-12-04] (Hola)
FF user.js: detected! => C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\p9bbor3d.default\user.js [2015-12-04]
FF Extension: Hola Better Internet - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\p9bbor3d.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-12-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Heartbeat) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2015-12-08]
CHR Extension: (Adblock Plus) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-25]
CHR Extension: (Steam inventory helper) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-11-23]
CHR Extension: (Tampermonkey) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-11-07]
CHR Extension: (Avast SafePrice) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-30]
CHR Extension: (LoungeDestroyer) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-11-28]
CHR Extension: (Avast Online Security) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-07-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-25]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (2048 AI - bitcoin) - C:\Users\Betrayed\AppData\Roaming\Opera Software\Opera Stable\Extensions\chfnopmklmpinabemlmldefhbhgkglmc [2015-06-16]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-25] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-30] ()
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 celavimushost; E:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-11-20] (altPUG LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-10-03] (EasyAntiCheat Ltd)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [643880 2015-04-06] (Apple Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 MbaeSvc; E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-03-19] (The OpenVPN Project)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-20] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 TeamViewer; E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-07-06] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-07-06] (Corsair)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [459544 2013-08-22] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ESProtectionDriver; E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-11] ()
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-18] (QFX Software Corporation)
S3 KeyScramblerDrv; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-18] (QFX Software Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39032 2015-11-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-25] (Avast Software)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-05-29] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [304128 2014-05-29] (VIA Technologies, Inc.)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 3ouuJHBhq; \??\F:\3ouuJHBhq.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 MvriXS68f; \??\F:\MvriXS68f.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 nvZqRK643hnvZq; \??\F:\nvZqRK643hnvZq.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.sys [X]
S3 wTnEgyJXCow; \??\F:\wTnEgyJXCow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-09 20:00 - 2015-12-09 20:00 - 00000000 ____D C:\Rogue
2015-12-09 17:39 - 2015-10-08 16:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2015-12-09 17:39 - 2015-10-08 15:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2015-12-07 21:00 - 2015-12-07 21:00 - 00000000 ____D E:\Program Files (x86)\DuckDNS
2015-12-07 21:00 - 2015-12-07 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuckDns
2015-12-07 19:18 - 2015-12-10 19:10 - 00000000 ____D E:\Program Files (x86)\ArmA3Sync
2015-12-07 19:18 - 2015-12-07 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArmA3Sync
2015-12-05 10:33 - 2015-12-05 10:33 - 00000844 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-05 10:33 - 2015-12-05 10:33 - 00000844 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-05 10:33 - 2015-12-05 10:33 - 00000000 ____D E:\Program Files (x86)\Mozilla Firefox
2015-12-04 20:20 - 2015-12-04 20:20 - 00001145 _____ C:\Users\Public\Desktop\PROXIFIER.lnk
2015-12-04 20:20 - 2015-12-04 20:20 - 00001060 _____ C:\Users\Public\Desktop\SocksClient - HIDEPASS.lnk
2015-12-04 20:20 - 2015-12-04 20:20 - 00001040 _____ C:\Users\Public\Desktop\SocksClient.lnk
2015-12-04 20:20 - 2015-12-04 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIP72 Socks Client
2015-12-03 16:37 - 2015-12-03 16:37 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 16:37 - 2015-12-03 16:37 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 19:15 - 2015-12-02 19:15 - 00000693 _____ C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-11-20 17:33 - 2015-11-20 17:33 - 00000000 ____D C:\ProgramData\Celavimus
2015-11-20 17:32 - 2015-11-20 17:32 - 00000000 ____D E:\Program Files (x86)\CEVO
2015-11-20 17:32 - 2015-11-20 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
2015-11-20 17:05 - 2015-11-28 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-11-17 21:31 - 2015-11-17 21:31 - 00000000 ____D C:\Users\Betrayed\AppData\Local\RzStats
2015-11-12 17:32 - 2015-12-01 17:19 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 17:32 - 2015-12-01 17:19 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 17:46 - 2015-10-30 23:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 17:46 - 2015-10-30 23:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 17:46 - 2015-10-30 23:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 17:46 - 2015-10-30 23:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 17:46 - 2015-10-30 23:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 17:46 - 2015-10-30 22:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 17:46 - 2015-10-30 22:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 17:46 - 2015-10-30 22:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 17:46 - 2015-10-30 22:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 17:46 - 2015-10-30 22:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 17:46 - 2015-10-30 22:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 17:46 - 2015-10-30 22:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 17:46 - 2015-10-30 22:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 17:46 - 2015-10-30 22:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 17:46 - 2015-10-30 22:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 17:46 - 2015-10-30 22:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 17:46 - 2015-10-30 22:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 17:46 - 2015-10-30 22:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 17:46 - 2015-10-30 22:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 17:46 - 2015-10-30 21:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 17:46 - 2015-10-30 21:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 17:46 - 2015-10-30 21:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 