1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive-A kbdclass.sys malware

Discussion in 'Malware and Virus Removal Archive' started by marcusdk, 2015/06/19.

Page 1 of 2
  1. 2015/06/19
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    [Inactive-A] kbdclass.sys malware

    sorry for all the log posts! but i couldn't post them in a single post since they are very long.
    Hello, i have had this problem for some days now, and it's not going away. i have started a thread in the "Windows 7" forum, and one user said to me that it looked like i had an malware and said that i should make a thread here. http://www.windowsbbs.com/windows-7/109394-kbdclass-sys-bsod.html

    everytime i press a button on my keyboard i get the bluescreen of death. i have tried to use another keyboard but that didn't work. the problem started after i downloaded Kaspersky Anti-Virus. i have unistalled the program but i still get the same crash everytime i press a button

    Programs i have used to try and fix the problem
    : malwarebytes
    : Advanced SystemCare 8
    : Bitdefender Total Security 2015
    FRST LOG PART 1
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
    Ran by Gamer (administrator) on GAMER-PC on 20-06-2015 00:58:23
    Running from C:\Users\Gamer\Desktop
    Loaded Profiles: Gamer (Available Profiles: Gamer & Marcus & test)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Engelsk (USA)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Safe Mode (with Networking)
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Windows\HelpPane.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-17] (Bitdefender)
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\MountPoints2: D - D:\Setup.exe
    AppInit_DLLs: d3dgearload64.dll => C:\Windows\system32\d3dgearload64.dll [256288 2014-09-18] (D3DGear Technologies.)
    AppInit_DLLs-x32: d3dgearload.dll => "d3dgearload.dll" File not found
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
    ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
    ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
    ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
    ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKU\S-1-5-21-373667173-139741353-2546641198-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://dk.yhs4.search.yahoo.com/yhs...r=2043191446&a=wncy_pwrisofs_15_25&os=Windows 7 Ultimate&p={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://dk.yhs4.search.yahoo.com/yhs...r=2043191446&a=wncy_pwrisofs_15_25&os=Windows 7 Ultimate&p={searchTerms}
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-05-29] (IObit)
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-17] (Bitdefender)
    BHO: No Name -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> No File
    BHO: No Name -> {4A7494E3-AC67-81DF-6557-35A7D990D865} -> No File
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
    BHO: No Name -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> No File
    BHO: No Name -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> No File
    BHO: No Name -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> No File
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    BHO: No Name -> {f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e} -> No File
    BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-17] (Bitdefender)
    BHO-x32: No Name -> {4A7494E3-AC67-81DF-6557-35A7D990D865} -> No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
    BHO-x32: No Name -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> No File
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation)
    BHO-x32: No Name -> {f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e} -> No File
    Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
    Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-17] (Bitdefender)
    Toolbar: HKLM-x32 - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
    Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-17] (Bitdefender)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    Handler: vipresg - No CLSID Value
    Winsock: Catalog9 01 C:\Windows\SysWOW64\Pelithmy.dll [286720 2015-06-15] ()
    Winsock: Catalog9 02 C:\Windows\SysWOW64\Pelithmy.dll [286720 2015-06-15] ()
    Winsock: Catalog9 03 C:\Windows\SysWOW64\Pelithmy.dll [286720 2015-06-15] ()
    Winsock: Catalog9 04 C:\Windows\SysWOW64\Pelithmy.dll [286720 2015-06-15] ()
    Winsock: Catalog9 15 C:\Windows\SysWOW64\Pelithmy.dll [286720 2015-06-15] ()
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 193.162.153.164 194.239.134.83

    FireFox:
    ========
    FF ProfilePath: C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default
    FF DefaultSearchEngine: Yahoo! (Avast)
    FF DefaultSearchUrl: https://dk.search.yahoo.com/yhs/search
    FF SearchEngineOrder.1: Yahoo! (Avast)
    FF SelectedSearchEngine: Yahoo! (Avast)
    FF Homepage: google.dk
    FF Keyword.URL: https://dk.search.yahoo.com/yhs/search
    FF NetworkProxy: "type ", 5
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
    FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
    FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
    FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation)
    FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com No File
    FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
    FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
    FF Plugin HKU\S-1-5-21-373667173-139741353-2546641198-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gamer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
    FF user.js: detected! => C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\user.js [2015-05-29]
    FF Plugin ProgramFiles/Appdata: C:\Users\Gamer\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
    FF SearchPlugin: C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\searchplugins\search-provided-by-yahoo.xml [2015-06-15]
    FF SearchPlugin: C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\searchplugins\yahoo-avast.xml [2015-01-16]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-co-uk.xml [2015-05-14]
    FF Extension: Cinem Plus 2.4cV15.06 - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.com [2015-06-15]
    FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\iobitascsurfingprotection@iobit.com [2015-05-29]
    FF Extension: Widevine Media Optimizer - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2015-02-20]
    FF Extension: MEGA - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\firefox@mega.co.nz.xpi [2015-04-29]
    FF Extension: Adblock Plus - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-23]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
    FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-06-17]
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
    FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
    FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-06-17]
    FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Unfriend Notify for Facebook) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2015-04-30]
    CHR Extension: (Bitdefender Wallet) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-06-17]
    CHR Extension: (AdBlock) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-30]
    CHR Extension: (Google Wallet) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]
    CHR Extension: (Enhanced Steam) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-06-14]
    CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

    Opera:
    =======
    OPR Extension: (Shop and Save Up) - C:\Users\Gamer\AppData\Roaming\Opera Software\Opera Stable\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-06-16]
    OPR Extension: (Cinem Plus 2.4cV15.06) - C:\Users\Gamer\AppData\Roaming\Opera Software\Opera Stable\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh [2015-06-15]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
    S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
    S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
    S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
    S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
    S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
    S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
    S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1751096 2015-05-28] (GOG.com)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-16] (GOG.com)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-03-26] (IObit)
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    S3 OpenVPNService; c:\Users\Gamer\.openvpn\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-09] (Electronic Arts)
    S2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender)
    S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-27] ()
    S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-23] ()
    S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [215128 2015-06-16] ()
    S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
    S2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) [File not signed]
    S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
    S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-06-17] (Bitdefender)
    S2 WajaInternetEnhancer Service; C:\Program Files (x86)\WajaInternetEnhancer\WajaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe [1155072 2015-06-12] () [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-15] (Microsoft Corporation)
    S2 53a1c4d9; No ImagePath
    S2 AVP15.0.2; No ImagePath
    S2 SBAMSvc; No ImagePath
    S2 SBPIMSvc; No ImagePath

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2015-03-31] (Advanced Micro Devices)
    R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
    S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-03] ()
    S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-06-17] (BitDefender)
    R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-06-17] (BitDefender)
    S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-06-17] (BitDefender)
    S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
    R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-06-17] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
    S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
    S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-06-17] (BitDefender SRL)
    S1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
    S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
    S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
    S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
    S3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
    R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
    S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-09] (Phoenix Technologies) [File not signed]
    S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
    U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc.)
    S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
    S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
    S0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-06-17] (BitDefender LLC)
    S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
    S2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-05-18] (Kaspersky Lab ZAO)
    R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
    S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
    S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-05-18] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
    S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
    S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
    S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
    R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
    S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
    S3 LHidFilt; C:\Windows\System32\DRIVERS\LHidFilt.Sys [54800 2008-02-29] (Logicool, Inc.)
    S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-03] ()
    S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
    S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
    S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
    S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
    S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
    S2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2014-11-20] (ThreatTrack Security, Inc.)
    S3 sbwtis; C:\Windows\System32\DRIVERS\sbwtis.sys [95608 2014-11-20] (ThreatTrack Security)
    R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
    R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-03-11] (Synaptics Incorporated)
    S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
    S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-02-10] ()
    S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-02-10] ()
    S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700424 2014-02-10] ()
    S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
    R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [108896 2015-06-16] (Webroot)
    S1 Aadewb120; \??\C:\Windows\system32\Drivers\Aadewb120.sys [X]
    S3 BioNTDrv; \??\C:\Program Files\Paragon Software\Hard Disk Manager 14 Suite\program\BioNTDrv.SYS [X]
    S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S1 Hizok120; \??\C:\Windows\system32\Drivers\Hizok120.sys [X]
    S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-20 00:58 - 2015-06-20 00:59 - 00028479 _____ C:\Users\Gamer\Desktop\FRST.txt
    2015-06-20 00:58 - 2015-06-20 00:58 - 00000000 ____D C:\FRST
    2015-06-20 00:57 - 2015-06-20 00:57 - 02109952 _____ (Farbar) C:\Users\Gamer\Downloads\FRST64.exe
    2015-06-20 00:57 - 2015-06-20 00:57 - 02109952 _____ (Farbar) C:\Users\Gamer\Desktop\FRST64.exe
    2015-06-19 21:51 - 2015-06-19 21:51 - 00045310 _____ C:\Users\Gamer\Downloads\Result.txt
    2015-06-19 21:50 - 2015-06-19 21:50 - 00403456 _____ (Farbar) C:\Users\Gamer\Downloads\MiniToolBox.exe
    2015-06-19 21:34 - 2010-09-20 12:05 - 06664704 _____ (Hazar & Co.) C:\Users\Gamer\Desktop\RemoveWAT.exe
    2015-06-19 21:27 - 2015-06-19 21:28 - 06664704 _____ (Hazar & Co.) C:\Users\Gamer\Downloads\REMOVEWAT(3).EXE
    2015-06-19 21:19 - 2015-06-19 21:22 - 06664704 _____ (Hazar & Co.) C:\Users\Gamer\Downloads\REMOVEWAT(2).EXE
    2015-06-19 21:16 - 2015-06-19 21:17 - 06664704 _____ (Hazar & Co.) C:\Users\Gamer\Downloads\Ikke bekræftet 599736.crdownload
    2015-06-19 14:28 - 2015-06-19 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEnhancer
    2015-06-19 14:27 - 2015-06-19 14:28 - 00000000 ____D C:\Program Files (x86)\WajaInternetEnhancer
    2015-06-19 14:27 - 2015-06-19 14:27 - 00000000 ____D C:\Program Files (x86)\Wajam
    2015-06-19 14:14 - 2015-06-19 14:14 - 02335697 _____ C:\Users\Gamer\Downloads\RemoveWAT(1).exe
    2015-06-19 13:49 - 2015-06-19 13:49 - 02335697 _____ C:\Users\Gamer\Downloads\RemoveWAT.exe
    2015-06-19 00:49 - 2015-06-19 00:49 - 00000000 ____D C:\Users\Gamer\Desktop\Ny mappe
    2015-06-19 00:46 - 2015-06-19 00:46 - 00593693 _____ C:\Users\Gamer\Downloads\Autoruns.zip
    2015-06-19 00:36 - 2015-06-20 00:43 - 00000616 _____ C:\Windows\setupact.log
    2015-06-19 00:36 - 2015-06-19 00:36 - 00000000 _____ C:\Windows\setuperr.log
    2015-06-19 00:34 - 2015-06-20 00:46 - 00003226 _____ C:\Windows\PFRO.log
    2015-06-18 23:37 - 2015-06-18 23:37 - 02335697 _____ C:\Users\Gamer\Downloads\Ikke bekræftet 125746.crdownload
    2015-06-18 22:23 - 2015-06-18 22:23 - 00000000 ____D C:\symbols
    2015-06-18 22:23 - 2015-06-16 17:17 - 00325600 _____ C:\Windows\Minidump\061615-32775-01.dmp
    2015-06-18 22:13 - 2015-06-18 22:13 - 00031631 _____ C:\Users\Gamer\Downloads\061615-32775-01.zip
    2015-06-18 19:56 - 2015-06-18 22:36 - 00000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
    2015-06-18 19:56 - 2015-06-18 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
    2015-06-18 19:54 - 2015-06-18 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
    2015-06-18 19:54 - 2015-06-18 19:54 - 00000000 ____D C:\Program Files\Microsoft SDKs
    2015-06-18 19:51 - 2015-06-18 19:51 - 00003140 _____ C:\Windows\System32\Tasks\{81E052D7-167A-4A86-910B-4637C8259752}
    2015-06-18 19:44 - 2015-06-18 19:44 - 00509264 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\winsdk_web (1).exe
    2015-06-18 19:43 - 2015-06-18 19:43 - 00998056 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\sdksetup.exe
    2015-06-18 18:44 - 2009-02-03 21:42 - 00116232 _____ (WindowsBBS) C:\Users\Gamer\Desktop\debugwiz.exe
    2015-06-18 18:43 - 2015-06-18 18:43 - 00063344 _____ C:\Users\Gamer\Downloads\debugwiz.zip
    2015-06-18 18:41 - 2015-06-18 18:41 - 00509264 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\winsdk_web.exe
    2015-06-18 00:39 - 2015-06-18 00:49 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\The Path
    2015-06-18 00:39 - 2015-06-18 00:39 - 00000000 ____D C:\Users\Gamer\Documents\The Path
    2015-06-18 00:38 - 2015-06-18 00:38 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Gamer\Downloads\flashplayer18_ga_install.exe
    2015-06-18 00:30 - 2015-06-18 00:30 - 00000000 ____D C:\Users\Gamer\AppData\Temp
    2015-06-17 22:30 - 2015-06-17 22:30 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
    2015-06-17 22:30 - 2015-06-17 22:30 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
    2015-06-17 22:29 - 2015-06-17 22:29 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
    2015-06-17 21:59 - 2015-06-17 21:59 - 00478855 _____ C:\ProgramData\1434570965.bdinstall.bin
    2015-06-17 21:59 - 2015-06-17 21:59 - 00000684 ____H C:\bdr-cf01
    2015-06-17 21:58 - 2015-06-17 22:29 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
    2015-06-17 21:58 - 2015-06-17 22:29 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
    2015-06-17 21:58 - 2015-06-17 22:29 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
    2015-06-17 21:58 - 2015-06-17 22:04 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Bitdefender
    2015-06-17 21:58 - 2015-06-17 21:59 - 00253404 ____H C:\bdr-ld01
    2015-06-17 21:58 - 2015-06-17 21:59 - 00009216 ____H C:\bdr-ld01.mbr
    2015-06-17 21:58 - 2015-06-17 21:58 - 00002082 _____ C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
    2015-06-17 21:58 - 2015-06-17 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
    2015-06-17 21:58 - 2014-07-04 17:49 - 49563064 ____H C:\bdr-im01.gz
    2015-06-17 21:58 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
    2015-06-17 21:58 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
    2015-06-17 21:58 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
    2015-06-17 21:56 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
    2015-06-17 21:19 - 2015-06-17 21:19 - 14260928 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\mseinstall (1).exe
    2015-06-17 21:15 - 2015-06-17 21:15 - 00044335 _____ C:\Users\Gamer\Downloads\Regdelnull.zip
    2015-06-17 19:22 - 2015-06-17 19:22 - 00000000 ____D C:\ProgramData\Synaptics
    2015-06-17 19:19 - 2015-06-17 19:19 - 00000756 _____ C:\Users\Public\Desktop\Speccy.lnk
    2015-06-17 19:19 - 2015-06-17 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
    2015-06-17 19:19 - 2015-06-17 19:19 - 00000000 ____D C:\Program Files\Speccy
    2015-06-17 19:18 - 2015-06-17 19:18 - 05127432 _____ (Piriform Ltd) C:\Users\Gamer\Downloads\spsetup128 (1).exe
    2015-06-17 19:09 - 2015-06-17 19:09 - 05127432 _____ (Piriform Ltd) C:\Users\Gamer\Downloads\spsetup128.exe
    2015-06-17 18:40 - 2015-06-17 18:40 - 02262621 _____ C:\Users\Gamer\Downloads\cpu-z_172.zip
    2015-06-17 18:35 - 2015-06-17 18:35 - 00156854 _____ C:\Users\Gamer\Downloads\Motherboard_ID_Tool.zip
    2015-06-17 17:59 - 2015-06-17 17:59 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
    2015-06-17 17:58 - 2015-03-10 18:24 - 04430808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2015-06-17 17:58 - 2015-03-10 18:04 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2015-06-17 17:58 - 2015-03-10 11:00 - 02907864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2015-06-17 17:58 - 2015-03-10 11:00 - 02812632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
    2015-06-17 17:58 - 2015-03-10 11:00 - 02501848 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
    2015-06-17 17:58 - 2015-03-09 17:16 - 01954478 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
    2015-06-17 17:58 - 2015-03-04 17:53 - 01709272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2015-06-17 17:58 - 2015-02-28 01:10 - 05615552 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
    2015-06-17 17:58 - 2015-02-05 17:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
    2015-06-17 17:58 - 2015-02-05 17:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
    2015-06-17 17:58 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
    2015-06-17 17:58 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
    2015-06-17 17:58 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
    2015-06-17 17:58 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
    2015-06-17 17:58 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
    2015-06-17 17:58 - 2015-02-04 00:23 - 00542352 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
    2015-06-17 17:58 - 2015-02-04 00:22 - 00836240 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
    2015-06-17 17:58 - 2015-02-04 00:22 - 00650384 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
    2015-06-17 17:58 - 2015-02-04 00:22 - 00434832 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
    2015-06-17 17:58 - 2015-01-30 10:58 - 02421480 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
    2015-06-17 17:58 - 2015-01-23 18:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
    2015-06-17 17:58 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
    2015-06-17 17:58 - 2015-01-19 09:08 - 12975360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
    2015-06-17 17:58 - 2014-12-24 19:02 - 01298136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2015-06-17 17:58 - 2014-12-15 14:02 - 00306288 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
    2015-06-17 17:58 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
    2015-06-17 17:58 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
    2015-06-17 17:58 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
    2015-06-17 17:58 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
    2015-06-17 17:58 - 2014-12-02 18:42 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2015-06-17 17:58 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2015-06-17 17:58 - 2014-10-24 10:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
    2015-06-17 17:58 - 2014-10-24 10:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
    2015-06-17 17:58 - 2014-10-20 15:49 - 01360640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
    2015-06-17 17:58 - 2014-08-14 19:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
    2015-06-17 17:58 - 2014-07-03 14:44 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
    2015-06-17 17:58 - 2014-07-03 14:44 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
    2015-06-17 17:58 - 2014-06-17 19:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
    2015-06-17 17:58 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
    2015-06-17 17:58 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
    2015-06-17 17:58 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
    2015-06-17 17:58 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
    2015-06-17 17:58 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
    2015-06-17 17:58 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
    2015-06-17 17:58 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
    2015-06-17 17:58 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
    2015-06-17 17:58 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
    2015-06-17 17:58 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
    2015-06-17 17:58 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
    2015-06-17 17:58 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
    2015-06-17 17:58 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
    2015-06-17 17:58 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
    2015-06-17 17:58 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
    2015-06-17 17:58 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
    2015-06-17 17:58 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
    2015-06-17 17:58 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
    2015-06-17 17:58 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
    2015-06-17 17:58 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
    2015-06-17 17:58 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2015-06-17 17:58 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
    2015-06-17 17:58 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
    2015-06-17 17:58 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
    2015-06-17 17:58 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
    2015-06-17 17:58 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
    2015-06-17 17:58 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
    2015-06-17 17:58 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
    2015-06-17 17:58 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
    2015-06-17 17:58 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
    2015-06-17 17:58 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
    2015-06-17 17:58 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
    2015-06-17 17:58 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
    2015-06-17 17:58 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
    2015-06-17 17:58 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
    2015-06-17 17:58 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
    2015-06-17 17:58 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
    2015-06-17 17:58 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
    2015-06-17 17:58 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
    2015-06-17 17:58 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
    2015-06-17 17:58 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
    2015-06-17 17:57 - 2015-03-08 12:22 - 03182104 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2015-06-17 17:57 - 2015-03-02 11:20 - 01558720 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
    2015-06-17 17:57 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
    2015-06-17 17:57 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
    2015-06-17 17:57 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
    2015-06-17 17:57 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
    2015-06-17 17:57 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
    2015-06-17 17:57 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
    2015-06-17 17:57 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
    2015-06-17 17:57 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
    2015-06-17 17:57 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
    2015-06-17 17:57 - 2014-05-22 16:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
    2015-06-17 17:57 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
    2015-06-17 17:57 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
    2015-06-17 17:57 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
    2015-06-17 17:57 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
    2015-06-17 17:57 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
    2015-06-17 17:57 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
    2015-06-17 17:57 - 2011-05-31 09:42 - 00241768 _____ (DTS)
     