17:46 - 2015-10-30 21:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 17:46 - 2015-10-20 21:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:46 - 2015-10-20 14:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:46 - 2015-10-20 14:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:46 - 2015-10-20 14:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:46 - 2015-10-20 14:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 17:46 - 2015-10-20 14:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:46 - 2015-10-20 14:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:46 - 2015-10-20 14:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:46 - 2015-10-20 14:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 17:46 - 2015-10-20 14:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 17:46 - 2015-10-20 14:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 17:46 - 2015-10-20 14:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 17:46 - 2015-10-15 16:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:46 - 2015-10-15 15:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 17:46 - 2015-10-14 23:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:46 - 2015-10-14 23:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 17:46 - 2015-10-14 23:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 17:46 - 2015-10-14 23:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 17:46 - 2015-10-14 23:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 17:46 - 2015-10-13 17:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:46 - 2015-10-13 17:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:46 - 2015-10-13 15:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 17:46 - 2015-10-13 15:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 17:46 - 2015-10-11 06:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 17:46 - 2015-10-11 06:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:46 - 2015-10-10 18:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:46 - 2015-10-10 18:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:46 - 2015-10-10 18:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 17:46 - 2015-10-10 17:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:46 - 2015-10-10 17:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:46 - 2015-10-10 17:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 17:46 - 2015-10-10 16:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 17:46 - 2015-10-08 16:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 17:46 - 2015-09-29 12:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 17:46 - 2015-09-12 13:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 17:46 - 2015-09-07 16:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 17:46 - 2015-09-07 15:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 17:46 - 2015-09-07 15:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 17:46 - 2015-09-04 19:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 17:46 - 2015-08-28 22:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 17:46 - 2015-08-20 20:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 17:46 - 2015-08-20 17:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 17:46 - 2015-08-10 18:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 17:46 - 2015-08-10 18:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 17:46 - 2015-08-10 17:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 17:46 - 2015-08-10 16:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 17:46 - 2015-08-10 16:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 17:45 - 2015-10-17 14:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-10 19:16 - 2015-07-02 15:44 - 00000000 ____D C:\FRST
2015-12-10 19:16 - 2015-04-10 22:15 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\Skype
2015-12-10 19:13 - 2015-04-16 16:05 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\vlc
2015-12-10 19:10 - 2015-04-10 16:20 - 00000000 ____D C:\Users\Betrayed\AppData\Local\CrashDumps
2015-12-10 19:00 - 2015-06-16 21:56 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-10 18:50 - 2015-04-21 16:12 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\.purple
2015-12-10 18:47 - 2015-04-10 10:56 - 00000000 ____D E:\Program Files (x86)\Steam
2015-12-10 18:46 - 2015-04-12 15:52 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\TS3Client
2015-12-10 18:20 - 2015-04-10 03:47 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-10 18:20 - 2015-04-10 03:47 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-10 17:56 - 2015-04-12 15:14 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\uTorrent
2015-12-10 17:31 - 2015-04-10 03:45 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2539508601-3164617073-3378887811-1001
2015-12-10 17:17 - 2015-04-10 11:13 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\MultiBit
2015-12-10 17:08 - 2015-07-11 20:20 - 00000000 ____D E:\Program Files\Microsoft Silverlight
2015-12-10 17:08 - 2015-07-11 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 17:08 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-12-10 17:08 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-12-10 17:08 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2015-12-10 17:07 - 2015-04-10 22:54 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 17:07 - 2015-04-10 12:44 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Adobe
2015-12-10 17:04 - 2015-04-25 11:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-10 17:04 - 2015-04-10 22:54 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 19:45 - 2015-06-22 09:57 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Arma 3
2015-12-08 19:00 - 2015-06-16 21:56 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-07 20:36 - 2015-06-22 11:44 - 00001428 _____ C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Options.ini
2015-12-07 20:26 - 2015-06-22 11:42 - 00000299 _____ C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Login.ini
2015-12-07 19:32 - 2015-04-12 15:52 - 00000000 ____D E:\Program Files\TeamSpeak 3 Client
2015-12-06 22:06 - 2015-04-10 03:40 - 00000000 ____D C:\Users\Betrayed
2015-12-06 17:54 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-06 15:19 - 2015-04-10 22:36 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Steam
2015-12-06 15:13 - 2014-03-18 15:26 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-06 15:13 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Inf
2015-12-06 15:07 - 2015-04-10 20:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-06 15:07 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 22:52 - 2015-08-03 19:55 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\Kodi
2015-12-03 19:15 - 2015-05-10 16:43 - 00000000 ____D C:\ProgramData\Nimoru
2015-12-03 18:14 - 2013-08-22 13:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-12-02 18:15 - 2015-04-10 03:47 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 18:15 - 2015-04-10 03:47 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-28 13:11 - 2015-05-02 17:19 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\TeamViewer
2015-11-25 17:57 - 2015-04-25 11:12 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-24 18:22 - 2015-04-10 03:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-24 18:00 - 2015-04-25 12:46 - 00000000 ____D E:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-11-24 18:00 - 2015-04-25 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-11-24 18:00 - 2015-04-25 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-11-22 10:15 - 2013-08-22 14:44 - 05109440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-21 12:18 - 2015-04-10 22:46 - 00000000 ____D C:\ProgramData\Oracle
2015-11-21 12:11 - 2015-09-19 10:07 - 00000000 ____D C:\Users\Betrayed\.oracle_jre_usage
2015-11-21 12:11 - 2015-04-25 11:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-21 12:11 - 2015-04-25 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-18 19:36 - 2015-06-16 17:17 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434475024
2015-11-18 19:36 - 2015-06-16 17:17 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-15 13:43 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\rescache
2015-11-12 17:32 - 2013-08-22 13:36 - 00000000 ____D C:\Windows
2015-11-11 21:37 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-10 17:44 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\ModemLogs
==================== Files in the root of some directories =======
2015-03-11 11:18 - 2015-03-11 11:18 - 5519128 _____ (Piriform Ltd) E:\Program Files\Speccy.exe
2015-03-11 11:18 - 2015-03-11 11:18 - 7088408 _____ (Piriform Ltd) E:\Program Files\Speccy64.exe
2015-03-11 11:20 - 2015-03-11 11:20 - 0132336 _____ (Piriform Ltd) E:\Program Files\uninst.exe
2015-08-01 18:15 - 2015-08-03 10:52 - 1305195 _____ () C:\Users\Betrayed\AppData\Roaming\betrayed_64
2015-06-22 11:42 - 2015-12-07 20:26 - 0000299 _____ () C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Login.ini
2015-06-22 11:44 - 2015-12-07 20:36 - 0001428 _____ () C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Options.ini
2015-06-16 22:47 - 2015-07-18 16:00 - 0001456 _____ () C:\Users\Betrayed\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-04-10 22:24 - 2015-04-10 22:24 - 0000003 _____ () C:\Users\Betrayed\AppData\Local\updater.log
2015-04-10 22:24 - 2015-04-23 13:22 - 0000424 _____ () C:\Users\Betrayed\AppData\Local\UserProducts.xml
2015-04-10 03:46 - 2015-04-10 03:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Betrayed\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.631.exe
C:\Users\Betrayed\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Betrayed\AppData\Local\Temp\jshortcut-6103120319409491681.dll
C:\Users\Betrayed\AppData\Local\Temp\jshortcut-6397251574441412873.dll
C:\Users\Betrayed\AppData\Local\Temp\jshortcut-6777438745836335024.dll
C:\Users\Betrayed\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-10 17:31
==================== End of FRST.txt ============================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-12-2015
Ran by Betrayed (2015-12-10 19:16:21)
Running from E:\Users\Betrayed\Desktop
Windows 8.1 (X64) (2015-04-10 10:49:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2539508601-3164617073-3378887811-500 - Administrator - Disabled)
Guest (S-1-5-21-2539508601-3164617073-3378887811-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2539508601-3164617073-3378887811-1003 - Limited - Enabled)
Betrayed (S-1-5-21-2539508601-3164617073-3378887811-1001 - Administrator - Enabled) => C:\Users\Betrayed
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
A3Launcher version 0.0.0.11 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1) (Version: 0.0.0.11 - Maca134)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ArmA3Sync 1.5.72 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.72 - The [S.o.E] team)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Assassin’s Creed Unity (HKLM-x32\...\Steam App 289650) (Version: - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
Breaking Point (x32 Version: 5.0.2.9 - The Zombie Infection) Hidden
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
CAM (HKLM-x32\...\{8E86129E-48D3-4814-8D2D-66221881F370}) (Version: 2.0.16 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Chains (HKLM-x32\...\Steam App 11360) (Version: - 2DEngine.com)
Chronicles of a Dark Lord: Episode II War of The Abyss (HKLM-x32\...\Steam App 341780) (Version: - Kisareth Studios)
Corsair Utility Engine (HKLM-x32\...\{C6BECCF7-108F-4676-9471-E98F9AB40ABC}) (Version: 1.12.75 - Corsair)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZLauncher version 0.0.0.15 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4E6CFD40DF}_is1) (Version: 0.0.0.15 - Maca134)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland)
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version: - 800 North and Digital Ranch)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Dropbox (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
DuckDns version 1.0.5 (HKLM-x32\...\{72C90F4B-DDFB-410B-8761-9769CCF481AA}}_is1) (Version: 1.0.5 - ETX Software Inc.)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
FileSeek 4.3 (HKLM-x32\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 4.3.0.0 - Binary Fortress Software)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.1.4 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games)
H1Z1 Test Server (HKLM-x32\...\Steam App 362300) (Version: - )
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel® Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.8.2.0 - QFX Software Corporation)
Kodi (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Kodi) (Version: - XBMC-Foundation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Memories of a Vagabond (HKLM-x32\...\Steam App 307070) (Version: - DarkElite)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-GB)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
MultiBit Classic 0.5.19 (HKLM-x32\...\0884-5076-5786-4986) (Version: 0.5.19 - Bitcoin Solutions Ltd)
MultiBit HD 0.1.3 (HKLM\...\6925-4794-5772-4956) (Version: 0.1.3 - Bitcoin Solutions Ltd)
Nether (HKLM-x32\...\Steam App 247730) (Version: - Phosphor Games)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.87 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.87 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenVPN 2.3.6-I603 (HKLM\...\OpenVPN) (Version: 2.3.6-I603 - )
Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