    Last edited: 2015/06/19
    marcusdk,
    #1
  2. 2015/06/19
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    FRST LOG PART 2
    C:\Windows\system32\DTSGFXAPONS64.dll
    2015-06-17 17:41 - 2015-06-17 17:41 - 00000000 ____D C:\Users\Gamer\Downloads\Bitdefender Total Security 2015 Build 18.21.0.1497 (x86 & x64) Incl Trial Reset + Keys {B@tman}
    2015-06-17 17:40 - 2015-06-17 17:40 - 00015353 _____ C:\Users\Gamer\Downloads\[happykitty.cf]bitdefender.total.security.2015.build.18.21.0.1497.x86.x64.incl.trial.reset.keys.b.tman.torrent
    2015-06-17 17:38 - 2015-06-17 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 60-Second Virus Scanner
    2015-06-17 17:34 - 2015-06-17 17:34 - 00007927 _____ C:\Users\Gamer\Downloads\[1080p-torrents.casa]dll.files.fixer.3.1.81.2919.multilingual.including.keygen.saw000.ctrg.torrent
    2015-06-17 17:22 - 2015-06-17 17:22 - 02868840 _____ C:\Users\Gamer\Downloads\bitdefender_antivirus.exe
    2015-06-17 17:21 - 2015-06-17 17:21 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\KSafe
    2015-06-17 17:21 - 2015-06-17 17:21 - 00000000 ____D C:\ProgramData\KSafe
    2015-06-17 17:20 - 2015-06-17 17:23 - 00000000 ____D C:\Program Files (x86)\DllTool
    2015-06-17 17:19 - 2015-06-17 17:19 - 08466168 _____ ( ) C:\Users\Gamer\Downloads\DllTool.exe
    2015-06-17 09:36 - 2015-06-17 09:36 - 00031631 _____ C:\Windows\Minidump\061615-32775-01.zip
    2015-06-17 09:00 - 2015-06-17 09:00 - 00023936 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\kbdclass.sys
    2015-06-17 01:51 - 2015-06-17 01:51 - 00219248 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dum.dll
    2015-06-17 01:51 - 2015-06-17 01:51 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2015-06-17 01:50 - 2015-06-17 01:51 - 03223152 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dgl.dll
    2015-06-17 01:48 - 2015-06-17 16:51 - 00063088 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
    2015-06-17 01:48 - 2015-06-17 16:51 - 00053360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLib.dll
    2015-06-17 01:48 - 2015-06-17 16:51 - 00050800 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmhgfs.dll
    2015-06-17 01:48 - 2015-06-17 16:51 - 00034416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLibJava.dll
    2015-06-17 01:48 - 2015-06-17 16:50 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
    2015-06-17 01:48 - 2015-06-17 16:50 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
    2015-06-17 01:48 - 2015-06-17 16:50 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
    2015-06-17 01:48 - 2015-06-17 16:50 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
    2015-06-17 01:48 - 2015-06-17 16:50 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
    2015-06-17 01:47 - 2015-06-17 16:50 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2015-06-17 01:47 - 2015-06-17 16:50 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
    2015-06-17 01:36 - 2015-06-17 01:36 - 00000000 ____D C:\ProgramData\Weskysoft
    2015-06-17 01:33 - 2015-06-17 12:39 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
    2015-06-17 01:32 - 2015-06-17 01:32 - 00021429 _____ C:\Users\Gamer\Downloads\[feelingluckypunk.gq]dll.suite.2013.0.0.2052.with.key.tordigger.torrent
    2015-06-17 01:24 - 2015-06-17 17:24 - 00000000 ____D C:\Program Files (x86)\DLLSuite
    2015-06-17 01:23 - 2015-06-17 01:24 - 16578402 _____ ( ) C:\Users\Gamer\Downloads\DLLSuite_Setup (1).exe
    2015-06-17 01:22 - 2015-06-17 01:22 - 00065956 _____ C:\Users\Gamer\Downloads\DLLSuite_Setup.exe
    2015-06-17 00:44 - 2015-06-17 00:44 - 03894696 _____ (solvusoft Corporation ) C:\Users\Gamer\Downloads\Setup_WinThruster_2015 (1).exe
    2015-06-16 23:36 - 2015-06-16 23:36 - 00000000 _____ C:\Users\Gamer\Desktop\httpwww.solvusoft.comenfilesbsod-blue-screen-errorsyswindowsmicrosoftwindows-small-business-server-2011-essentialskbdclass-sys.txt
    2015-06-16 23:32 - 2015-06-16 23:32 - 00003984 _____ C:\Windows\System32\Tasks\LaunchPreSignup
    2015-06-16 23:28 - 2015-06-16 23:29 - 00000000 ____D C:\Users\Gamer\Downloads\SysTweak Regclean Pro v6.21.65.99 + Lifetime Key [S0ft4PC]
    2015-06-16 23:18 - 2015-06-16 23:20 - 08790379 _____ C:\Users\Gamer\Downloads\WinThruster 1.79.69.2469 pl-FULL-32 bit.rar
    2015-06-16 23:18 - 2015-06-16 23:18 - 00011292 _____ C:\Users\Gamer\Downloads\BBA98363D4580F394F9C9595E53A1F6AEA10DC41.torrent
    2015-06-16 22:54 - 2015-06-16 23:16 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Solvusoft
    2015-06-16 22:53 - 2015-06-16 22:53 - 03894696 _____ (solvusoft Corporation ) C:\Users\Gamer\Downloads\Setup_WinThruster_2015.exe
    2015-06-16 22:14 - 2015-06-16 22:14 - 00041472 _____ C:\Users\Gamer\Downloads\launcher64.dll
    2015-06-16 22:13 - 2015-06-16 22:13 - 00674944 _____ (Copyright © 2010 eSupport.com. All Rights Reserved.) C:\Users\Gamer\Downloads\biosagentplus_822.exe
    2015-06-16 21:50 - 2015-06-16 21:51 - 11522399 _____ C:\Users\Gamer\Downloads\AMIBIOS_and_Aptio_AMI_Firmware_Update_Utility.zip
    2015-06-16 21:10 - 2015-06-16 21:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_LHidFilt_01005.Wdf
    2015-06-16 20:57 - 2015-06-16 20:57 - 00000000 ____D C:\Users\test\AppData\Roaming\ProductData
    2015-06-16 20:56 - 2015-06-16 20:57 - 00000000 ____D C:\Users\test\AppData\Roaming\IObit
    2015-06-16 20:30 - 2015-06-16 20:30 - 00000000 ____D C:\Windows\SysWOW64\%LOCALAPPDATA%
    2015-06-16 20:18 - 2008-02-29 11:15 - 01920016 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01005.dll
    2015-06-16 20:18 - 2008-02-29 11:14 - 00054800 _____ (Logicool, Inc.) C:\Windows\system32\Drivers\SET955B.tmp
    2015-06-16 20:18 - 2008-02-29 11:14 - 00054800 _____ (Logicool, Inc.) C:\Windows\system32\Drivers\LHidFilt.Sys
    2015-06-16 20:13 - 2015-06-16 20:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
    2015-06-16 20:12 - 2015-06-17 19:22 - 00000000 ____D C:\drivertemp
    2015-06-16 19:50 - 2014-07-16 18:20 - 10505088 _____ (Systweak Inc) C:\Users\Gamer\Desktop\adu.exe.BAK
    2015-06-16 19:46 - 2015-06-16 19:47 - 00000000 ____D C:\Users\Gamer\Downloads\SysTweak Advanced Driver Updater 2.1.1086.16076 - [SAW000]{CTRG}
    2015-06-16 19:42 - 2015-06-16 19:43 - 00000000 ____D C:\Users\Gamer\Downloads\Advanced Driver Updater 2.1.1086.16076
    2015-06-16 18:17 - 2015-06-16 18:17 - 01279488 _____ C:\Users\Gamer\Downloads\MicrosoftFixit50356.msi
    2015-06-16 18:07 - 2015-06-16 18:07 - 00000000 ____D C:\ProgramData\PC Drivers HeadQuarters
    2015-06-16 18:06 - 2015-06-16 18:06 - 00011348 _____ C:\Users\Gamer\Downloads\SafeMSI.zip
    2015-06-16 17:43 - 2015-06-18 23:00 - 00000951 _____ C:\Users\Gamer\Desktop\BlueScreenView.cfg
    2015-06-16 17:34 - 2015-01-29 11:11 - 00061024 _____ (NirSoft) C:\Users\Gamer\Desktop\BlueScreenView.exe
    2015-06-16 17:33 - 2015-06-16 17:33 - 00067310 _____ C:\Users\Gamer\Downloads\bluescreenview.zip
    2015-06-16 17:29 - 2015-06-16 17:29 - 00162864 _____ C:\Users\Gamer\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-06-16 17:25 - 2015-06-20 00:41 - 00524012 _____ C:\Windows\WindowsUpdate.log
    2015-06-16 17:14 - 2015-06-16 17:24 - 05108064 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-06-16 17:13 - 2015-06-16 17:13 - 93827072 _____ C:\Windows\system32\config\software.iodefrag.bak
    2015-06-16 17:13 - 2015-06-16 17:13 - 02273280 _____ C:\Windows\system32\config\default.iodefrag.bak
    2015-06-16 17:13 - 2015-06-16 17:13 - 00106496 _____ C:\Windows\system32\config\sam.iodefrag.bak
    2015-06-16 17:13 - 2015-06-16 17:13 - 00028672 _____ C:\Windows\system32\config\security.iodefrag.bak
    2015-06-16 15:02 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
    2015-06-16 13:35 - 2015-06-16 13:35 - 00000872 _____ C:\Users\Gamer\Downloads\TakeOwnership (1).zip
    2015-06-16 13:08 - 2015-06-16 13:28 - 180816805 _____ C:\Users\Gamer\Downloads\kav15.0.2.361en.rar
    2015-06-16 13:04 - 2015-06-16 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
    2015-06-16 13:03 - 2015-06-16 17:18 - 00000000 ____D C:\ProgramData\Kaspersky Lab
    2015-06-16 13:03 - 2015-06-16 13:03 - 00000000 ____D C:\Windows\ELAMBKUP
    2015-06-16 13:03 - 2015-06-16 13:03 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
    2015-06-16 13:03 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
    2015-06-16 13:02 - 2015-05-18 22:16 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
    2015-06-16 13:02 - 2014-11-28 18:19 - 00151240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
    2015-06-16 13:02 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
    2015-06-16 12:37 - 2015-06-16 12:37 - 00056029 _____ C:\Users\Gamer\Downloads\[2012-torrents.com]kaspersky.anti.virus.v15.0.2.361.0.6078.2015.final.resetter.patch.appzdam.torrent
    2015-06-16 12:30 - 2015-06-16 12:30 - 00108896 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
    2015-06-16 12:30 - 2015-06-16 12:30 - 00000000 ____D C:\ProgramData\WRData
    2015-06-16 10:38 - 2015-06-16 11:33 - 00000000 ____D C:\Program Files (x86)\b7309916-17af-47b1-b9c9-3299948276a3
    2015-06-16 10:31 - 2015-06-16 10:31 - 00000000 _____ C:\Windows\SysWOW64\Number of results
    2015-06-16 00:04 - 2015-06-16 00:04 - 00002646 _____ C:\Users\Public\Desktop\POSTAL 2 - Paradise Lost.lnk
    2015-06-16 00:04 - 2015-06-16 00:04 - 00002424 _____ C:\Users\Public\Desktop\POSTAL 2.lnk
    2015-06-16 00:04 - 2015-06-16 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Running With Scissors
    2015-06-15 23:51 - 2015-06-15 23:51 - 00000000 ____D C:\Program Files (x86)\Running With Scissors
    2015-06-15 20:48 - 2015-06-15 20:48 - 00000000 ____D C:\Windows\SysWOW64\Flash
    2015-06-15 20:00 - 2015-06-15 20:00 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-06-15 20:00 - 2015-06-15 20:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-06-15 20:00 - 2015-06-15 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-06-15 20:00 - 2015-06-15 20:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-06-15 20:00 - 2015-06-15 20:00 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-06-15 19:51 - 2015-06-17 17:18 - 00000000 ____D C:\ProgramData\1a8aa4000029ea
    2015-06-15 19:38 - 2015-06-17 22:47 - 00000000 ____D C:\ProgramData\AokHau
    2015-06-15 19:38 - 2015-06-17 21:51 - 00004784 _____ C:\Windows\SysWOW64\Pelithmy.ini
    2015-06-15 19:38 - 2015-06-17 21:51 - 00002456 _____ C:\Windows\SysWOW64\PelithmyOff.ini
    2015-06-15 19:38 - 2015-06-17 21:51 - 00002456 _____ C:\Windows\system32\PelithmyOff.ini
    2015-06-15 19:38 - 2015-06-15 18:21 - 00359424 _____ C:\Windows\system32\Pelithmy64.dll
    2015-06-15 19:38 - 2015-06-15 18:21 - 00286720 _____ C:\Windows\SysWOW64\Pelithmy.dll
    2015-06-15 19:37 - 2015-06-20 00:44 - 00003138 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.job
    2015-06-15 19:37 - 2015-06-20 00:44 - 00002446 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user.job
    2015-06-15 19:37 - 2015-06-20 00:44 - 00002446 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.job
    2015-06-15 19:37 - 2015-06-20 00:43 - 00004494 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.job
    2015-06-15 19:37 - 2015-06-20 00:43 - 00003474 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.job
    2015-06-15 19:37 - 2015-06-20 00:43 - 00001026 _____ C:\Windows\Tasks\07JSYnshqotnEVD50qMfusWMbKC.job
    2015-06-15 19:37 - 2015-06-20 00:43 - 00001012 _____ C:\Windows\Tasks\uPZFL8T7j8fNaGrJwzJK.job
    2015-06-15 19:37 - 2015-06-17 17:18 - 00000000 ____D C:\Users\Gamer\AppData\Local\1E0063E0-1434397058-3F00-2DC1-BCAEC574BA7C
    2015-06-15 19:37 - 2015-06-15 19:37 - 00007524 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4
    2015-06-15 19:37 - 2015-06-15 19:37 - 00006504 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7
    2015-06-15 19:37 - 2015-06-15 19:37 - 00006166 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6
    2015-06-15 19:37 - 2015-06-15 19:37 - 00005476 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5
    2015-06-15 19:36 - 2015-06-20 00:44 - 00005184 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.job
    2015-06-15 19:36 - 2015-06-20 00:44 - 00005182 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.job
    2015-06-15 19:36 - 2015-06-20 00:43 - 00005518 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.job
    2015-06-15 19:36 - 2015-06-15 19:37 - 00008546 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6
    2015-06-15 19:36 - 2015-06-15 19:37 - 00000000 ____D C:\Program Files (x86)\42121896-6ed0-459b-8568-e8f38f5494c2
    2015-06-15 19:36 - 2015-06-15 19:36 - 00008214 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11
    2015-06-15 19:36 - 2015-06-15 19:36 - 00008212 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7
    2015-06-15 19:35 - 2015-06-20 00:43 - 00004494 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.job
    2015-06-15 19:35 - 2015-06-20 00:43 - 00002112 _____ C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-10_user.job
    2015-06-15 19:35 - 2015-06-15 19:37 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV15.06
    2015-06-15 19:35 - 2015-06-15 19:36 - 00000000 ____D C:\Users\Gamer\AppData\Local\1E0063E0-1434396922-3F00-2DC1-BCAEC574BA7C
    2015-06-15 19:35 - 2015-06-15 19:35 - 00007524 _____ C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3
    2015-06-15 19:34 - 2015-06-16 13:39 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\1E0063E0-1434389671-3F00-2DC1-BCAEC574BA7C
    2015-06-15 19:34 - 2015-06-15 19:34 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\VOPackage
    2015-06-15 19:34 - 2015-06-15 19:34 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
    2015-06-15 19:33 - 2015-06-16 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
    2015-06-15 19:32 - 2015-06-18 19:32 - 00000340 _____ C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job
    2015-06-15 19:32 - 2015-06-16 13:32 - 00000000 ____D C:\ProgramData\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}
    2015-06-15 19:32 - 2015-06-15 19:32 - 00003252 _____ C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32]
    2015-06-15 19:30 - 2015-06-20 00:43 - 00000328 _____ C:\Windows\Tasks\Chromium.job
    2015-06-15 19:29 - 2015-06-15 19:29 - 00000000 ____D C:\Users\Gamer\AppData\Local\Chromium
    2015-06-15 19:28 - 2015-06-15 19:28 - 00000772 _____ C:\Users\Public\Desktop\PowerISO.lnk
    2015-06-15 19:28 - 2015-06-15 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
    2015-06-15 16:23 - 2015-06-15 16:47 - 639400288 _____ C:\Users\Gamer\Downloads\AVPC_1420.zip
    2015-06-15 16:14 - 2015-06-15 16:14 - 00020956 _____ C:\Users\Gamer\Downloads\[buttscratcheeer.ml]postal.2.paradise.lost.skidrow.torrent
    2015-06-14 16:20 - 2015-06-14 16:20 - 00000000 _____ C:\Users\Gamer\Desktop\GRAB25-PERCNT-OFFNOW.txt
    2015-06-14 11:56 - 2015-06-14 11:56 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
    2015-06-14 11:56 - 2015-06-14 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
    2015-06-14 11:55 - 2015-06-14 11:55 - 00000000 ____D C:\Program Files (x86)\TechSmith
    2015-06-13 13:07 - 2015-06-13 13:07 - 05315691 _____ C:\Users\Gamer\Downloads\Pokemon - Fire Red Version (U) (3).zip
    2015-06-13 13:03 - 2015-06-13 13:04 - 02391927 _____ C:\Users\Gamer\Downloads\Easter Revolution.zip
    2015-06-12 16:59 - 2015-06-12 17:01 - 58713703 _____ C:\Users\Gamer\Downloads\Patch_0.4.exe
    2015-06-12 16:33 - 2015-06-12 16:49 - 2099673157 _____ C:\Users\Gamer\Downloads\Divide_and_Conquer_Patch_0.3 (1).exe
    2015-06-12 16:09 - 2015-06-12 16:09 - 00001834 _____ C:\Users\Gamer\Desktop\Third Age - Total War.lnk
    2015-06-12 15:38 - 2015-06-12 15:44 - 513590490 _____ C:\Users\Gamer\Downloads\Divide_and_Conquer_Patch_2 (1).exe
    2015-06-12 15:22 - 2015-06-12 15:22 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 2of2)
    2015-06-12 15:20 - 2015-06-12 15:26 - 513590490 _____ C:\Users\Gamer\Downloads\Ikke bekræftet 607799.crdownload
    2015-06-12 14:57 - 2015-06-12 14:57 - 00000000 ____D C:\Program Files (x86)\SEGA
    2015-06-12 14:36 - 2015-06-12 14:36 - 03748392 _____ C:\Users\Gamer\Downloads\Ultra Gore - Dismemberment Mod 0.3-61-0-3 (1).zip
    2015-06-12 13:56 - 2015-06-12 15:15 - 1956587322 _____ C:\Users\Gamer\Downloads\Divide_and_Conquer_Full_Public_Beta (1).exe
    2015-06-12 13:29 - 2015-06-12 16:26 - 00000000 ____D C:\Users\Gamer\Downloads\Third Age Total War 3.1
    2015-06-12 11:59 - 2015-06-12 11:59 - 01711741 _____ (System SoftLab ) C:\Users\Gamer\Downloads\artmoney743eng (1).exe
    2015-06-12 11:59 - 2015-06-12 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE
    2015-06-12 11:03 - 2015-06-12 11:03 - 03102717 _____ C:\Users\Gamer\Downloads\Disable intro and storybook videos-66-2-1.7z
    2015-06-12 10:54 - 2015-06-12 10:54 - 00262188 _____ C:\Users\Gamer\Downloads\#arrow.tga
    2015-06-11 19:58 - 2015-06-11 19:58 - 00046167 _____ C:\Users\Gamer\Downloads\dazed-and-confused_english-525087 (1).zip
    2015-06-11 19:57 - 2015-06-11 19:57 - 00055232 _____ C:\Users\Gamer\Downloads\dazed-and-confused_english-258799 (1).zip
    2015-06-11 19:57 - 2015-06-11 19:57 - 00046423 _____ C:\Users\Gamer\Downloads\dazed-and-confused_english-258798.zip
    2015-06-11 19:56 - 2015-06-11 19:57 - 00046079 _____ C:\Users\Gamer\Downloads\dazed-and-confused_english-488074.zip
    2015-06-11 19:56 - 2015-06-11 19:56 - 00058110 _____ C:\Users\Gamer\Downloads\dazed-and-confused_HI_english-137827 (1).zip
    2015-06-11 19:56 - 2015-06-11 19:56 - 00051360 _____ C:\Users\Gamer\Downloads\dazed-and-confused_english-137826.zip
    2015-06-11 19:55 - 2015-06-11 19:55 - 00038595 _____ C:\Users\Gamer\Downloads\dazed-and-confused_english-216908 (1).zip
    2015-06-11 19:53 - 2015-06-11 19:53 - 00046022 _____ C:\Users\Gamer\Downloads\dazed-and-confused_HI_english-810295 (1).zip
    2015-06-11 19:42 - 2015-06-11 19:42 - 00031494 _____ C:\Users\Gamer\Downloads\dazed-and-confused_danish-406828 (1).zip
    2015-06-11 17:31 - 2015-06-11 17:32 - 00000027 _____ C:\Users\Gamer\Desktop\viaplay og hbo.txt
    2015-06-11 08:01 - 2015-06-11 08:01 - 00233472 _____ (SafeApp Software, LLC) C:\Windows\SysWOW64\SafeAppLM.ocx
    2015-06-10 11:59 - 2015-06-10 11:59 - 00034973 _____ C:\Users\Gamer\Downloads\hobbiton_brush_hand.zip
    2015-06-10 11:50 - 2015-06-10 11:50 - 00092555 _____ C:\Users\Gamer\Downloads\bilbo_hand.zip
    2015-06-10 10:58 - 2015-06-10 10:58 - 48197632 _____ C:\Windows\system32\config\components.iobit
    2015-06-10 10:42 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-06-10 10:42 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-06-10 10:42 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-06-10 10:42 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-06-10 10:42 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-06-10 10:42 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-06-10 10:42 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-06-10 10:42 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-06-10 10:42 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-06-10 10:42 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-06-10 10:42 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-06-10 10:42 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-06-10 10:42 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-06-10 10:42 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-06-10 10:42 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-06-10 10:42 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-06-10 10:42 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-06-10 10:42 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-06-10 10:42 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-06-10 10:42 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
    2015-06-10 10:42 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-06-10 10:42 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
    2015-06-10 10:42 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
    2015-06-10 10:42 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-06-10 10:42 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
    2015-06-10 10:42 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-06-10 10:42 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-06-10 10:42 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-06-10 10:42 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-06-10 10:42 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-06-10 10:42 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-06-10 10:42 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-06-10 10:42 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-06-10 10:42 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-06-10 10:42 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-06-10 10:42 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-06-10 10:42 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-06-10 10:42 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-06-10 10:42 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-06-10 10:42 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-06-10 10:42 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-06-10 10:42 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-06-10 10:42 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-06-10 10:42 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-06-10 10:42 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-06-10 10:42 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-06-10 10:42 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-06-10 10:42 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-06-10 10:42 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-06-10 10:42 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-06-10 10:42 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-06-10 10:42 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-06-10 10:42 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-06-10 10:42 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-06-10 10:42 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-06-10 10:42 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-06-10 10:42 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-06-10 10:42 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-06-10 10:42 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-06-10 10:42 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-06-10 10:42 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-06-10 10:42 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-06-10 10:42 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-06-10 10:42 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-06-10 10:42 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-06-10 10:42 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-06-10 10:42 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-06-10 10:42 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-06-10 10:42 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-06-10 10:42 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-06-10 10:42 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-06-10 10:42 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-06-10 10:42 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-06-10 10:42 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-06-10 10:42 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-06-10 10:42 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-06-10 10:42 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-06-10 10:42 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-06-10 10:42 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-06-10 10:42 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-06-10 10:42 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-06-10 10:42 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-06-10 10:42 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-06-10 10:42 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-06-10 10:42 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-06-10 10:42 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2015-06-10 10:42 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2015-06-10 10:42 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2015-06-10 10:42 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2015-06-10 10:42 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2015-06-10 10:42 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2015-06-10 10:42 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2015-06-10 10:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2015-06-10 10:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2015-06-10 10:42 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2015-06-10 10:42 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2015-06-10 10:42 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2015-06-10 10:42 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
    2015-06-10 10:41 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-06-10 10:41 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-06-10 10:41 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-06-10 10:41 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-06-10 10:41 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-06-10 10:41 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-06-10 10:41 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-06-10 10:41 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-06-10 10:41 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-06-10 10:41 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-06-10 10:41 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-06-10 10:41 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-06-10 10:41 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-06-10 10:41 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-06-10 10:41 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-06-09 16:41 - 2015-06-09 16:41 - 01533584 _____ C:\Users\Gamer\Downloads\battlelog-web-plugins_2.6.2_157(1).exe
    2015-06-06 19:53 - 2015-06-06 19:53 - 00001015 _____ C:\Users\Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zona.lnk
    2015-06-06 19:53 - 2015-06-06 19:53 - 00000985 _____ C:\Users\Gamer\Desktop\Zona.lnk
    2015-06-05 22:31 - 2015-06-05 22:56 - 300223347 _____ C:\Users\Gamer\Downloads\nazi_zombie_sdtoten2.1.exe
    2015-06-05 21:20 - 2015-06-05 21:20 - 23725591 _____ C:\Users\Gamer\Downloads\1.000 Times Better v2.3- Full Package-58-2-3 (1).rar
    2015-06-05 21:18 - 2015-06-05 21:18 - 02931888 _____ C:\Users\Gamer\Downloads\Over 9000 - Weight limit mod v1.04-3-1-04 (1).7z
    2015-06-05 11:45 - 2015-06-12 14:37 - 00000000 ____D C:\Users\Gamer\Desktop\witcher 3 saves
    2015-06-05 11:35 - 2015-06-05 11:35 - 07194312 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\vcredist_x64.exe
    2015-06-05 11:35 - 2015-06-05 11:35 - 06503984 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\vcredist_x86.exe
    2015-06-05 11:35 - 2015-06-05 11:35 - 01420840 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\vcredist_arm.exe
    2015-06-05 11:31 - 2015-06-05 11:31 - 11840839 _____ C:\Users\Gamer\Downloads\Windows6.1-KB2670838-x64.msu
    2015-06-05 11:31 - 2015-06-05 11:31 - 05911327 _____ C:\Users\Gamer\Downloads\Windows6.1-KB2670838-x86.msu
    2015-06-05 11:20 - 2015-06-05 11:21 - 23725591 _____ C:\Users\Gamer\Downloads\1.000 Times Better v2.3- Full Package-58-2-3.rar
     