pidgin-otr 4.0.1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.1 - Cypherpunks CA)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Popcorn Time (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Popcorn Time) (Version: - Popcorn Official)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 beta r2402 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27748 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.2.19 - Red Giant, LLC)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Skyperious 3.5 (HKLM-x32\...\Skyperious) (Version: 3.5 - Erki Suurjaak)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Killer Hornet: Resurrection (HKLM-x32\...\Steam App 271860) (Version: - Flump Studios)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version: - SkyGoblin)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{2F50AD39-44F4-48CB-94E4-5C5AEFB0DAC6}) (Version: 12.1.4 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.4 - Red Giant) Hidden
Trapcode Suite v12.1.7 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.7 - Red Giant, LLC)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Grep 2.3 (HKLM-x32\...\Windows Grep_is1) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WS Launcher (HKLM-x32\...\WS Launcher 26.0.3.9) (Version: 26.0.3.9 - WS.ARMA.SU)
WS Launcher (x32 Version: 26.0.3.9 - WS.ARMA.SU) Hidden
XSplit Broadcaster (HKLM-x32\...\{4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}) (Version: 2.2.1502.1633 - SplitmediaLabs)
XSplit Gamecaster (HKLM-x32\...\{4EDB1851-7427-4324-AAAA-9E3852C73DAE}) (Version: 2.2.1502.1741 - SplitmediaLabs)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
19-11-2015 17:46:20 Scheduled Checkpoint
29-11-2015 11:24:05 Scheduled Checkpoint
10-12-2015 17:03:59 Windows Modules Installer
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00ADCC5F-EF6B-46E0-BEF7-8F8555FAD857} - System32\Tasks\{9160FE5B-F82C-4BFC-9992-9169DEA38B81} => pcalua.exe -a C:\Users\Betrayed\Downloads\multibit-0.5.18-windows-setup.exe -d C:\Users\Betrayed\Downloads
Task: {18EB8C59-74CF-418C-BABA-B2174449CC1A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1DDD6182-A270-407B-A314-2353FAB5C130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {32A6098A-5ABB-480F-84BC-CEA6A40053E0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software)
Task: {3CB3DD9D-BF09-4518-B1FB-353C279E3F4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {3D387587-856C-4071-BD8D-655D666AAFAA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49494390-E068-4843-8D57-F2F61906D7F3} - System32\Tasks\AdobeAAMUpdater-1.0-Betrayed-Betrayed => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {4AE115FA-E485-47AD-96AA-75C82317F86F} - System32\Tasks\Opera scheduled Autoupdate 1434475024 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {6B2B5D71-4DB2-4520-AA0C-868F29624658} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {93827CB0-3478-4578-AFB2-A4F271F49610} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated)
Task: {C63368DB-141C-4A27-8B15-A2DC758DA40A} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.exe [2015-04-28] ()
Task: {D734CDAC-1B35-4EAA-B072-B2A56F503A41} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2539508601-3164617073-3378887811-1001 => C:\Users\Betrayed\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-03] (Microsoft Corporation)
Task: {D7A48855-C268-4A01-B6A1-9947A3A408B5} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-07-16] ()
Task: {D9BF4303-F390-4856-AF2A-75411CD17DA8} - System32\Tasks\Red Giant Link => E:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {E95697FF-DCA6-409C-819B-21AC944950E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {EEF6461A-AB78-4D91-9D44-EB2A7374F248} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F8D1AD39-2D82-4FBE-9816-10268D8A5D9A} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-07-16] ()
Task: {FFD5F675-58E7-48C6-9127-7A163E413E9A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-20 03:27 - 2015-04-20 03:27 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-23 19:11 - 2015-06-23 19:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-11 14:13 - 2015-02-11 14:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-04-10 13:43 - 2015-11-02 13:22 - 00116528 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-06 12:25 - 2015-04-06 12:25 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-04-06 12:25 - 2015-04-06 12:25 - 00777920 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-02-11 14:12 - 2015-02-11 14:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-02-28 09:14 - 2015-10-22 16:21 - 00175080 _____ () E:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 13:43 - 2015-10-22 16:21 - 00103400 _____ () E:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 13:43 - 2015-10-22 16:21 - 00108008 _____ () E:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-12-07 19:32 - 2015-06-16 22:09 - 00210944 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\ClownfishForTeamspeak_win64.dll
2015-12-07 19:32 - 2015-10-22 16:21 - 00312296 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-12-07 19:32 - 2015-12-05 20:04 - 00025600 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\last_channel_win64.dll
2015-12-07 19:32 - 2015-11-29 18:39 - 00486912 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2015-12-07 19:32 - 2015-06-10 11:28 - 04018176 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\task_force_radio_win64.dll
2015-12-07 19:32 - 2015-10-22 16:21 - 00483816 _____ () E:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 13:48 - 2015-09-24 17:21 - 00317440 _____ () E:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 13:48 - 2015-09-24 17:21 - 01709056 _____ () E:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-04-11 09:55 - 2015-03-26 17:23 - 05678848 _____ () E:\Program Files\Sublime Text 3\sublime_text.exe
2015-04-11 09:55 - 2015-03-26 15:17 - 00645632 _____ () E:\Program Files\Sublime Text 3\plugin_host.exe
2015-04-11 09:55 - 2015-03-18 12:49 - 01065472 _____ () E:\Program Files\Sublime Text 3\_hashlib.pyd
2015-04-25 11:11 - 2015-04-25 11:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-25 11:11 - 2015-04-25 11:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-06 10:51 - 2015-12-06 10:51 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120600\algo.dll
2015-12-10 17:15 - 2015-12-10 17:15 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121000\algo.dll