    marcusdk,
    #2


  3. to hide this advert.

  4. 2015/06/19
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    FRST LOG PART 3
    2015-06-05 11:11 - 2015-06-05 11:11 - 05956126 _____ C:\Users\Gamer\Downloads\AMD-1036-104-1-0.rar
    2015-06-04 21:47 - 2015-06-04 21:47 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
    2015-06-03 17:45 - 2015-06-03 17:45 - 02931888 _____ C:\Users\Gamer\Downloads\Over 9000 - Weight limit mod v1.04-3-1-04.7z
    2015-06-03 17:03 - 2015-06-03 17:03 - 00152756 _____ C:\Users\Gamer\Downloads\witcher3weight_v0.4.zip-8-v0-4 (1).zip
    2015-06-03 15:35 - 2015-06-05 11:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-06-01 19:16 - 2015-06-01 19:16 - 00007448 _____ C:\Users\Gamer\Downloads\v7 - Colors Change Only Add-On-23-1.zip
    2015-06-01 19:15 - 2015-06-01 19:15 - 38827969 _____ C:\Users\Gamer\Downloads\E3FX V7-23-7.zip
    2015-06-01 19:13 - 2015-06-01 19:13 - 01085907 _____ C:\Users\Gamer\Downloads\-Fantasy- Graphics v1.3-35-v1-3 (1).rar
    2015-05-31 23:07 - 2015-05-31 23:07 - 00001738 _____ C:\Windows\SysWOW64\EmailAVConfig.xml
    2015-05-31 18:11 - 2015-05-31 18:11 - 00152756 _____ C:\Users\Gamer\Downloads\witcher3weight_v0.4.zip-8-v0-4.zip
    2015-05-31 11:02 - 2015-05-31 11:02 - 01085907 _____ C:\Users\Gamer\Downloads\-Fantasy- Graphics v1.3-35-v1-3.rar
    2015-05-31 10:52 - 2015-05-31 10:52 - 03111396 _____ C:\Users\Gamer\Downloads\KNG_Extreme_Weather_Conditions_Mod_v0.04-29-0-04.rar
    2015-05-30 21:34 - 2015-05-30 21:34 - 03748392 _____ C:\Users\Gamer\Downloads\Ultra Gore - Dismemberment Mod 0.3-61-0-3.zip
    2015-05-30 01:22 - 2015-05-30 01:22 - 00000000 _____ C:\Users\Gamer\Desktop\51.txt
    2015-05-30 00:03 - 2015-05-30 00:03 - 00025264 _____ C:\Users\Gamer\Downloads\the-ninth-gate_danish-248120.rar
    2015-05-29 23:32 - 2015-05-29 23:32 - 00016001 _____ C:\Users\Gamer\Downloads\The Ninth Gate (1999) [720p] YIFY - YTS.torrent
    2015-05-29 23:07 - 2015-06-11 19:42 - 00000000 ____D C:\Users\Gamer\Downloads\The Ninth Gate (1999)
    2015-05-29 23:00 - 2015-06-11 19:35 - 00000000 ____D C:\Windows\hsperfdata_Gamer
    2015-05-29 22:59 - 2015-06-06 19:52 - 00000000 ____D C:\Program Files (x86)\Zona
    2015-05-29 22:57 - 2015-05-29 22:57 - 30525160 _____ (Destiny Media) C:\Users\Gamer\Downloads\ZonaSetup_latest.exe
    2015-05-29 15:05 - 2015-06-19 21:20 - 00000000 ____D C:\Users\Gamer\Desktop\programmer
    2015-05-29 14:57 - 2015-06-14 11:56 - 00001181 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-05-29 14:57 - 2015-05-29 14:57 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-05-29 14:56 - 2015-05-29 14:57 - 00243464 _____ C:\Users\Gamer\Downloads\Firefox Setup Stub 38.0.1.exe
    2015-05-29 14:45 - 2015-05-29 14:45 - 89260032 _____ C:\Windows\system32\config\software.iobit
    2015-05-29 14:45 - 2015-05-29 14:45 - 02273280 _____ C:\Windows\system32\config\default.iobit
    2015-05-29 14:45 - 2015-05-29 14:45 - 00106496 _____ C:\Windows\system32\config\sam.iobit
    2015-05-29 14:45 - 2015-05-29 14:45 - 00028672 _____ C:\Windows\system32\config\security.iobit
    2015-05-29 14:45 - 2015-05-29 14:45 - 00003146 _____ C:\Windows\System32\Tasks\{C3F46888-6354-4767-8668-EBEA1963F5A4}
    2015-05-29 14:39 - 2015-05-29 18:09 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\ProductData
    2015-05-29 14:39 - 2015-05-29 14:39 - 00003184 _____ C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
    2015-05-29 14:39 - 2015-05-29 14:39 - 00002872 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_Gamer
    2015-05-29 14:39 - 2015-05-29 14:39 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
    2015-05-29 14:38 - 2015-06-20 00:32 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Gamer
    2015-05-29 14:38 - 2015-06-19 21:11 - 00000000 ____D C:\ProgramData\ProductData
    2015-05-29 14:38 - 2015-05-29 19:35 - 00000000 ____D C:\ProgramData\IObit
    2015-05-29 14:38 - 2015-05-29 14:39 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\IObit
    2015-05-29 14:38 - 2015-05-29 14:38 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
    2015-05-29 14:38 - 2015-05-29 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
    2015-05-29 14:38 - 2015-05-29 14:38 - 00000000 ____D C:\Program Files (x86)\IObit
    2015-05-27 15:20 - 2015-05-27 15:20 - 00013540 _____ C:\Users\Gamer\Desktop\itunes - Genvej.lnk
    2015-05-25 22:17 - 2015-05-25 22:17 - 00127787 _____ C:\Users\Gamer\Downloads\coolvetica.zip
    2015-05-25 20:25 - 2015-05-25 20:25 - 747596686 _____ C:\Users\Gamer\Downloads\CSS_Content_Addon-Jan2015.zip
    2015-05-25 19:57 - 2015-05-25 19:57 - 02787328 _____ C:\Users\Gamer\Downloads\b6eeaa8cddd2acc7508b9866aab145a2343ff9a2.zip
    2015-05-25 15:11 - 2015-05-25 15:21 - 45679276 _____ C:\Users\Gamer\Downloads\xpa-pssu.rar
    2015-05-25 15:01 - 2015-05-25 15:02 - 01163024 _____ C:\Users\Gamer\Downloads\Pokemon Silver Blue.zip
    2015-05-25 15:00 - 2015-05-25 15:00 - 01868290 _____ C:\Users\Gamer\Downloads\desmume-0.9.11-win64.zip
    2015-05-24 15:07 - 2015-05-24 15:07 - 01956864 _____ C:\Users\Gamer\Downloads\Pokemon Volcano.zip.exe
    2015-05-24 12:52 - 2015-05-24 12:52 - 16777216 _____ C:\Users\Gamer\Downloads\Pokemon X and Y(2).GBA
    2015-05-24 12:20 - 2015-05-24 12:21 - 00032911 _____ C:\Users\Gamer\Downloads\bignoodle_titling.zip
    2015-05-23 15:49 - 2015-05-23 15:49 - 00000000 ____D C:\ProgramData\EA Core
    2015-05-23 15:48 - 2015-05-23 16:49 - 00000000 ____D C:\Users\Gamer\Documents\Battlefield 3
    2015-05-23 14:09 - 2015-05-23 14:09 - 08969036 _____ C:\Users\Gamer\Downloads\Pokemon Platinum Red - Alpha v1.2.1.ups
    2015-05-23 14:05 - 2015-05-23 14:05 - 05315691 _____ C:\Users\Gamer\Downloads\Pokemon - Fire Red Version (U) (2).zip
    2015-05-23 14:04 - 2015-05-23 14:04 - 18856199 _____ C:\Users\Gamer\Downloads\Pokemon Platinum Red - Beta v1.0.ups
    2015-05-23 11:05 - 2015-05-23 11:05 - 00023136 _____ C:\Users\Gamer\Downloads\counter_strike.zip
    2015-05-22 18:51 - 2015-05-23 00:59 - 00000000 ____D C:\11498d677fb287d930e0
    2015-05-22 18:49 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-22 18:49 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2015-05-22 18:48 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-22 18:48 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-22 18:48 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-22 18:48 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-22 18:48 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2015-05-22 18:48 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2015-05-22 18:48 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-20 00:45 - 2014-04-19 21:25 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-06-20 00:44 - 2014-04-19 21:25 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-06-20 00:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-06-20 00:41 - 2014-07-02 15:49 - 00065536 _____ C:\Windows\system32\spu_storage.bin
    2015-06-20 00:41 - 2009-07-14 06:45 - 00031728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-06-20 00:41 - 2009-07-14 06:45 - 00031728 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-06-19 23:01 - 2014-08-13 14:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-06-19 21:34 - 2014-07-02 23:54 - 00000600 _____ C:\Users\Gamer\PUTTY.RND
    2015-06-19 14:04 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-06-19 13:50 - 2014-10-01 13:44 - 00000000 ____D C:\Users\Gamer\AppData\Local\Adobe
    2015-06-18 23:50 - 2014-07-02 21:31 - 00000000 ____D C:\Program Files (x86)\Steam
    2015-06-18 23:15 - 2015-05-02 18:29 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-06-18 22:23 - 2014-04-19 21:43 - 00000000 ____D C:\Windows\Minidump
    2015-06-18 20:50 - 2015-04-14 19:40 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Raptr
    2015-06-18 19:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2015-06-18 19:44 - 2014-04-16 16:55 - 00000000 ____D C:\ProgramData\Package Cache
    2015-06-18 00:58 - 2014-07-02 21:25 - 00000000 ____D C:\ProgramData\Origin
    2015-06-17 22:53 - 2014-10-01 15:54 - 00000000 ____D C:\Users\Gamer\Documents\Camtasia Studio
    2015-06-17 22:29 - 2014-10-21 21:39 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
    2015-06-17 22:14 - 2014-10-08 18:10 - 00000000 ____D C:\Medieval 2 total war
    2015-06-17 22:14 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Offline Web Pages
    2015-06-17 22:10 - 2014-10-21 18:55 - 00000000 ____D C:\ProgramData\BDLogging
    2015-06-17 21:59 - 2014-10-21 18:53 - 00000000 ____D C:\ProgramData\Bitdefender
    2015-06-17 21:58 - 2014-10-21 18:53 - 00000000 ____D C:\Program Files\Bitdefender
    2015-06-17 21:56 - 2014-10-21 18:51 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
    2015-06-17 18:47 - 2014-07-02 23:51 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\uTorrent
    2015-06-17 18:01 - 2014-04-19 21:44 - 00000000 ___HD C:\Program Files (x86)\Temp
    2015-06-17 17:20 - 2015-04-15 15:01 - 00000000 ____D C:\Users\test\AppData\Local\CrashDumps
    2015-06-17 17:20 - 2015-04-14 16:34 - 00000000 ____D C:\Users\gta\AppData\Local\CrashDumps
    2015-06-17 17:19 - 2015-04-15 15:19 - 00000000 ____D C:\Users\test\AppData\Roaming\Raptr
    2015-06-17 17:19 - 2015-02-14 16:22 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\deluge
    2015-06-17 17:19 - 2015-01-15 02:06 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Zona
    2015-06-17 17:19 - 2014-12-24 02:59 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\GameTracker
    2015-06-17 17:19 - 2014-10-01 21:54 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Roxio
    2015-06-17 17:19 - 2014-10-01 21:50 - 00000000 ____D C:\ProgramData\Roxio
    2015-06-17 17:19 - 2014-10-01 15:20 - 00000000 ____D C:\ProgramData\install_clap
    2015-06-17 17:19 - 2014-10-01 14:43 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Sony
    2015-06-17 17:19 - 2014-08-03 21:18 - 00000000 ____D C:\Users\Gamer\Documents\My CamStudio Temp Files
    2015-06-17 17:19 - 2014-07-13 16:51 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Guild Wars 2
    2015-06-17 17:19 - 2014-04-19 22:01 - 00000000 ____D C:\ProgramData\migrateos
    2015-06-17 17:19 - 2014-04-19 22:01 - 00000000 ____D C:\ProgramData\launcher
    2015-06-17 17:19 - 2014-04-19 22:01 - 00000000 ____D C:\ProgramData\explauncher
    2015-06-17 17:19 - 2014-04-16 04:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2015-06-17 17:19 - 2014-04-16 04:00 - 00000000 ____D C:\Users\Gamer
    2015-06-17 17:19 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
    2015-06-17 11:47 - 2015-05-14 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
    2015-06-16 22:26 - 2015-05-19 10:08 - 00000000 ____D C:\Users\Gamer\Documents\The Witcher 3
    2015-06-16 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
    2015-06-16 21:07 - 2015-04-15 14:50 - 00162864 _____ C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-06-16 21:02 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-06-16 20:13 - 2014-04-16 04:35 - 00000000 ____D C:\Program Files (x86)\Intel
    2015-06-16 17:13 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
    2015-06-16 15:03 - 2014-10-04 15:58 - 00000000 ____D C:\Users\Gamer\AppData\Local\CrashDumps
    2015-06-16 13:03 - 2014-08-02 15:31 - 00000000 ____D C:\Users\HomeGroupUser$
    2015-06-16 13:03 - 2014-08-02 15:31 - 00000000 ____D C:\Users\Guest
    2015-06-16 13:03 - 2014-08-02 15:31 - 00000000 ____D C:\Users\ASPNET
    2015-06-16 13:03 - 2014-08-02 15:31 - 00000000 ____D C:\Users\Administrator
    2015-06-16 11:33 - 2015-04-13 20:42 - 00000000 ____D C:\Program Files (x86)\Activision
    2015-06-16 10:07 - 2014-07-02 21:42 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2015-06-16 10:04 - 2015-02-27 21:35 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
    2015-06-16 10:04 - 2014-07-02 22:32 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
    2015-06-15 23:27 - 2014-10-05 16:17 - 00000000 ____D C:\Log
    2015-06-15 23:23 - 2014-07-04 22:24 - 00000000 ___HD C:\Windows\msdownld.tmp
    2015-06-15 23:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2015-06-15 19:37 - 2014-08-02 15:31 - 00000000 ____D C:\Program Files (x86)\Adblocker
    2015-06-15 07:25 - 2014-10-18 21:26 - 00000000 ____D C:\Users\Gamer\Documents\YouCam
    2015-06-14 11:56 - 2014-11-05 17:47 - 00001145 _____ C:\Users\Public\Desktop\Opera.lnk
    2015-06-14 11:56 - 2014-10-02 18:18 - 00000000 ____D C:\ProgramData\TechSmith
    2015-06-14 11:56 - 2014-04-19 21:25 - 00002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-06-13 21:28 - 2014-07-19 17:36 - 00000000 ____D C:\Users\Gamer\Documents\My Games
    2015-06-12 23:10 - 2014-04-16 15:29 - 00518402 _____ C:\Windows\system32\perfh006.dat
    2015-06-12 23:10 - 2014-04-16 15:29 - 00103944 _____ C:\Windows\system32\perfc006.dat
    2015-06-12 23:10 - 2009-07-14 07:13 - 01408358 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-06-11 21:40 - 2014-07-04 16:11 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\vlc
    2015-06-11 19:40 - 2014-12-02 00:56 - 00000000 __SHD C:\Users\Gamer\AppData\Local\EmieBrowserModeList
    2015-06-11 19:40 - 2014-04-16 17:00 - 00000000 __SHD C:\Users\Gamer\AppData\Local\EmieUserList
    2015-06-11 19:40 - 2014-04-16 17:00 - 00000000 __SHD C:\Users\Gamer\AppData\Local\EmieSiteList
    2015-06-11 19:26 - 2015-01-15 02:06 - 00000000 ____D C:\Users\Gamer\AppData\Local\eclipse
    2015-06-11 17:16 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2015-06-10 20:20 - 2014-11-05 17:47 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415202428
    2015-06-10 20:20 - 2014-11-05 17:47 - 00000000 ____D C:\Program Files (x86)\Opera
    2015-06-10 13:25 - 2015-04-16 03:33 - 00000000 ____D C:\Windows\system32\appraiser
    2015-06-10 13:25 - 2014-05-14 23:46 - 00000000 ___SD C:\Windows\system32\CompatTel
    2015-06-10 12:23 - 2014-04-16 04:33 - 00000000 ____D C:\Windows\system32\MRT
    2015-06-10 12:17 - 2014-04-16 04:33 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-06-10 12:11 - 2015-01-29 20:14 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Skype
    2015-06-10 12:01 - 2014-08-13 14:51 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-06-10 12:01 - 2014-08-13 14:51 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-06-10 12:01 - 2014-08-13 14:51 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-06-09 17:45 - 2014-07-02 22:32 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
    2015-06-09 16:41 - 2014-07-02 22:33 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
    2015-06-09 16:32 - 2014-07-02 21:27 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Origin
    2015-06-09 16:31 - 2014-07-02 21:25 - 00000000 ____D C:\Program Files (x86)\Origin
    2015-06-08 04:59 - 2014-07-03 13:17 - 00127760 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
    2015-06-05 15:45 - 2014-08-13 14:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-06-04 21:47 - 2014-04-19 21:25 - 00000000 ____D C:\Program Files (x86)\Google
    2015-06-04 18:33 - 2014-12-23 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWF Extractor
    2015-06-04 18:33 - 2014-12-02 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free GIF Viewer
    2015-06-04 18:33 - 2014-08-21 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
    2015-06-03 16:53 - 2015-05-19 10:08 - 00000000 ____D C:\Users\Gamer\AppData\Local\GalaxyCommunicationService
    2015-05-29 18:28 - 2014-04-16 04:00 - 00000000 ____D C:\Program Files\CCleaner
    2015-05-29 15:04 - 2015-04-12 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MINERS PARANOIA
    2015-05-29 15:04 - 2014-10-24 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BattlePing
    2015-05-29 15:04 - 2014-04-16 13:24 - 00000000 ____D C:\Windows\Panther
    2015-05-29 15:03 - 2014-10-01 19:29 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\MPC-HC
    2015-05-29 14:46 - 2014-07-21 11:25 - 00000000 ____D C:\ProgramData\Desura
    2015-05-29 14:38 - 2014-09-03 13:36 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Apple Computer
    2015-05-29 13:45 - 2014-12-23 19:08 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
    2015-05-29 13:45 - 2014-12-23 18:41 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2015-05-28 16:07 - 2015-01-29 20:14 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-05-26 20:41 - 2014-08-04 15:51 - 00000000 ____D C:\stickers
    2015-05-26 17:26 - 2014-07-03 13:16 - 00000000 ____D C:\Users\Gamer\AppData\Local\Battle.net
    2015-05-26 17:26 - 2014-07-03 13:15 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2015-05-25 20:50 - 2014-10-20 17:38 - 00008764 _____ C:\Windows\system32\lvcoinst.log
    2015-05-25 20:50 - 2014-10-20 17:38 - 00000000 ____D C:\Program Files\Common Files\logishrd
    2015-05-25 15:01 - 2014-07-29 21:22 - 00000000 ____D C:\Gameboy
    2015-05-24 12:18 - 2014-08-04 15:51 - 00000000 ____D C:\Marcusthedane
    2015-05-23 22:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
    2015-05-23 17:29 - 2014-07-02 21:29 - 00000000 ____D C:\Program Files (x86)\Origin Games
    2015-05-23 17:29 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-05-23 16:54 - 2014-07-02 22:32 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
    2015-05-23 16:49 - 2014-07-02 22:50 - 00000000 ____D C:\Users\Gamer\AppData\Local\PunkBuster
    2015-05-22 23:14 - 2015-04-16 03:33 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2015-05-22 23:14 - 2015-04-16 03:33 - 00000000 ___SD C:\Windows\system32\GWX
    2015-05-22 23:14 - 2011-04-12 10:28 - 00000000 ____D C:\Program Files\Windows Journal
    2015-05-22 23:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