2014-09-03 10:03 - 2014-09-03 10:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-11 09:08 - 2015-10-12 03:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-15 17:38 - 2015-04-13 21:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-15 17:38 - 2015-04-13 21:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00036878 _____ () E:\Program Files (x86)\Pidgin\libssp-0.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00671031 _____ () E:\Program Files (x86)\Pidgin\exchndl.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00904525 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00100352 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00279059 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00553382 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00216992 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 01274655 _____ () E:\Program Files (x86)\Pidgin\libxml2-2.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00177586 _____ () E:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00475580 _____ () E:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00021075 _____ () E:\Program Files (x86)\Pidgin\plugins\.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00020997 _____ () E:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00013253 _____ () E:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00024924 _____ () E:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015702 _____ () E:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00014147 _____ () E:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00018882 _____ () E:\Program Files (x86)\Pidgin\plugins\history.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00012865 _____ () E:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00019043 _____ () E:\Program Files (x86)\Pidgin\plugins\idle.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00018555 _____ () E:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015074 _____ () E:\Program Files (x86)\Pidgin\plugins\libaim.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00311021 _____ () E:\Program Files (x86)\Pidgin\liboscar.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00092398 _____ () E:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00328186 _____ () E:\Program Files (x86)\Pidgin\plugins\libgg.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00016005 _____ () E:\Program Files (x86)\Pidgin\plugins\libicq.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00107365 _____ () E:\Program Files (x86)\Pidgin\plugins\libirc.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00190464 _____ () E:\Program Files (x86)\Pidgin\libsasl.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00374169 _____ () E:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00150598 _____ () E:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00106671 _____ () E:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00123540 _____ () E:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00116071 _____ () E:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00152852 _____ () E:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00171123 _____ () E:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 02097721 _____ () E:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00818985 _____ () E:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00055880 _____ () E:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00021337 _____ () E:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00417758 _____ () E:\Program Files (x86)\Pidgin\libjabber.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00022832 _____ () E:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00236666 _____ () E:\Program Files (x86)\Pidgin\libymsg.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00019793 _____ () E:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00047934 _____ () E:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00021795 _____ () E:\Program Files (x86)\Pidgin\plugins\markerline.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00013456 _____ () E:\Program Files (x86)\Pidgin\plugins\newline.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00029225 _____ () E:\Program Files (x86)\Pidgin\plugins\notify.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00017023 _____ () E:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2014-10-21 09:07 - 2014-10-21 09:07 - 00750080 _____ () E:\Program Files (x86)\Pidgin\plugins\pidgin-otr.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00029256 _____ () E:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015380 _____ () E:\Program Files (x86)\Pidgin\plugins\psychic.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015429 _____ () E:\Program Files (x86)\Pidgin\plugins\relnot.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015045 _____ () E:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00069625 _____ () E:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00031993 _____ () E:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00012004 _____ () E:\Program Files (x86)\Pidgin\plugins\ssl.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00015978 _____ () E:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00030353 _____ () E:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00032020 _____ () E:\Program Files (x86)\Pidgin\plugins\ticker.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00018399 _____ () E:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00023851 _____ () E:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00029791 _____ () E:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00030771 _____ () E:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00037191 _____ () E:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00044494 _____ () E:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00102400 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00115712 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00140288 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00102912 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2014-11-23 17:33 - 2014-11-23 17:33 - 00102912 _____ () E:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2014-11-23 17:34 - 2014-11-23 17:34 - 00486400 _____ () E:\Program Files (x86)\Pidgin\sqlite3.dll
2015-04-21 16:11 - 2015-04-21 16:11 - 00090496 _____ () E:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2015-10-01 06:28 - 2015-10-01 06:28 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-02-15 13:58 - 2015-02-15 13:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-04-25 11:11 - 2015-04-25 11:11 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-17 15:23 - 2015-11-17 15:23 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2015-11-17 15:22 - 2015-11-17 15:22 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2015-11-17 15:21 - 2015-11-17 15:21 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2015-02-15 13:58 - 2015-02-15 13:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-02-15 13:58 - 2015-02-15 13:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-10-08 18:36 - 2015-10-05 16:18 - 00778752 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2015-07-22 13:32 - 2015-07-03 16:12 - 04962816 _____ () E:\Program Files (x86)\Steam\v8.dll
2015-11-11 17:40 - 2015-11-10 02:44 - 02541648 _____ () E:\Program Files (x86)\Steam\video.dll
2015-07-22 13:32 - 2015-07-03 16:12 - 01556992 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2015-07-22 13:32 - 2015-07-03 16:12 - 01187840 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 02549248 _____ () E:\Program Files (x86)\Steam\libavcodec-56.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00491008 _____ () E:\Program Files (x86)\Steam\libavformat-56.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00332800 _____ () E:\Program Files (x86)\Steam\libavresample-2.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00442880 _____ () E:\Program Files (x86)\Steam\libavutil-54.dll
2015-10-08 18:36 - 2015-09-24 00:33 - 00485888 _____ () E:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-11 17:40 - 2015-11-10 02:44 - 00806992 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-06 16:33 - 2015-11-03 22:00 - 00201728 _____ () E:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-10-09 16:08 - 2015-10-08 22:20 - 45010208 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
2015-10-08 18:36 - 2015-09-24 23:56 - 00119208 _____ () E:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Whitelisted) =========
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "CAM"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2539508601-3164617073-3378887811-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E8E2E117-012A-42B0-B3CD-90287E834962}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90E5C2DB-8DCF-459D-84A1-C51CDCA91ECC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C494CD36-DE80-4970-A5E1-6DAA9F0BB69B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C06926B8-6248-40C2-9BDF-4B994E084663}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC0E8B0C-54CD-4AF3-802D-B524A9234BAF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{63ACB157-203E-475B-8EDC-ACEAF3724063}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{216A1EA1-E7ED-4750-95F2-FA4FE52686FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{48F232BF-D935-4859-B712-95EC5689D9D0}] => (Allow) LPort=9143
FirewallRules: [{7D973E54-F2C5-47E1-8BB3-C82E06996E64}] => (Allow) LPort=2333
FirewallRules: [{6A311AA3-1784-4C4B-A095-82FD2C61E836}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFE6AF09-3421-4AB0-A6A9-C6275F1C409A}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{9ED3E9AF-6145-480E-BDB4-C97766836860}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F60C3A6D-AC9D-4CD2-ABC7-08D56DB73683}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EE040732-93AF-4F5C-A9D7-660A4D5E9994}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B64E2052-A8AA-4B4D-8A47-F1E1CD5119B4}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{87326815-01AF-4728-956D-CEACB38B2437}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{FB24A730-07BD-45EA-84C7-762F6483AED0}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{72C45C05-15DD-4A10-8C97-D94FACA9A178}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{39E9A74D-236F-4D09-B28F-8F0B9953F7F7}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A8CB3AC4-B596-4098-8BDB-5FD93BF6D5A9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{74739A6C-AC79-469C-97FD-34040FE31808}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{15EAA3CE-C3E8-4A90-B081-78C6B513FBBF}E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EF5042D6-89E6-4CFA-B0C3-A0119B79B8A8}E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{42919134-769E-48DB-BACD-DFAA15148D20}E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{1A2B136D-01A7-4096-8F0E-6078DDCE655D}E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{8B3E43CC-D9F7-47FA-AAE4-E044C817614D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{32518FF4-C6AA-440B-B354-818B4B1698E1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{B1055E01-D234-4795-8711-D8D0296810CD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKHR.exe
FirewallRules: [{029F3F9D-44CA-4975-81D7-C8FB7DE0E09B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKHR.exe
FirewallRules: [{60397ED4-2612-4839-B833-0A105AB2447C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKH\Hornet.exe
FirewallRules: [{ADE8AF1E-7397-456A-8CB5-307CDBDB11E6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SuperKillerHornet\SKH\Hornet.exe
FirewallRules: [{4BEFA1C0-AE20-498A-8ABF-31EE07C1FE5E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{7D3F3AF0-51B5-4BA5-A0DF-64FE9C2D1E14}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{1EFEAD88-785A-40DF-BFB2-C5B3316751B3}] => (Allow) C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{89BE488C-3534-4E2D-ADCF-F3F8B3293FA1}] => (Allow) C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A599A173-7DE9-4AAB-B1CA-229AC4AC605D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{9628B48C-00D1-4F91-A8F0-39E613058563}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C9243AF8-347B-4FF7-8D5F-5291E9A5129F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7701BB00-74C0-47E9-AA8D-906FB994EE12}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E2997306-E4DE-42EB-8669-8874CAA52104}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{1038621A-22E6-4014-9CC2-686DD83D4093}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{B210C0FF-594F-4CB1-A528-5A18311F24A4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{D2AE4A9F-D898-43BC-9B0B-C4479A54AA6A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{84E41612-EF44-4752-9E6D-DCB8E356DA71}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{D47515D6-BD38-46C4-82FE-7ACBAC58A62D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{B32C2FBE-32C7-4F74-A153-049F08B1AB32}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E6311432-2759-44FE-9D7C-ED8098D6AD69}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{D546BA07-6474-49F8-A53C-E2E5A6D01905}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{FF56884A-AA1F-45C2-A741-1C051C00AD03}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{350776E7-60FA-4667-88FC-CABF7A0FEA04}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{AF5ABCA7-FA83-4976-B975-BF0DEC9B1E01}E:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{5B73CB3F-00AC-4709-AD9A-F8B85C08284F}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{4BA3805E-C2D1-425C-9518-1D5674B43B1A}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{490B896A-F97E-4C99-8B80-559602824ED1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3B75800F-3659-4DF8-818F-CACCBD6E45F8}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E6D90B3E-74A1-46FE-BFC6-6EC50339E1F8}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8C882019-120F-469B-A5B8-7F4E11E78A49}] => (Block) E:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{E69EC084-2680-4CEA-BC1A-EEB4D43E9A89}] => (Allow) E:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2292FCFB-19D7-480E-A1EE-E484296C9E39}] => (Allow) E:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6F13BD1-F10F-4880-BAFB-F76BDFC93A3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0113E25D-77DF-4933-911C-5C71767BA8FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E645933F-5010-47F5-AE4E-F061B809E131}] => (Allow) E:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E76A02FE-5151-46AD-A92D-18A4EBB2CF91}E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [UDP