    ==================== Files in the root of some directories =======

    2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gamer\AppData\Roaming\07JSYnshqotnEVD50qMfusWMbKC
    2014-08-03 21:25 - 2014-08-03 21:37 - 0000103 _____ () C:\Users\Gamer\AppData\Roaming\Camdata.ini
    2014-08-03 21:25 - 2014-08-03 21:37 - 0000408 _____ () C:\Users\Gamer\AppData\Roaming\CamLayout.ini
    2014-08-03 21:25 - 2014-08-03 21:37 - 0000408 _____ () C:\Users\Gamer\AppData\Roaming\CamShapes.ini
    2014-08-03 21:23 - 2014-08-03 21:37 - 0004535 _____ () C:\Users\Gamer\AppData\Roaming\CamStudio.cfg
    2014-10-02 16:49 - 2014-10-02 16:49 - 0000203 _____ () C:\Users\Gamer\AppData\Roaming\GAMER-PC.MTBF.txt
    2014-07-18 11:45 - 2014-08-02 15:33 - 0000825 _____ () C:\Users\Gamer\AppData\Roaming\LiveSupport.exe_log.txt
    2014-07-18 11:45 - 2014-08-02 15:33 - 0000092 _____ () C:\Users\Gamer\AppData\Roaming\regsvr32.exe_log.txt
    2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Gamer\AppData\Roaming\uPZFL8T7j8fNaGrJwzJK
    2014-08-03 21:17 - 2014-08-03 21:25 - 0000096 _____ () C:\Users\Gamer\AppData\Roaming\version2.xml
    2014-10-24 19:33 - 2014-10-24 19:33 - 0000038 ___SH () C:\Users\Gamer\AppData\Local\1754111884ee9ab5277ca00.95260103
    2014-10-02 16:49 - 2014-10-02 16:49 - 0003584 _____ () C:\Users\Gamer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-04-16 15:53 - 2014-07-02 15:57 - 1065984 _____ () C:\Users\Gamer\AppData\Local\file__0.localstorage
    2014-07-18 12:01 - 2014-07-18 12:01 - 0000093 _____ () C:\Users\Gamer\AppData\Local\fusioncache.dat
    2014-07-30 18:21 - 2014-07-30 18:21 - 0000000 ___SH () C:\Users\Gamer\AppData\Local\LumaEmu
    2015-06-17 21:59 - 2015-06-17 21:59 - 0478855 _____ () C:\ProgramData\1434570965.bdinstall.bin
    2015-04-14 17:49 - 2015-04-14 17:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\Gamer\AppData\Local\Temp\oo2.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
    LastRegBack: 2015-06-14 16:52
    ==================== End of log ============================
     
    marcusdk,
    #3
  5. 2015/06/19
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    ADDITINAL LOG PART 1
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
    Ran by Gamer at 2015-06-20 01:00:10
    Running from C:\Users\Gamer\Desktop
    Boot Mode: Safe Mode (with Networking)
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-373667173-139741353-2546641198-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-373667173-139741353-2546641198-1005 - Limited - Enabled)
    Gamer (S-1-5-21-373667173-139741353-2546641198-1001 - Administrator - Enabled) => C:\Users\Gamer
    Guest (S-1-5-21-373667173-139741353-2546641198-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-373667173-139741353-2546641198-1002 - Limited - Enabled)
    Marcus (S-1-5-21-373667173-139741353-2546641198-1003 - Administrator - Enabled) => C:\Users\Marcus
    test (S-1-5-21-373667173-139741353-2546641198-1007 - Administrator - Enabled) => C:\Users\test

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Bitdefender Antivirus (Disabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
    AS: Bitdefender Antispyware (Disabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
    1Heart (HKLM-x32\...\Steam App 270190) (Version: - Chicken in The Corn)
    ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
    Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.20.2 - Mirillis)
    adblocker (HKLM-x32\...\{87EB45D0-0696-4444-8973-38D3DC9A1632}) (Version: 1.1.0.31 - adblocker)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
    Afraid of Monsters: Director's Cut v1.0 (HKLM-x32\...\Afraid of Monsters: Director's Cut) (Version: v1.0 - Andreas Rönnberg)
    Alien Isolation (HKLM-x32\...\Alien Isolation_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
    Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
    AMD Catalyst Install Manager (HKLM\...\{F37C2975-92EA-59CA-59E6-50E56F0E76DD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple-programunderstøttelse (32 bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple-programunderstøttelse (64 bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    ArtMoney PRO v7.32 (HKLM-x32\...\ArtMoney PRO_is1) (Version: 7.32 - System SoftLab)
    ArtMoney SE v7.43.1 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab)
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.4.1.540 - Online Media Technologies Ltd.)
    Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
    Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
    Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
    BattlePing (HKLM-x32\...\{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.5.5 - BattlePing)
    Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
    Betrayer (HKLM-x32\...\Steam App 243120) (Version: - Blackpowder Games)
    Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
    Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
    Book Alter (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Book Alter)
    Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
    Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
    CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
    Chromium (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Chromium) (Version: 45.0.2420.0 - Chromium)
    Cinem Plus 2.4cV15.06 (HKLM-x32\...\Cinem Plus 2.4cV15.06) (Version: 1.36.01.22 - Cinema Plus ProV15.06) <==== ATTENTION
    Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
    CorsixTH 0.40 (HKLM-x32\...\CorsixTH) (Version: 0.40 - CorsixTH Team)
    Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
    Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
    Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
    CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2326.0 - CyberLink Corp.)
    D3DGear (HKLM\...\D3DGear_is1) (Version: 4.9.1 - D3DGear Technologies)
    Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
    Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
    Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
    Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
    DawnOfWar (HKLM-x32\...\InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ)
    DawnOfWar (x32 Version: 1.00.00000 - THQ) Hidden
    Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
    Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
    Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
    Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
    Dropbox (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
    Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
    FAKEFACTORY Cinematic Mod 2013 (HKLM-x32\...\FAKEFACTORY CM2013beta 1) (Version: beta 1 - FAKEFACTORY)
    Far Cry 4 version 1.9.0 (HKLM-x32\...\{F425AE50-AEBE-46C8-887C-79F0D2106A79}_is1) (Version: 1.9.0 - REVOLUTiONiT)
    Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
    FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.2.0.2 - FlyVPN)
    Free GIF Viewer (HKLM-x32\...\{C178910D-907A-4FBD-9786-91AFDD85287D}) (Version: 1.0.0 - Media Freeware)
    GameStop App (HKLM-x32\...\GameStop App) (Version: 4.00 - GameStop)
    GameStop App (x32 Version: 4.00 - GameStop) Hidden
    GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg)
    GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
    GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
    Grey 1.1.0 Steam Pipe Fix (HKLM-x32\...\Grey) (Version: 1.1.0 Steam Pipe Fix - Deppresick Team)
    Guns'N'Zombies (HKLM-x32\...\Steam App 264300) (Version: - Krealit)
    H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
    Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve)
    Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
    Half-Life 2 (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Half-Life 2) (Version: - )
    Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve)
    Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
    Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
    Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve)
    Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version: - Valve)
    Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version: - Gearbox Software)
    Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version: - Gearbox Software)
    Half-Life: Source (HKLM-x32\...\Steam App 280) (Version: - Valve)
    HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
    inCloak VPN (HKLM-x32\...\{23493C78-637B-4A3F-BE08-CE9A2E6241A9}) (Version: 1.03 - Your Company Name)
    Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    K-Lite Mega Codec Pack 10.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.7.5 - )
    Kraven Manor (HKLM-x32\...\Steam App 296630) (Version: - Demon Wagon Studios)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
    liteCam HD (HKLM-x32\...\{73D0840C-FAE6-42F2-9F21-06322172CAAE}) (Version: 4.32.0000 - RSUPPORT)
    MAGIX Movie Edit Pro 2014 Premium (HKLM-x32\...\MX.{72510287-CB56-494C-A719-683B051F76EC}) (Version: 13.0.0.30 - MAGIX AG)
    MAGIX Movie Edit Pro 2014 Premium (Version: 13.0.0.30 - MAGIX AG) Hidden
    MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{056913A2-B256-4C31-8884-8AB78AF764F4}) (Version: 7.0.1.27 - MAGIX AG)
    MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX AG) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Max Payne (HKLM-x32\...\Steam App 12140) (Version: - Remedy Entertainment)
    Max Payne 2: The Fall of Max Payne (HKLM-x32\...\Steam App 12150) (Version: - Remedy Entertainment)
    Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
    MaxiGet Software Manager (HKLM-x32\...\MaxiGet Software Manager_is1) (Version: 1.1.92 - Maxiget Ltd.) <==== ATTENTION
    Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
    Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
    Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
    Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
    Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
    Microsoft .NET Framework 4.5.2 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{64C12304-7010-43F3-A25B-BDC38DE41E46}) (Version: 4.0.4276.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
    Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
    MINERVA: Metastasis (HKLM-x32\...\Steam App 235780) (Version: - Adam Foster)
    Montague's Mount (HKLM-x32\...\Steam App 258950) (Version: - PolyPusher Studios)
    Mount & Blade (HKLM-x32\...\Mount & Blade) (Version: - GameStop)
    Mount & Blade: Warband (HKLM-x32\...\Mount & Blade: Warband) (Version: - GameStop)
    Mount & Blade: With Fire & Sword (HKLM-x32\...\Mount & Blade: With Fire & Sword) (Version: - GameStop)
    Mozilla Firefox 38.0.5 (x86 da) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 da)) (Version: 38.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    My Program version 1.5 (HKLM-x32\...\My Program_is1) (Version: 1.5 - )
    MyStart Anti-phishing Domain Advisor (HKLM-x32\...\MyStart Anti-phishing Domain Advisor) (Version: 1.0.1.108 - Visicom Media Inc. (Powered by Panda Security))
    New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
    New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
    NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
    Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
    No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
    OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
    OpenVPN 2.3.6-I003 (HKLM\...\OpenVPN) (Version: 2.3.6-I003 - )
    Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
    Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.7 - Portforward, LLC)
    Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
    Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
    POSTAL 2 - Paradise Lost (HKLM-x32\...\POSTAL 2 - Paradise Lost_is1) (Version: - )
    POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
    Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.25 - NCH Software)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Raptr (HKLM-x32\...\Raptr) (Version: - )
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24735 - Razer Inc.)
    Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.)
    Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
    Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
    RSCC (HKLM-x32\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.00.0000 - RSUPPORT)
    simplitec simplicheck (HKLM-x32\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    Smart Port Forwarding (HKLM-x32\...\Smart Port Forwarding) (Version: 1.0.0.1 - Brooks Younce Software)
    Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)
    Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
    Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
    Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version: - )
    Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version: - )
    Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
    Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
    Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
    System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC)
    System Requirements Lab Detection (HKLM-x32\...\{18524A89-DDD9-4BF5-954B-4A0845786740}) (Version: 6.1.4.0 - Husdawg, LLC)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
    The Evil Within (HKLM-x32\...\The Evil Within_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
    The Path (HKLM-x32\...\Steam App 27000) (Version: - Tale of Tales)
    The Samaritan Paradox (HKLM-x32\...\Steam App 283180) (Version: - Faravid Interactive)
    The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
    Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Third Age - Total War 3.0 (Part 1of2)) (Version: - )
    Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Third Age - Total War 3.0 (Part 2of2)) (Version: - )
    Tyranid Mod 0.5b2 for Soulstorm (HKLM-x32\...\Tyranid Mod 0.5b2 for Soulstorm) (Version: - )
    Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Ultimate Apocalypse mod 1.73) (Version: - )
    Unity Web Player (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
    Uplay (HKLM-x32\...\Uplay) (Version: 5.0 - Ubisoft)
    VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
    VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
    Wajam (HKLM-x32\...\WajaInternetEnhancer) (Version: 2.33.2.17 (i2.6) - WajaInternetEnhancer) <==== ATTENTION
    Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
    Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
    Word Processor Text Wrap (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - Word Processor Text Wrap) <==== ATTENTION
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
    Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
    Zona (HKLM-x32\...\Zona) (Version: - Zona Team)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    18-06-2015 00:00:02 Scheduled Checkpoint
    19-06-2015 13:50:22 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 04:34 - 2015-06-14 11:51 - 00001041 ___RA C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 activation.cloud.techsmith.com127.0.0.1 thislineskipsanyemptylines
    127.0.0.1 mirillis.com
    127.0.0.1 www.mirillis.com
    127.0.0.1 serwer2.paka-service.com
    127.0.0.1 ns386119.ovh.net
    127.0.0.1 mirillis.pl


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {026A184D-E867-4D3C-B140-ACFFF01AD6C8} - System32\Tasks\Uninstaller_SkipUac_Gamer => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
    Task: {0553C6DF-3851-42E5-A7B5-4794265F55E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
    Task: {11B3F7D5-47C3-4A6E-AD87-DA2E8BA4699F} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.exe <==== ATTENTION
    Task: {16277400-6074-45B2-80CF-6D569784D4CE} - System32\Tasks\ASC8_SkipUac_Gamer => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-05-08] (IObit)
    Task: {1DBFA0C9-C100-467E-8819-11141DBF1696} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {27DE6DB9-92A8-4BEB-9A6F-CDC0E7E22010} - System32\Tasks\Bidaily Synchronize Task[3c32] => c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe [2014-06-15] (PC Utilities Software Limited) <==== ATTENTION
    Task: {32F70AEA-790D-4C3E-9010-F3BA1691ABF6} - System32\Tasks\{C3F46888-6354-4767-8668-EBEA1963F5A4} => pcalua.exe -a "C:\Program Files (x86)\Desura\desura.exe" -c desura://uninstall/games/19040
    Task: {3DB882EF-31B2-44C4-B909-28DF1BA26A6D} - \uPZFL8T7j8fNaGrJwzJK No Task File <==== ATTENTION
    Task: {46CC8026-6CB7-4AA7-857A-87A0316537DA} - \ASP No Task File <==== ATTENTION
    Task: {4765461A-431F-46FF-A315-9320D116FD36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
    Task: {4C93F505-8A6B-4B44-986A-C196AE8D5115} - System32\Tasks\{196EFF09-12C1-423E-ADB1-336D80E7B3D0} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=404
    Task: {4DBB518C-0728-48EB-98E7-C6DE01520D92} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
    Task: {50606814-3BF4-496C-B28A-33EC50F6621A} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
    Task: {59418C04-8D8A-4997-A1F8-89E850AAF475} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    Task: {5CA3B7B5-7609-4C02-A1A8-A8F9D42BD94D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {674437A2-F5D1-4B61-81C3-00081DE22E21} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-23] ()
    Task: {74FDE990-CE60-4D42-9D01-2BBAF96DF685} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.exe <==== ATTENTION
    Task: {800910F2-D02A-45A1-8BE0-39D09672802E} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {80966CF3-4FF3-40EF-B45C-01100627D216} - \07JSYnshqotnEVD50qMfusWMbKC No Task File <==== ATTENTION
    Task: {8501D42F-5317-44D0-B8D8-0CF8492C935F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {851C33FF-AEBC-4E39-B6C7-3679B8AC7610} - System32\Tasks\{81E052D7-167A-4A86-910B-4637C8259752} => pcalua.exe -a "C:\Users\Gamer\Downloads\winsdk_web (1).exe" -d C:\Users\Gamer\Downloads
    Task: {87D631B8-E3E6-487D-B031-25BCFFB05791} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {87DA7613-E7E2-4D9F-AB7F-FD19BFB86FC8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {87FB4F74-8890-4803-BD3C-AACFF4CDD563} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {8A471BC6-AF2E-4D02-A7C0-0FEE28E7C753} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.exe <==== ATTENTION
    Task: {8AA53F03-1024-4A14-82A0-64BFD4C0ABAE} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-15] (Microsoft Corporation)
    Task: {96A5CDDC-3A5E-4020-86F5-3740888221F1} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {A07F895A-E54A-42C1-AFE2-E33461F8ABE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
    Task: {A2D849A9-3974-4769-8376-E3D146D89C66} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.exe <==== ATTENTION
    Task: {A48A8185-1E0F-4C37-9442-D90F52CE24EB} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {A618AF9A-A6D4-429E-813B-ACAF66947294} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-10_user => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-10.exe <==== ATTENTION
    Task: {AD6D717B-BCF7-41F3-B2C6-E4E284EFC469} - System32\Tasks\{98CC55C1-E7F6-4466-AF74-7AFFCB0EE658} => pcalua.exe -a "C:\Users\test\Downloads\dxwebsetup (1).exe" -d C:\Users\test\Downloads
    Task: {B4B280CC-C974-4C04-89DC-38AD203E2158} - System32\Tasks\{0EFAE886-2BBA-41DE-BE55-D34376BF6543} => pcalua.exe -a "C:\Users\Gamer\Desktop\Virtual Audio Cable\setup.exe" -d "C:\Users\Gamer\Desktop\Virtual Audio Cable "
    Task: {BCE69EE6-F67A-4AB2-A8A8-0BF68277124F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
    Task: {CA71495E-F454-4D14-9F34-6297A6AC793F} - \Chromium No Task File <==== ATTENTION
    Task: {CFCB4AAA-CD12-4D67-B322-963C769F0A94} - System32\Tasks\{312EE32F-F529-4172-81F5-4EA066DF5598} => pcalua.exe -a "C:\Users\Gamer\Downloads\Empire Total War\Game\DVD 1\setup.exe" -d "C:\Users\Gamer\Downloads\Empire Total War\Game\DVD 1 "
    Task: {D17726BC-F939-4E86-8313-346FFE697DF3} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
    Task: {DC353B74-321C-4502-8DA2-7DBAF3630362} - System32\Tasks\Opera scheduled Autoupdate 1415202428 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
    Task: {F6F48529-7B07-4129-AC1F-CEE06580FCEF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {F93BF36C-AE8D-405E-9457-2CE4F848D38E} - System32\Tasks\{EF1171DF-E383-40A6-BA9F-9744C10D90A6} => pcalua.exe -a D:\OriginInstaller.exe -d D:\
    Task: {FAE1C802-BA4A-402B-B115-A685A24C73A6} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {FE048D14-0A50-40A5-BCEA-1333C93EF777} - System32\Tasks\AdobeAAMUpdater-1.0-Gamer-PC-Gamer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: C:\Windows\Tasks\07JSYnshqotnEVD50qMfusWMbKC.job => C:\Users\Gamer\AppData\Roaming\07JSYnshqotnEVD50qMfusWMbKC.exe <==== ATTENTION
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job => c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe <==== ATTENTION
    Task: C:\Windows\Tasks\Chromium.job => C:\Users\Gamer\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-10_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-10.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.exe <==== ATTENTION
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\uPZFL8T7j8fNaGrJwzJK.job => C:\Users\Gamer\AppData\Roaming\uPZFL8T7j8fNaGrJwzJK.exe <==== ATTENTION

    ==================== Loaded Modules (Whitelisted) ==============

    2015-06-17 21:58 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
    2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
    2015-06-16 18:01 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
    2015-06-16 18:01 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
    2015-06-10 15:47 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Gamer\Downloads\flashplayer18_ga_install.exe:BDU
    AlternateDataStreams: C:\Users\Gamer\Documents\Production 1.dmsm:Roxio EMC Stream

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Aadewb120.sys => " "= "Driver "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Hizok120.sys => " "= "Driver "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Aadewb120.sys => " "= "Driver "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBulider => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Audiosrv => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hizok120.sys => " "= "Driver "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MMCSS => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBPIMSvc => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => " "= "Driver "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => " "= "Enheder til lyd, video og spil "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue "= "2 "

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
    IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\sony.com -> sony.com
     
    marcusdk,
    #4
  6. 2015/06/19
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    ADDITION LOG PART 2
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\100sexlinks.com -> 100sexlinks.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\101hotteens.com -> 101hotteens.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\101lottery.com -> 101lottery.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\123expressview.com -> 123expressview.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\123found.com -> 123found.com

    There are 4784 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-373667173-139741353-2546641198-1001\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 193.162.153.164 - 194.239.134.83

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
    MSCONFIG\startupreg: Bdagent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe "
    MSCONFIG\startupreg: Bitdefender Wallet Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe "
    MSCONFIG\startupreg: Desura =>
    MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: GalaxyClient => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
    MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe "
    MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe "
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe "
    MSCONFIG\startupreg: KrakenLauncher => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe /start
    MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    MSCONFIG\startupreg: pdiface => C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow
    MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe "
    MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
    MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe "
    MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
    MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
    MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
    MSCONFIG\startupreg: YouCam Service6 => "C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe" /s

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{96A32F8D-0D4D-4D82-8C64-0BDA98BF4726}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{EBDA7FDC-4554-4391-98C8-468D3FDB29F7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{5C19C430-DDAB-407A-846E-CD7B4DB46C91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{9C2AEE4E-58BE-41BA-A06D-F9F2E4989243}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{DC4DC004-A789-40B8-86AD-28B46CF743E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{37370DF9-1989-44C7-BB5C-1E8297EDC0C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{2EC6C24B-4246-45B6-AA30-9D9E45431F63}] => (Allow) C:\Users\Gamer\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{CAF981E6-629D-41F5-B77C-07C63A7F17E5}] => (Allow) C:\Users\Gamer\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{4142BC6A-00BB-48BB-B17C-679413294ACC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
    FirewallRules: [{D02E2FA0-5B3A-4DA8-B392-5BDC395C6495}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
    FirewallRules: [{B6D1E783-9D22-4802-8B16-87811EB1CFE8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{EA43E85A-7F04-47A7-9FBE-6735389BD851}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{C4C49A8B-A4FB-4DD1-9C9B-FB779E2255E8}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{FAED3C77-36D6-4088-BE6C-8119995C4C84}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [TCP Query User{403C39C1-6F25-47D6-B8DA-F6C8FA60C357}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [UDP Query User{3DA16981-036B-48BE-BB47-6A5B8D14B2F3}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [{92B08B2A-87BC-4E27-A676-67557B76E9D2}] => (Allow) C:\Program Files (x86)\Crysis 3\Bin32\Crysis3.exe
    FirewallRules: [{4757B173-D6B1-4337-A89F-DCD8A995403C}] => (Allow) C:\Program Files (x86)\Crysis 3\Bin32\Crysis3.exe
    FirewallRules: [TCP Query User{B73AE3DA-902F-4A95-B280-372AE4B409A0}C:\users\gamer\appdata\local\temp\gw2.exe] => (Allow) C:\users\gamer\appdata\local\temp\gw2.exe
    FirewallRules: [UDP Query User{BA6E6336-4C4D-4668-9569-9AE4AFD0A1E4}C:\users\gamer\appdata\local\temp\gw2.exe] => (Allow) C:\users\gamer\appdata\local\temp\gw2.exe
    FirewallRules: [TCP Query User{43BA1D0A-0063-4BB2-9ED9-72F6FC93DCCD}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
    FirewallRules: [UDP Query User{7C96B6BB-40D0-41B3-809E-13EBBE432F87}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
    FirewallRules: [{B2FA1AA4-E0CE-42B2-8B5C-816E6CE06F37}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [{57E1F999-DDB2-4634-814D-4371C109165D}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [TCP Query User{D5D7407B-07E7-4513-893E-9941E934190C}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
    FirewallRules: [UDP Query User{D0E18AE8-1859-4F52-B135-815B62AB30CE}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
    FirewallRules: [TCP Query User{300744FA-741B-4220-89DC-C6B202616D33}C:\users\gamer\desktop\the stanley parable\stanley.exe] => (Allow) C:\users\gamer\desktop\the stanley parable\stanley.exe
    FirewallRules: [UDP Query User{BC9545F4-21AF-430C-A00E-C8355E73D393}C:\users\gamer\desktop\the stanley parable\stanley.exe] => (Allow) C:\users\gamer\desktop\the stanley parable\stanley.exe
    FirewallRules: [{8A4D5287-6422-40CE-ACB0-7F854A561037}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
    FirewallRules: [{6330D0A4-1548-4974-9956-681124E92F88}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
    FirewallRules: [{5FEA2F0B-C104-42AB-81D4-0658B7AAFD31}] => (Block) %ProgramFiles% (x86)\Microsoft Studios\State of Decay - Breakdown\StateOfDecay.exe
    FirewallRules: [{934C1F40-404C-4D5E-B576-26234B9A24EB}] => (Block) %ProgramFiles% (x86)\Microsoft Studios\State of Decay - Lifeline\StateOfDecay.exe
    FirewallRules: [{7F191DCC-4FC9-488D-A461-F3A4389FDDD0}] => (Allow) C:\Users\Gamer\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{0F1C9B1C-3071-45B3-83F8-DB6DAF5E39DB}] => (Allow) C:\Users\Gamer\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{F806138E-7DC3-4639-BAB5-1B65FD5F0E90}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{1179CF64-4EC1-4501-967D-AF0FE050F1F8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{EA3CF586-FCE9-4316-84CF-5BD7D0AC83DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{4B911AA6-15D9-4EA9-8F61-27B70FC7821E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{4F94C6B5-21A4-4C1C-8C22-41839BDFCAF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{9CDD927E-B5DA-4A4B-963C-01056C42773A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{832DE301-6010-41DD-88E4-45D266320951}C:\program files (x86)\smart port forwarding\spf.exe] => (Allow) C:\program files (x86)\smart port forwarding\spf.exe
    FirewallRules: [UDP Query User{B27C556F-AE14-49F6-B7FB-4808718C8C75}C:\program files (x86)\smart port forwarding\spf.exe] => (Allow) C:\program files (x86)\smart port forwarding\spf.exe
    FirewallRules: [{3C376FFD-7BB5-4DB7-B3B0-EBCD20DC7C45}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
    FirewallRules: [{F48474BD-35D3-4283-BFF3-7B69EC648AAF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
    FirewallRules: [{FE4DD569-576F-40A9-9798-F648CB657FB7}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
    FirewallRules: [{EB3E987E-975F-4F9B-A1F3-0E4AB826CAEC}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
    FirewallRules: [{676FFA98-F885-4FA2-96BF-22EA0A859AB2}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
    FirewallRules: [{CD79ADCD-5620-4F2F-B944-E81EA9D08011}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
    FirewallRules: [{3625F94E-EF43-4A53-BFDF-FAA4E0CEC89C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
    FirewallRules: [TCP Query User{26F88241-6DC2-410E-8E47-2C2006E0DD2D}C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
    FirewallRules: [UDP Query User{54462482-E56B-4F40-8CF6-4AAD51160868}C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
    FirewallRules: [TCP Query User{92E0E364-771D-4C33-98FF-466B0C7C0C34}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe
    FirewallRules: [UDP Query User{B4F123BB-9B17-43C8-B910-80C7D244EF95}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe
    FirewallRules: [{B6147634-2E6A-489A-A5AE-94F92B3A2794}] => (Block) %ProgramFiles% (x86)\Mirillis\Action!\Action.exe
    FirewallRules: [{4C6A942C-84C2-45DB-B4EB-609F25E677AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
    FirewallRules: [{14D9D5A2-EB43-4427-821F-EFFB22A9939F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
    FirewallRules: [{7B562762-FFC7-4868-AB8C-680EE4428360}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
    FirewallRules: [{1B6485D5-BADF-433A-9DA1-9E18E84C1189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
    FirewallRules: [{45D368D5-11BD-4CBA-A991-2C094F969186}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
    FirewallRules: [{DE7C548C-5232-4AF7-AF74-8A6265149EF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
    FirewallRules: [{5E5AF8EE-BB7B-4346-A027-5640609431ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{B5D47B4E-B83D-4AEE-9B7E-2813528ED3A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [TCP Query User{971B4BF0-1808-4D11-BAB0-AF7EA19470E4}C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
    FirewallRules: [UDP Query User{B4A09EBE-F856-4F4A-A4AB-757F4DA1049A}C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
    FirewallRules: [TCP Query User{4C976B5D-D058-43EE-BA87-AB2C34A1292B}C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
    FirewallRules: [UDP Query User{9C30F989-5582-410B-A67A-DD42077DBEFF}C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
    FirewallRules: [TCP Query User{9607645A-76EE-4769-9853-6F82DAD44472}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
    FirewallRules: [UDP Query User{A7714D31-0B6C-4EDC-8D72-915AD92C692B}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
    FirewallRules: [TCP Query User{B7C71649-C726-4267-833F-5027B9028336}C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe
    FirewallRules: [UDP Query User{E9E1957A-D99B-4639-AE86-C2B88FCC0763}C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe
    FirewallRules: [{CF6C9CF4-7593-40F1-8016-5CF009A5A029}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
    FirewallRules: [{1A497A0B-F7C6-40B9-9CA1-BD4655B391BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
    FirewallRules: [{C5F9E2AE-7B3D-4C23-BCBF-2EA7134E2FA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
    FirewallRules: [{DB13FE71-93C0-431C-8AC5-5E96D1126C9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
    FirewallRules: [{2E21FA0C-C587-4D13-B9E5-4C4186F0DE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
    FirewallRules: [{1BCD1C6D-0394-49AC-8788-D55D8D6B7EC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
    FirewallRules: [{0AD89E79-2B90-40B4-B9EB-76024F2E4A05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
    FirewallRules: [{BD3B9AA8-30B7-42E2-9064-77CACEC89DD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
    FirewallRules: [{26880BD1-0387-44E8-A072-71DCC138B38F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
    FirewallRules: [{83D296BB-41D3-49F3-8688-BE1C83DE0518}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
    FirewallRules: [{52EC1F8F-1689-4F9E-AF95-BF3619507EA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 1 Source Deathmatch\hl2.exe
    FirewallRules: [{8B2C23F2-D0A6-4894-93CA-BDED167A785B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 1 Source Deathmatch\hl2.exe
    FirewallRules: [{D5661AB3-FFA2-496B-871B-BA468B8C291D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
    FirewallRules: [{BEC0E920-0E8B-48BC-9164-5202651E239F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
    FirewallRules: [{ED6C8977-68E7-409B-AFEE-2A55F44AB3A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
    FirewallRules: [{D781DF8A-0212-4A6D-A16B-EDEBC4BFCA24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
    FirewallRules: [{71018267-FEB9-4AF1-A96F-4DF4428E7CB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{1F69BF5B-3768-4FFC-A75C-6A256A632DC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{A7D9A470-F95B-4539-BA75-78A3A77C6B3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
    FirewallRules: [{DD87F69D-089E-4DC9-93E4-E6A972B985DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
    FirewallRules: [{6E78FB3F-FA12-4EAF-8C61-03A68E72D01E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
    FirewallRules: [{55C7A297-1453-457B-A54C-7B3ACD0FDB53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
    FirewallRules: [{4D7779C5-2391-4EA5-8C2F-166A5BED39E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\hl2.exe
    FirewallRules: [{8060D73F-C37A-4EC4-B0E4-70B47A9B67A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\hl2.exe
    FirewallRules: [{5F75A064-EBAC-46F6-8915-442503AE2795}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
    FirewallRules: [{512B6D82-45A4-4AB3-A97A-FF2FD25A5D93}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
    FirewallRules: [{4F5733B0-DE36-4B20-A839-98A0599CDC46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
    FirewallRules: [{4F704927-10F3-49F6-A97F-8D02BFC5220F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
    FirewallRules: [TCP Query User{FA616438-13E6-43B6-921D-D747F4672BAB}C:\users\gamer\desktop\u1404.exe] => (Allow) C:\users\gamer\desktop\u1404.exe
    FirewallRules: [UDP Query User{78E6C013-D6D8-41FA-A87F-665B7D134946}C:\users\gamer\desktop\u1404.exe] => (Allow) C:\users\gamer\desktop\u1404.exe
    FirewallRules: [{8F7AEF00-034D-450F-9643-C662C19E6F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{3C765918-6E0F-43AE-9054-1353AEA5814A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{F0219DF5-2F01-4668-BD7E-86BDA0396F90}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{5BCFD48F-AA41-4E64-B99B-6ED0EEB76475}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{6BD67B00-6715-4B9D-8799-48D22CB1C5FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{3030A058-B5A9-4992-8568-9989D3355E1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{D2397A20-C0DE-493C-87D1-F7E04FCD2F41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MINERVA\hl2.exe
    FirewallRules: [{167A2892-C066-4B9E-8FFB-B0EE892B5272}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MINERVA\hl2.exe
    FirewallRules: [TCP Query User{2F1FB032-2E24-455B-B0DE-29E7DDB9BD69}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [UDP Query User{AF1AADA8-9256-4011-AF01-57749625A19B}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [TCP Query User{092D6429-8D3E-4E44-87C7-190DD1EEDB2C}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe
    FirewallRules: [UDP Query User{2D354797-0671-4AF0-927F-B6A82D20EE1A}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe
    FirewallRules: [TCP Query User{F26CAC42-7E58-4FE4-84C1-081112CA9CAC}C:\users\gamer\downloads\pokemon3dserver.exe] => (Allow) C:\users\gamer\downloads\pokemon3dserver.exe
    FirewallRules: [UDP Query User{6B027B61-403F-4CC1-80FD-8155DD19FAE0}C:\users\gamer\downloads\pokemon3dserver.exe] => (Allow) C:\users\gamer\downloads\pokemon3dserver.exe
    FirewallRules: [{F266A92B-BCD8-41BB-9673-E644894D60B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
    FirewallRules: [{7DA7F672-AAD0-4EBF-BD25-C068CA08768D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
    FirewallRules: [TCP Query User{06CEA6AB-1E14-4230-8DAF-AED725AB1BA6}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3668\agent.exe
    FirewallRules: [UDP Query User{CE3EEEDF-973D-4C44-B3A1-BA4311057684}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3668\agent.exe
    FirewallRules: [{6EC0D022-E350-4164-9E49-810B91BDD0C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
    FirewallRules: [{614D5DCF-DD03-486E-9E1A-7A30A228EEB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
    FirewallRules: [{9101DE3F-01D5-4132-8E1B-01ED1B388635}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
    FirewallRules: [{43E41D3E-FDF8-49CB-9672-A845361F1277}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
    FirewallRules: [TCP Query User{1B67C77D-98BC-4BC0-A132-075D0CD13DF9}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [UDP Query User{C10C1890-A52E-4CD2-9B83-AE69D7AD0344}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [{46105EEA-E487-47AD-AB0F-218C221BBEEA}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [{A08BBDC4-B0DA-421A-A7B1-41BDEA1B5769}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [{AC651655-7CFE-4979-8D62-8E49775BA574}] => (Allow) C:\Program Files (x86)\Zona\Zona.exe
    FirewallRules: [{59126C8E-F0B6-4E48-AF2E-CAB00949C97B}] => (Allow) C:\Program Files (x86)\Zona\Zona.exe
    FirewallRules: [{3C2C34C1-95E6-4A35-86F2-741BABE7C005}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
    FirewallRules: [{1ABDE0EA-5A06-4232-9F62-77A9ABE344C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
    FirewallRules: [{D631A343-14CD-4038-B16A-CBD2318660B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{C50C2FC7-2719-4C02-8EC9-C217E5B643B1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{6B1A0016-4B62-4EB1-82CD-D38C5D7EEE32}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{9E8FF55B-5CC8-4E2D-A36C-55FD0734D72D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{9ABABBFE-A4EE-427F-ACBE-0344C3C1E0E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{4E48D79B-9503-473D-9C3F-1D92A3DB8559}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
    FirewallRules: [{CB069EDC-B1C3-4DB5-8EF1-2BFA08DDCA01}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
    FirewallRules: [{02358839-E2D7-4011-A982-2BFEEEC74111}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Multiplayer\hl2.exe
    FirewallRules: [{4C07F9A3-AF89-49D2-BB30-604E6D7192DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Multiplayer\hl2.exe
    FirewallRules: [{1FD0FAFF-70DB-4E46-96F7-EA6E8F8E583A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
    FirewallRules: [{2FC86E15-4A27-42B2-933F-343ADBAACDEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
    FirewallRules: [TCP Query User{B3E10CD7-501F-4C97-BE66-CE033A4569B7}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe
    FirewallRules: [UDP Query User{65AB79FC-B346-4CED-A2D4-51AE84908272}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe
    FirewallRules: [{9E3C56FC-5AA9-4A3E-87FA-D59CDE412175}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
    FirewallRules: [{9415EBB8-455C-48D9-ABC8-402F219A9832}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
    FirewallRules: [{48877635-AB20-49AC-A356-0D840A7DBF09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
    FirewallRules: [{7B1C834E-BE30-4D6A-B72B-3191B8F2E8C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
    FirewallRules: [{09DF5213-BA8D-4799-B6DF-330FF11373C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne\maxpayne.exe
    FirewallRules: [{CD09819D-AC7A-4675-95D1-F7B4B60B95D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne\maxpayne.exe
    FirewallRules: [{ED5B84B1-2AE8-4555-A2B1-908966F47A57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
    FirewallRules: [{1EF9368A-725B-4D80-86B0-EB0AA888D65B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
    FirewallRules: [{A3ECB390-D7FC-4D3A-B47E-0BA93E8A0C9C}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
    FirewallRules: [{2E2FAAE8-1FC9-49DB-9688-CC4F26F37BE2}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
    FirewallRules: [{E9B564BE-1C16-4D17-B352-B71901944518}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
    FirewallRules: [{5BD48F21-0F81-48AE-B0A9-732DCA6742BE}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
    FirewallRules: [TCP Query User{E258C6F8-18B1-418F-B185-F9E15BF4832E}C:\users\gamer\desktop\u1405.exe] => (Allow) C:\users\gamer\desktop\u1405.exe
    FirewallRules: [UDP Query User{87ADF2D1-8D80-4D10-B590-936EF9CEABD6}C:\users\gamer\desktop\u1405.exe] => (Allow) C:\users\gamer\desktop\u1405.exe
    FirewallRules: [TCP Query User{4B4D199F-820F-4CBC-80CD-5C9344FB6630}C:\program files (x86)\thq\dawn of war\w40k.exe] => (Allow) C:\program files (x86)\thq\dawn of war\w40k.exe
    FirewallRules: [UDP Query User{DC04AA72-E24A-4BBA-AB78-351953CF5DAD}C:\program files (x86)\thq\dawn of war\w40k.exe] => (Allow) C:\program files (x86)\thq\dawn of war\w40k.exe
    FirewallRules: [TCP Query User{E9D75C4A-3F80-4787-8A61-DA7DFB52B903}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
    FirewallRules: [UDP Query User{D43CA216-3CAB-4E8C-9B0B-8CFB525FDC02}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
    FirewallRules: [{378757B0-707C-403F-AD51-9D6E935DC76F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{64F4C6D7-DB25-476D-BEF8-A76CA6E4E49D}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
    FirewallRules: [{D95F328A-8DB3-4335-B3FF-B8B4258B4314}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
    FirewallRules: [TCP Query User{41E45D04-696D-45B3-BB5C-5433C5D28037}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
    FirewallRules: [UDP Query User{88B61EC2-FD7D-45A7-8957-D3DA03076E5C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
    FirewallRules: [{122C8226-E19E-4BC6-85CF-3F50B56DB405}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
    FirewallRules: [{66631818-CF2C-4513-BEB6-18F539F2636D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
    FirewallRules: [{6F8DB49A-E8FE-4678-8DB0-E65AC271EF3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
    FirewallRules: [{3C49B4A7-28C7-447D-9A9D-14ECC96343CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
    FirewallRules: [TCP Query User{EF7CEC4A-C47F-4CD4-A97F-54E1D38A173B}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
    FirewallRules: [UDP Query User{76BE733B-F797-41F4-B5EC-8150FC75260B}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
    FirewallRules: [{4B844D15-9472-4DB5-9A4B-37887309C778}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
    FirewallRules: [{91B6B835-776B-4D44-B5A0-4CF9EFBD1DAE}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
    FirewallRules: [{4B5BD469-086C-4612-B02D-CF44C4F40F8D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{80E979EF-3BC2-4086-892B-6A56A82FE571}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{0E923688-1C19-4D43-8CD4-F92C8A1EF954}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{70BCF1EE-774F-4EF1-A6DA-813417F19A46}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{A524D06D-C96D-4D61-9B94-2C29EA7F9CD7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{8CCEF6F3-749E-4419-9D51-813EBF490D76}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{F32D569B-AC27-4331-B660-06E49D184296}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{9A50A055-AE0A-4392-8610-147C40204E52}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{FDB14860-73B9-4CF4-AA54-87106198924B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
    FirewallRules: [{46E1D2D1-777C-4989-9812-FC5411CAFDDF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
    FirewallRules: [{BAE83461-716E-4EE4-A945-C3E56FA4380B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
    FirewallRules: [{20FBABC8-ECD5-4103-ADB2-0759E117A390}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
    FirewallRules: [{0A1DAE53-5EFC-4EB2-94EE-5D236BA536A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{46A24069-126C-4112-A152-6D12345FC934}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{224892A0-AB2B-4EBE-B398-41207AB08B7D}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
    FirewallRules: [UDP Query User{9131F07D-8CF8-4636-9402-DA11E860A8B6}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
    FirewallRules: [{3CD4ED17-7126-436D-9C6F-E96FF1C0759E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{CC08DD28-11F2-4D47-8A1C-D4FFCDE6398E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1Heart\1Heart.exe
    FirewallRules: [{4B7F3751-B60E-46CE-B354-8D6AB446DBA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1Heart\1Heart.exe
    FirewallRules: [{3DD59CD3-F983-4056-A139-17B4721DA4FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Betrayer\Binaries\Win32\Betrayer.exe
    FirewallRules: [{F5E8E8D1-3796-46AE-A93C-BB472B1DEF45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Betrayer\Binaries\Win32\Betrayer.exe
    FirewallRules: [{2D7F44EF-51D4-4A97-BC83-CC5C52230F44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GunsNZombies\GNZ.exe
    FirewallRules: [{9BB442F8-25DF-4109-A7FA-BF6AB2154F82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GunsNZombies\GNZ.exe
    FirewallRules: [{5C98FFDF-8924-4DC1-BA43-A1CF280006F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kraven Manor\Binaries\Win32\KravenManor.exe
    FirewallRules: [{86EC65FC-26C9-4093-96D6-AEBB921DD9FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kraven Manor\Binaries\Win32\KravenManor.exe
    FirewallRules: [{5DF0CF1B-4ADE-42B8-9D92-5B10F724FE52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Path\PathViewer.exe
    FirewallRules: [{E1480FF3-5A36-4511-AADF-E6D620CA05E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Path\PathViewer.exe
    FirewallRules: [{1A218A8F-0A9C-48EC-9524-84C7BDCADCDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheSamaritanParadox\samaritan.exe
    FirewallRules: [{5232423A-1FD8-4E6C-B5CA-78E2CF9C9C94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheSamaritanParadox\samaritan.exe
    FirewallRules: [{F07D95A3-0DFD-4263-89A4-722E3BF6D41F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\MontaguesMount.exe
    FirewallRules: [{EE3F0054-6162-4121-B63F-B5B99EA7D26D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\MontaguesMount.exe
    FirewallRules: [{7B51E911-DBF0-456A-8DD0-83DBF5316320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe
    FirewallRules: [{B96CD24A-32E7-45AB-972F-29511A129F61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe
    FirewallRules: [{E4F7F6E9-1CE2-4D23-BB23-2E912A5B284C}] => (Allow) C:\Users\Gamer\AppData\Local\Chromium\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling-adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: spldr
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Hizok120 service
    Description: Hizok120 service
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Hizok120
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/20/2015 00:48:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 00:46:54 AM) (Source: Winlogon) (EventID: 4103) (User: )
    Description: Aktivering af Windows-licens mislykkedes. Fejl 0x00000000.