Query User{EB638B5E-1CAE-4804-A0D8-353DD81B1C47}E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [{183CC695-4E22-4653-82CC-C86502AA340D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C4363A8E-AEBC-41B4-A86B-64A832E2EF5E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{41E363D5-4782-4DCA-B534-A285F3309F55}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{02365D05-0638-4E43-AFA7-10E29A92E1AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{90DCE75B-392F-4835-A4D9-2CFCC737CD25}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{547B3DD3-6EAF-48FE-BEB0-2F227BCC8EA7}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BBB49219-7417-46C2-B123-45E1A52A737C}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{06F794AB-FB08-45A6-8E8D-180D99FF8439}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{12F67BFA-4818-4E32-A40C-F14D5FCC5216}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F67DB850-3B48-4CE4-A8EB-23870529F948}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{525590DB-153E-4E70-B00D-1B9F1063ACC6}] => (Allow) C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8FA5D15F-43AE-4D5F-825E-4A6F9A4B8452}] => (Allow) C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2A138DB1-7430-4100-9ECB-220837C83D0F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{F835258A-5B2A-4358-A9D6-15F960AC4DF3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{BC60B902-6923-49BA-9755-ED665D634766}] => (Allow) E:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{FF668B07-461E-4351-B96B-578423CBB206}] => (Allow) E:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [TCP Query User{F7C1A733-E3DE-4E47-8B88-F5D5564CFF70}E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{42F50269-658D-42A5-8B5D-12D11A1382B7}E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\users\Betrayed\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{213C4C2A-D817-410F-A19C-D7382F3CAE8B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EE6B2B7B-04C5-435C-BF69-F1E925890765}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D9C0BB87-6631-451E-A49D-A1153ACE2E4B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{6269ABB2-D946-4C13-B1CA-9D73232AE368}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{CB024652-B050-4B8C-984C-2975E9E8A14B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chains\Chains.exe
FirewallRules: [{81C7B5D4-820A-4D25-8EA0-2185E9FD5E8D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chains\Chains.exe
FirewallRules: [{81F90EFC-7603-49F0-9337-2CF6E7D92B2D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7D3E28FA-EFB0-4038-B5AC-8BB3C7E91BAD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{BED1FADD-8497-4C3C-9D59-4F73AB791823}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{92C430FE-DF5A-407A-989C-A41F29AD72F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [TCP Query User{47C025E6-F3B7-441D-BD93-EFCBD3F6AE2C}E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [UDP Query User{69C1A81F-DE95-4FE3-A015-BB63F818C866}E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) E:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [{1ACC1901-8CC1-4DED-BA8E-045E6FF9C9A8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{FED9749B-1042-4CBC-B872-B140A1A5E3CB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7542DFE5-693F-4C8A-AE86-65BDA22F83F6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{DA85D291-F488-40A8-87FA-A5A485A0C7FC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Journey Down\JourneyDown1.exe
FirewallRules: [{3302FAEB-8BCE-4574-BC3F-91A6A4BF797C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Memories of a Vagabond\GAME.exe
FirewallRules: [{1CE4B90D-6F47-4B13-B408-1F17FB7C5AFF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Memories of a Vagabond\GAME.exe
FirewallRules: [{1B5E7032-767C-4372-8C78-79DD9E13C53E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chronicles of a Dark Lord Episode II War of The Abyss\Game.exe
FirewallRules: [{CD2A081D-74A1-485B-9C8F-BD7E0C4D37A0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Chronicles of a Dark Lord Episode II War of The Abyss\Game.exe
FirewallRules: [{C19D7B2E-78C4-494A-9545-7F00BF7257D9}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{45547BDD-25F9-4A84-9F53-12B2F22557A1}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{723BB638-6C0B-4A27-9D96-78556081DFFF}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{976B044B-066A-406E-8710-48BA51A19C36}] => (Allow) F:\S3KLoader.exe
FirewallRules: [{5BDE6AD9-CA9B-402C-81BA-9CACA6BA0907}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{6B82759C-375F-4D79-B954-93BF6341647D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{D2E03C58-5D7A-43FF-A2BB-1B746B519755}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{CE84E952-9F07-46E5-BF15-59F61DCD93BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{29BB4F5F-548D-4519-BB51-A8CE58A72161}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{0ECFF12C-BF1D-4513-AC2A-4E2EE52E1851}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [TCP Query User{DCD92225-9E3D-4658-92E5-F8D1B062C8BA}E:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) E:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{F993DA4A-7726-4557-8942-F517E757734D}E:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) E:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{48A9C57C-0D47-41EF-AA7E-F9C5E8D9C9D9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F78A5E94-CB41-4F6E-8D92-575391541530}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{A8FF5192-8964-4BF5-8DC7-71AE9D777B7C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{62A36456-1D38-4D59-B7A7-E3FD102BEC3A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{24E2C22E-93DB-49C7-8F6A-DD3F1231C9E2}E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{91011715-B20D-402A-9075-F2B667E91710}E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{17F9878B-01A6-4E55-B381-FCCF83680E77}E:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) E:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [UDP Query User{214B746B-249A-481C-AE9C-41723DD1D328}E:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) E:\program files (x86)\a3launcher\a3launcher.exe
FirewallRules: [{251542A1-516B-4471-8DE2-2078B2A5EDD8}] => (Allow) E:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{F3D80361-135A-4F9A-B37D-E90FB5452AD4}] => (Allow) E:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{19E1188B-5B7C-4348-A6B7-734941D01C3C}] => (Allow) C:\Users\Betrayed\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{50EB8B45-0829-49CC-B84A-950AA5D618C8}] => (Allow) C:\Users\Betrayed\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{FD0C32DF-C4E7-471B-B18F-342DDF7452FD}E:\users\Betrayed\appdata\local\popcorn time\nw.exe] => (Allow) E:\users\Betrayed\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{6A233C4A-6000-4ECF-9FF0-A94F23E9CFF2}E:\users\Betrayed\appdata\local\popcorn time\nw.exe] => (Allow) E:\users\Betrayed\appdata\local\popcorn time\nw.exe