    Error: (06/20/2015 00:46:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: License Activation (slui.exe) mislykkedes med fejlkoden:
    0x8007043C

    Error: (06/20/2015 00:46:53 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 00:44:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 00:43:47 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 00:43:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 00:43:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 00:43:44 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 00:28:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (06/20/2015 00:48:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Tjenesten VIPRE Antivirus kunne ikke starte pga. følgende fejl:
    %%3

    Error: (06/20/2015 00:47:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Tjenesten HomeGroup Provider afhænger af tjenesten Function Discovery Provider Host, der ikke kunne starte pga. følgende fejl:
    %%1068

    Error: (06/20/2015 00:47:16 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

    Error: (06/20/2015 00:47:15 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    Error: (06/20/2015 00:47:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Tjenesten Computer Browser afhænger af tjenesten Server, der ikke kunne starte pga. følgende fejl:
    %%1068

    Error: (06/20/2015 00:47:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Tjenesten Computer Browser afhænger af tjenesten Server, der ikke kunne starte pga. følgende fejl:
    %%1068

    Error: (06/20/2015 00:47:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Tjenesten Computer Browser afhænger af tjenesten Server, der ikke kunne starte pga. følgende fejl:
    %%1068

    Error: (06/20/2015 00:47:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Tjenesten Computer Browser afhænger af tjenesten Server, der ikke kunne starte pga. følgende fejl:
    %%1068

    Error: (06/20/2015 00:47:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Tjenesten Computer Browser afhænger af tjenesten Server, der ikke kunne starte pga. følgende fejl:
    %%1068

    Error: (06/20/2015 00:47:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Tjenesten Computer Browser afhænger af tjenesten Server, der ikke kunne starte pga. følgende fejl:
    %%1068


    Microsoft Office:
    =========================
    Error: (06/20/2015 00:48:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 00:46:54 AM) (Source: Winlogon) (EventID: 4103) (User: )
    Description: 0x000000000x00000001

    Error: (06/20/2015 00:46:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
    Description: 0x8007043C

    Error: (06/20/2015 00:46:53 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 00:44:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 00:43:47 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 00:43:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 00:43:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 00:43:44 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 00:28:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    CodeIntegrity Errors:
    ===================================
    Date: 2015-06-16 22:16:55.880
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.850
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.818
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.790
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.758
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.729
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.697
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.669
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.637
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.609
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
    Percentage of memory in use: 22%
    Total physical RAM: 8162.34 MB
    Available physical RAM: 6322.5 MB
    Total Pagefile: 19402.26 MB
    Available Pagefile: 17512.99 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.41 GB) (Free:7.89 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4B186D8A)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

    ==================== End of log =======================
     
    marcusdk,
    #5
  7. 2015/06/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =============================

    [​IMG] Any particular reason why you ran FRST scan from safe mode with networking instead of normal mode?

    [​IMG] Uninstall Advanced SystemCare.
    Registry cleaners/optimizers are not recommended for several reasons:

    • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

      The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
    • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry ". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
    • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
    • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
    • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results ".
    Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


    [​IMG] I still see a lot of Kaspersy's leftovers.
    Run this tool to remove them: http://support.kaspersky.com/common/service.aspx?el=1464#block1

    [​IMG] Uninstall following unwanted programs:

    Cinem Plus
    MaxiGet Software Manager
    Remote Desktop Access
    Wajam
    Word Processor Text Wrap

    [​IMG] Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

    broni,
    #6
  8. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    It worked!! thank you so so much :)

    Hello. no there was no particular reason why i ran frst scan from safe mode with networking instead of normal mode. Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
    Ran by Gamer at 2015-06-20 19:48:07 Run:1
    Running from C:\Users\Gamer\Desktop
    Loaded Profiles: Gamer (Available Profiles: Gamer & Marcus & test)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\MountPoints2: D - D:\Setup.exe
    AppInit_DLLs-x32: d3dgearload.dll => "d3dgearload.dll" File not found
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKU\S-1-5-21-373667173-139741353-2546641198-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    BHO: No Name -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> No File
    BHO: No Name -> {4A7494E3-AC67-81DF-6557-35A7D990D865} -> No File
    BHO: No Name -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> No File
    BHO: No Name -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> No File
    BHO: No Name -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> No File
    BHO: No Name -> {f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e} -> No File
    BHO-x32: No Name -> {4A7494E3-AC67-81DF-6557-35A7D990D865} -> No File
    BHO-x32: No Name -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> No File
    BHO-x32: No Name -> {f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e} -> No File
    Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
    Toolbar: HKLM-x32 - No Name - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No File
    Handler: vipresg - No CLSID Value
    FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com No File
    FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com No File
    FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
    FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll No File
    CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/d...jmlmojhbllhbho
    CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/d...jmlmojhbllhbho
    S2 53a1c4d9; No ImagePath
    S2 AVP15.0.2; No ImagePath
    S2 SBAMSvc; No ImagePath
    S2 SBPIMSvc; No ImagePath
    S1 Aadewb120; \??\C:\Windows\system32\Drivers\Aadewb120.sys [X]
    S3 BioNTDrv; \??\C:\Program Files\Paragon Software\Hard Disk Manager 14 Suite\program\BioNTDrv.SYS [X]
    S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S1 Hizok120; \??\C:\Windows\system32\Drivers\Hizok120.sys [X]
    S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gamer\AppData\Roaming\07JSYnshqotnEVD50qMfusWMbKC
    2014-08-03 21:25 - 2014-08-03 21:37 - 0000103 _____ () C:\Users\Gamer\AppData\Roaming\Camdata.ini
    2014-08-03 21:25 - 2014-08-03 21:37 - 0000408 _____ () C:\Users\Gamer\AppData\Roaming\CamLayout.ini
    2014-08-03 21:25 - 2014-08-03 21:37 - 0000408 _____ () C:\Users\Gamer\AppData\Roaming\CamShapes.ini
    2014-08-03 21:23 - 2014-08-03 21:37 - 0004535 _____ () C:\Users\Gamer\AppData\Roaming\CamStudio.cfg
    2014-10-02 16:49 - 2014-10-02 16:49 - 0000203 _____ () C:\Users\Gamer\AppData\Roaming\GAMER-PC.MTBF.txt
    2014-07-18 11:45 - 2014-08-02 15:33 - 0000825 _____ () C:\Users\Gamer\AppData\Roaming\LiveSupport.exe_log.txt
    2014-07-18 11:45 - 2014-08-02 15:33 - 0000092 _____ () C:\Users\Gamer\AppData\Roaming\regsvr32.exe_log.txt
    2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Gamer\AppData\Roaming\uPZFL8T7j8fNaGrJwzJK
    2014-08-03 21:17 - 2014-08-03 21:25 - 0000096 _____ () C:\Users\Gamer\AppData\Roaming\version2.xml
    2014-10-24 19:33 - 2014-10-24 19:33 - 0000038 ___SH () C:\Users\Gamer\AppData\Local\1754111884ee9ab5277ca00.95260103
    2014-10-02 16:49 - 2014-10-02 16:49 - 0003584 _____ () C:\Users\Gamer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-04-16 15:53 - 2014-07-02 15:57 - 1065984 _____ () C:\Users\Gamer\AppData\Local\file__0.localstorage
    2014-07-18 12:01 - 2014-07-18 12:01 - 0000093 _____ () C:\Users\Gamer\AppData\Local\fusioncache.dat
    2014-07-30 18:21 - 2014-07-30 18:21 - 0000000 ___SH () C:\Users\Gamer\AppData\Local\LumaEmu
    2015-06-17 21:59 - 2015-06-17 21:59 - 0478855 _____ () C:\ProgramData\1434570965.bdinstall.bin
    2015-04-14 17:49 - 2015-04-14 17:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    C:\Users\Gamer\AppData\Local\Temp\oo2.exe
    Task: {11B3F7D5-47C3-4A6E-AD87-DA2E8BA4699F} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.exe <==== ATTENTION
    C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.exe
    Task: {27DE6DB9-92A8-4BEB-9A6F-CDC0E7E22010} - System32\Tasks\Bidaily Synchronize Task[3c32] => c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe [2014-06-15] (PC Utilities Software Limited) <==== ATTENTION
    c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe
    Task: {3DB882EF-31B2-44C4-B909-28DF1BA26A6D} - \uPZFL8T7j8fNaGrJwzJK No Task File <==== ATTENTION
    Task: {46CC8026-6CB7-4AA7-857A-87A0316537DA} - \ASP No Task File <==== ATTENTION
    Task: {50606814-3BF4-496C-B28A-33EC50F6621A} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
    C:\Program Files (x86)\OLBPre\OLBPre.exe
    Task: {74FDE990-CE60-4D42-9D01-2BBAF96DF685} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.exe <==== ATTENTION
    C:\Program Files (x86)\Cinem Plus 2.4cV15.06
    Task: {800910F2-D02A-45A1-8BE0-39D09672802E} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {80966CF3-4FF3-40EF-B45C-01100627D216} - \07JSYnshqotnEVD50qMfusWMbKC No Task File <==== ATTENTION
    Task: {87D631B8-E3E6-487D-B031-25BCFFB05791} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {96A5CDDC-3A5E-4020-86F5-3740888221F1} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {A2D849A9-3974-4769-8376-E3D146D89C66} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.exe <==== ATTENTION
    Task: {A48A8185-1E0F-4C37-9442-D90F52CE24EB} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: {CA71495E-F454-4D14-9F34-6297A6AC793F} - \Chromium No Task File <==== ATTENTION
    Task: {FAE1C802-BA4A-402B-B115-A685A24C73A6} - System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5 => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe [2015-06-15] (Cinema Plus ProV15.06) <==== ATTENTION
    Task: C:\Windows\Tasks\07JSYnshqotnEVD50qMfusWMbKC.job => C:\Users\Gamer\AppData\Roaming\07JSYnshqotnEVD50qMfusWMbKC.exe <==== ATTENTION
    C:\Users\Gamer\AppData\Roaming\07JSYnshqotnEVD50qMfusWMbKC.exe
    Task: C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job => c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe <==== ATTENTION
    c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-10_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-10.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.exe <==== ATTENTION
    Task: C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.exe <==== ATTENTION
    Task: C:\Windows\Tasks\uPZFL8T7j8fNaGrJwzJK.job => C:\Users\Gamer\AppData\Roaming\uPZFL8T7j8fNaGrJwzJK.exe <==== ATTENTION
    C:\Users\Gamer\AppData\Roaming\uPZFL8T7j8fNaGrJwzJK.exe
    AlternateDataStreams: C:\Users\Gamer\Downloads\flashplayer18_ga_install.exe:BDU
    AlternateDataStreams: C:\Users\Gamer\Documents\Production 1.dmsm:Roxio EMC Stream