FirewallRules: [{B00441B6-0855-4E01-B556-5FCD2F06928C}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EE0A3081-EA1C-45C1-9B77-EA6EDB2F6356}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C119053F-EDAF-4809-A3AA-A5FC79CD63FF}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1BD8AA89-0815-4358-8EE3-99354657D5C5}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C30F52C1-5866-41E3-A4D5-41307465AC90}] => (Allow) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7856FE51-8EB2-4A3A-8B17-85B201994C18}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{0796D3C5-1348-4624-8E03-FC36FE2705A7}E:\program files (x86)\kodi\kodi.exe] => (Allow) E:\program files (x86)\kodi\kodi.exe
FirewallRules: [{A613385E-B8C1-4FC5-9E2F-E8825E8DAAC5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{71DA221B-1F2D-4FF7-8FB4-56D503441A26}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{2C6740B2-6073-4977-ACF2-E46E23F8C3AD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{64308333-5821-4CB6-B6E0-A161DC8CB05D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{CE46178F-18AD-4406-B51F-EB0EE5000586}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{E46CE599-CF6D-4E48-95B6-2612A1D8E476}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{05FE6087-5B19-45DD-9291-922673FCE88B}] => (Allow) C:\Users\Betrayed\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{256C02C3-4873-46A6-9E27-BDF3915E5887}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FCA9C43B-727D-41DB-A819-5BF329CA2A07}] => (Allow) LPort=2869
FirewallRules: [{672A0318-DBA6-41C6-82C8-9BE9C2EDA8BE}] => (Allow) LPort=1900
FirewallRules: [{62EB95A0-3BEE-4EA9-8025-4C5E5BFBAC93}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D5E06514-BBD1-4941-9E18-27348E68BD1E}] => (Allow) LPort=27016
FirewallRules: [{AF85B44C-4663-4523-8FD8-2D31E11D3061}] => (Allow) LPort=27016
FirewallRules: [{4CF0C985-06CC-4583-8812-23E6EDD44FAD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{4FF5646C-CC6F-4BD5-BB44-3DAFCCA6C04A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{4D7FB2C0-40A3-4C35-A727-6A4E5C914F13}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{0E3FAA91-25A0-4D45-BD09-023284E7CE46}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{3806ADDA-DB3C-469E-8296-3606E4C12D18}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{C7105973-6A01-4A36-91EB-84FCF2C6C1A7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{16D42176-D35C-4DCB-A97D-CA8108F38746}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8BCE8E35-40A5-4EB9-A0EC-1C4C85CF74E5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{36FF49E3-CB53-4132-B133-05F5B0702395}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{632995C4-CA89-48EA-87C6-AF3A13AAFC3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{929FFDE2-54C6-4C85-BA75-48363B66F81E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [{1A9053C3-3814-4D22-9AA3-B256DBBEC34B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Nether\Game\Binaries\Win64\Nether.exe
FirewallRules: [{E4DA4B77-C999-41CF-84B6-2ED8609B6928}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{58D520CF-5550-44EA-BF03-8E6089F3185B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{607F6133-56BA-4F40-BBD7-B2E4E5F34D3C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{068C319C-79E1-4429-BD9A-6289093A99FE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{574A5FBB-2831-4695-94B1-39E93ECEF0D4}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60B5F74D-28E0-4003-BC87-132C1F79DF3A}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4DE8C07-34CA-45AE-9E23-CFFE5ED15AAA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EFAAC73C-5403-4701-B428-6A4A68FF17B6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/10/2015 07:10:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x5653d523
Faulting module name: tier0.dll, version: 0.0.0.0, time stamp: 0x5653d3d1
Exception code: 0xc0000005
Fault offset: 0x0001d4b9
Faulting process ID: 0x78c8
Faulting application start time: 0xcsgo.exe0
Faulting application path: csgo.exe1
Faulting module path: csgo.exe2
Report ID: csgo.exe3
Faulting package full name: csgo.exe4
Faulting package-relative application ID: csgo.exe5
Error: (12/10/2015 05:04:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (12/10/2015 05:03:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (12/10/2015 05:03:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (12/10/2015 05:03:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (12/10/2015 05:03:57 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
Error: (12/08/2015 05:40:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamUserAgent.exe, version: 4.1.2004.6464, time stamp: 0x561959d8
Faulting module name: ntdll.dll, version: 6.3.9600.18007, time stamp: 0x55c4c16b
Exception code: 0xc0000005
Fault offset: 0x000000000003b189
Faulting process ID: 0x388
Faulting application start time: 0xNvStreamUserAgent.exe0
Faulting application path: NvStreamUserAgent.exe1
Faulting module path: NvStreamUserAgent.exe2
Report ID: NvStreamUserAgent.exe3
Faulting package full name: NvStreamUserAgent.exe4
Faulting package-relative application ID: NvStreamUserAgent.exe5
Error: (12/07/2015 08:52:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
Error: (12/07/2015 08:52:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (12/07/2015 08:52:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8
System errors:
=============
Error: (12/10/2015 05:40:44 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/10/2015 05:40:13 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/10/2015 05:36:32 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/10/2015 05:36:02 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/10/2015 05:32:19 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/10/2015 05:31:48 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/07/2015 05:49:27 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/07/2015 05:45:15 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/07/2015 05:41:33 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/07/2015 05:41:03 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
==================== Memory info ===========================
Processor: Intel® Core i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 31%
Total physical RAM: 16279.26 MB
Available physical RAM: 11202.39 MB
Total Virtual: 18711.26 MB
Available Virtual: 12640.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.37 GB) (Free:143.56 GB) NTFS
Drive e: (Data) (Fixed) (Total:931.39 GB) (Free:389.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================