    *****************

    "HKU\S-1-5-21-373667173-139741353-2546641198-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => key removed successfully
    "d3dgearload.dll" => value data removed successfully.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
    HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
    HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
    HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
    HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
    HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
    HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
    HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
    HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
    C:\Windows\system32\GroupPolicy\Machine => moved successfully.
    C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
    C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
    "HKLM\SOFTWARE\Policies\Google" => key removed successfully
    "HKU\S-1-5-21-373667173-139741353-2546641198-1001\SOFTWARE\Policies\Google" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} => key not found.
    HKCR\CLSID\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7494E3-AC67-81DF-6557-35A7D990D865}" => key removed successfully
    HKCR\CLSID\{4A7494E3-AC67-81DF-6557-35A7D990D865} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412} => key not found.
    HKCR\CLSID\{93BC2EA7-2F17-4729-948A-D2E03FFB2412} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}" => key removed successfully
    HKCR\CLSID\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} => key not found.
    HKCR\CLSID\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e}" => key removed successfully
    HKCR\CLSID\{f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e} => key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7494E3-AC67-81DF-6557-35A7D990D865}" => key removed successfully
    HKCR\Wow6432Node\CLSID\{4A7494E3-AC67-81DF-6557-35A7D990D865} => key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}" => key removed successfully
    HKCR\Wow6432Node\CLSID\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} => key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e}" => key removed successfully
    HKCR\Wow6432Node\CLSID\{f7f9c8e9-f704-49d8-aa06-57c9cdd09a0e} => key not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
    HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} => value removed successfully
    HKCR\CLSID\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} => key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} => value removed successfully
    HKCR\Wow6432Node\CLSID\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} => key not found.
    "HKCR\PROTOCOLS\Handler\vipresg" => key removed successfully
    "HKLM\Software\Wow6432Node\MozillaPlugins\@kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098" => key removed successfully
    "HKLM\Software\Wow6432Node\MozillaPlugins\@kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E" => key removed successfully
    "HKLM\Software\Wow6432Node\MozillaPlugins\@omaha.maxiget.com/Maxiget Updater;version=3" => key removed successfully
    "HKLM\Software\Wow6432Node\MozillaPlugins\@omaha.maxiget.com/Maxiget Updater;version=9" => key removed successfully
    HKLM\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho => key not found.
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho => key not found.
    53a1c4d9 => Service removed successfully
    AVP15.0.2 => Service not found.
    SBAMSvc => Service removed successfully
    SBPIMSvc => Service removed successfully
    Aadewb120 => Service removed successfully
    BioNTDrv => Service removed successfully
    esgiguard => Service removed successfully
    Hizok120 => Service removed successfully
    nvlddmkm => Service removed successfully
    VGPU => Service removed successfully
    C:\Users\Gamer\AppData\Roaming\07JSYnshqotnEVD50qMfusWMbKC => moved successfully.
    C:\Users\Gamer\AppData\Roaming\Camdata.ini => moved successfully.
    C:\Users\Gamer\AppData\Roaming\CamLayout.ini => moved successfully.
    C:\Users\Gamer\AppData\Roaming\CamShapes.ini => moved successfully.
    C:\Users\Gamer\AppData\Roaming\CamStudio.cfg => moved successfully.
    C:\Users\Gamer\AppData\Roaming\GAMER-PC.MTBF.txt => moved successfully.
    C:\Users\Gamer\AppData\Roaming\LiveSupport.exe_log.txt => moved successfully.
    C:\Users\Gamer\AppData\Roaming\regsvr32.exe_log.txt => moved successfully.
    C:\Users\Gamer\AppData\Roaming\uPZFL8T7j8fNaGrJwzJK => moved successfully.
    C:\Users\Gamer\AppData\Roaming\version2.xml => moved successfully.
    C:\Users\Gamer\AppData\Local\1754111884ee9ab5277ca00.95260103 => moved successfully.
    C:\Users\Gamer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully.
    C:\Users\Gamer\AppData\Local\file__0.localstorage => moved successfully.
    C:\Users\Gamer\AppData\Local\fusioncache.dat => moved successfully.
    C:\Users\Gamer\AppData\Local\LumaEmu => moved successfully.
    C:\ProgramData\1434570965.bdinstall.bin => moved successfully.
    C:\ProgramData\DP45977C.lfl => moved successfully.
    "C:\Users\Gamer\AppData\Local\Temp\oo2.exe" => File/Folder not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11B3F7D5-47C3-4A6E-AD87-DA2E8BA4699F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11B3F7D5-47C3-4A6E-AD87-DA2E8BA4699F}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6 => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-6" => key removed successfully
    "C:\Program Files (x86)\Cinem Plus 2.4cV15.06\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.exe" => File/Folder not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27DE6DB9-92A8-4BEB-9A6F-CDC0E7E22010}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27DE6DB9-92A8-4BEB-9A6F-CDC0E7E22010}" => key removed successfully
    C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32] => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task[3c32]" => key removed successfully
    c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3DB882EF-31B2-44C4-B909-28DF1BA26A6D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DB882EF-31B2-44C4-B909-28DF1BA26A6D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\uPZFL8T7j8fNaGrJwzJK" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46CC8026-6CB7-4AA7-857A-87A0316537DA}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46CC8026-6CB7-4AA7-857A-87A0316537DA}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASP" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50606814-3BF4-496C-B28A-33EC50F6621A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50606814-3BF4-496C-B28A-33EC50F6621A}" => key removed successfully
    C:\Windows\System32\Tasks\LaunchPreSignup => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup" => key removed successfully
    "C:\Program Files (x86)\OLBPre\OLBPre.exe" => File/Folder not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74FDE990-CE60-4D42-9D01-2BBAF96DF685}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74FDE990-CE60-4D42-9D01-2BBAF96DF685}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3 => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-3" => key removed successfully
    "C:\Program Files (x86)\Cinem Plus 2.4cV15.06" => File/Folder not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{800910F2-D02A-45A1-8BE0-39D09672802E}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{800910F2-D02A-45A1-8BE0-39D09672802E}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11 => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-11" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{80966CF3-4FF3-40EF-B45C-01100627D216}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80966CF3-4FF3-40EF-B45C-01100627D216}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\07JSYnshqotnEVD50qMfusWMbKC" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{87D631B8-E3E6-487D-B031-25BCFFB05791}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87D631B8-E3E6-487D-B031-25BCFFB05791}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6 => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96A5CDDC-3A5E-4020-86F5-3740888221F1}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96A5CDDC-3A5E-4020-86F5-3740888221F1}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2D849A9-3974-4769-8376-E3D146D89C66}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2D849A9-3974-4769-8376-E3D146D89C66}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4 => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-4" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A48A8185-1E0F-4C37-9442-D90F52CE24EB}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48A8185-1E0F-4C37-9442-D90F52CE24EB}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7 => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-7" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA71495E-F454-4D14-9F34-6297A6AC793F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA71495E-F454-4D14-9F34-6297A6AC793F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Chromium" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FAE1C802-BA4A-402B-B115-A685A24C73A6}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAE1C802-BA4A-402B-B115-A685A24C73A6}" => key removed successfully
    C:\Windows\System32\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5 => moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d9869a32-0477-4c05-8eca-e11aa2f9af18-5" => key removed successfully
    Could not move "C:\Windows\Tasks\07JSYnshqotnEVD50qMfusWMbKC.job" => Scheduled to move on reboot.
    "C:\Users\Gamer\AppData\Roaming\07JSYnshqotnEVD50qMfusWMbKC.exe" => File/Folder not found.
    Could not move "C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job" => Scheduled to move on reboot.
    "c:\programdata\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}\hqghumeaylnlf.exe" => File/Folder not found.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-10_user.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.job" => Scheduled to move on reboot.
    Could not move "C:\Windows\Tasks\uPZFL8T7j8fNaGrJwzJK.job" => Scheduled to move on reboot.
    "C:\Users\Gamer\AppData\Roaming\uPZFL8T7j8fNaGrJwzJK.exe" => File/Folder not found.
    C:\Users\Gamer\Downloads\flashplayer18_ga_install.exe => ":BDU" ADS removed successfully.
    C:\Users\Gamer\Documents\Production 1.dmsm => ":Roxio EMC Stream" ADS removed successfully.

    Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-20 19:52:26)<=

    C:\Windows\Tasks\07JSYnshqotnEVD50qMfusWMbKC.job => Is moved successfully
    C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-6.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-10_user.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-11.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-3.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-4.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-5_user.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-6.job => Is moved successfully
    C:\Windows\Tasks\d9869a32-0477-4c05-8eca-e11aa2f9af18-7.job => Is moved successfully
    C:\Windows\Tasks\uPZFL8T7j8fNaGrJwzJK.job => Is moved successfully

    ==== End of Fixlog 19:52:27 ====
     
    Last edited: 2015/06/20
    marcusdk,
    #7
  9. 2015/06/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    No more keyboard problems?

    There was/is a lot of infection so we have to run couple more tools to make sure your computer is totally clean.

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.

    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
      • Launch Malwarebytes Anti-Malware
      • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.


    If you already have MBAM 2.0 installed:

    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    How to get logs:
    (Export log to save as txt)

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported ".
    • Click Ok
    • Attach that saved log to your next reply.


    (Copy to clipboard for pasting into forum replies or tickets)

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator ".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
    broni,
    #8
  10. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    yes there are no more problems with my keyboard, but i'm still gonna clean it if there is still some stuff left.
     
    marcusdk,
    #9
  11. 2015/06/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    [​IMG].....
     
    broni,
    #10
  12. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    RogueKiller V10.8.4.0 [Jun 15 2015] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Gamer [Administrator]
    Started from : C:\Users\Gamer\Desktop\RogueKiller.exe
    Mode : Delete -- Date : 06/20/2015 20:20:27

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 10 ¤¤¤
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> Not selected
    [Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tsusbhub (system32\drivers\tsusbhub.sys) -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 193.162.153.164 194.239.134.83 [DENMARK (DK)][DENMARK (DK)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 193.162.153.164 194.239.134.83 [DENMARK (DK)][DENMARK (DK)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 193.162.153.164 194.239.134.83 [DENMARK (DK)][DENMARK (DK)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BDE27AAB-6924-4E20-A90A-04BB3A7B13D2} | DhcpNameServer : 193.162.153.164 194.239.134.83 [DENMARK (DK)][DENMARK (DK)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BDE27AAB-6924-4E20-A90A-04BB3A7B13D2} | DhcpNameServer : 193.162.153.164 194.239.134.83 [DENMARK (DK)][DENMARK (DK)] -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BDE27AAB-6924-4E20-A90A-04BB3A7B13D2} | DhcpNameServer : 193.162.153.164 194.239.134.83 [DENMARK (DK)][DENMARK (DK)] -> Not selected
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 6 ¤¤¤
    [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activation.cloud.techsmith.com127.0.0.1 thislineskipsanyemptylines
    [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 mirillis.com
    [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 www.mirillis.com
    [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 serwer2.paka-service.com
    [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 ns386119.ovh.net
    [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 mirillis.pl

    ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 ATA Device +++++
    --- User ---
    [MBR] be50905c23e5020acc11dff658cf02e9
    [BSP] b001a7f1ea66da1f67f92f6c633abafc : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 208896 | Size: 953766 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK


    ============================================
    RKreport_SCN_06202015_202007.log

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 20-06-2015
    Scan Time: 20:26:07
    Logfile: scan malware.txt
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.06.20.03
    Rootkit Database: v2015.06.15.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Gamer

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 556759
    Time Elapsed: 17 min, 51 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.Wajam.A, C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage, Quarantined, [d3205666eb9f181ec99bcb66a361e41c],
    PUP.Optional.Wajam.A, C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage-journal, Quarantined, [1dd635872862ce681450a58cfe0644bc],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    # AdwCleaner v4.206 - Logfile created 20/06/2015 at 20:57:16
    # Updated 01/06/2015 by Xplode
    # Database : 2015-06-17.1 [Server]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x64)
    # Username : Gamer - GAMER-PC
    # Running from : C:\Users\Gamer\Downloads\adwcleaner_4.206.exe
    # Option : Cleaning

    ***** [ Services ] *****

    [#] Service Deleted : mcaudrv_simple
    [#] Service Deleted : ManyCam

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\rei
    Folder Deleted : C:\ProgramData\MyStart Anti-phishing Domain Advisor
    Folder Deleted : C:\ProgramData\simplitec
    Folder Deleted : C:\ProgramData\Trusted Publisher
    Folder Deleted : C:\ProgramData\Uniblue
    Folder Deleted : C:\ProgramData\PC Drivers HeadQuarters
    Folder Deleted : C:\ProgramData\{2ac52caf-a48b-3acb-2ac5-52cafa48b2be}
    Folder Deleted : C:\ProgramData\{7e560bd2-f17b-14e0-7e56-60bd2f172f4b}
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
    Folder Deleted : C:\Program Files (x86)\eSupport.com
    Folder Deleted : C:\Program Files (x86)\Uniblue
    Folder Deleted : C:\Program Files (x86)\zona
    Folder Deleted : C:\Program Files (x86)\adblocker
    Folder Deleted : C:\Program Files (x86)\SalEPlluus
    Folder Deleted : C:\Windows\Uninstaller
    Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Administrator\AppData\Local\torch
    Folder Deleted : C:\Users\ASPNET\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\ASPNET\AppData\Local\torch
    Folder Deleted : C:\Users\Gamer\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Gamer\AppData\Local\eSupport.com
    Folder Deleted : C:\Users\Gamer\AppData\Local\PackageAware
    Folder Deleted : C:\Users\Gamer\AppData\Local\torch
    Folder Deleted : C:\Users\Gamer\AppData\Local\Maxiget
    Folder Deleted : C:\Users\Gamer\AppData\Local\1E0063E0-1434397058-3F00-2DC1-BCAEC574BA7C
    Folder Deleted : C:\Users\Gamer\AppData\Roaming\DriverCure
    Folder Deleted : C:\Users\Gamer\AppData\Roaming\ParetoLogic
    Folder Deleted : C:\Users\Gamer\AppData\Roaming\SendSpace
    Folder Deleted : C:\Users\Gamer\AppData\Roaming\Solvusoft
    Folder Deleted : C:\Users\Gamer\AppData\Roaming\Uniblue
    Folder Deleted : C:\Users\Gamer\AppData\Roaming\zona
    Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Guest\AppData\Local\torch
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
    Folder Deleted : C:\Users\Marcus\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Marcus\AppData\Local\torch
    File Deleted : C:\Windows\Reimage.ini
    File Deleted : C:\Windows\System32\roboot64.exe
    File Deleted : C:\Windows\System32\drivers\mcaudrv_x64.sys
    File Deleted : C:\Windows\System32\drivers\BdSandBox.sys
    File Deleted : C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\user.js
    File Deleted : C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\searchplugins\search-provided-by-yahoo.xml
    File Deleted : C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_christatus.conduitapps.com_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_hi.ru_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.gamecrawler.co.uk_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_christatus.conduitapps.com_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_hi.ru_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.gamecrawler.co.uk_0.localstorage
    File Deleted : C:\Users\Gamer\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage

    ***** [ Scheduled tasks ] *****

    Task Deleted : d9869a32-0477-4c05-8eca-e11aa2f9af18-1-7
    Task Deleted : d9869a32-0477-4c05-8eca-e11aa2f9af18-10_user

    ***** [ Shortcuts ] *****

    Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
    Shortcut Disinfected : C:\Users\Public\Desktop\Opera.lnk

    ***** [ Registry ] *****

    Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service
    Key Deleted : HKLM\SOFTWARE\2c84123b-1cb4-490a-f17b-42a54f830c5a
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\eSupport.com
    Key Deleted : HKCU\Software\InstalledBrowserExtensions
    Key Deleted : HKCU\Software\Optimizer Pro
    Key Deleted : HKCU\Software\ParetoLogic
    Key Deleted : HKCU\Software\RegisteredApplicationsEx
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\DriverSupport
    Key Deleted : HKCU\Software\MaxiGet
    Key Deleted : HKCU\Software\zona
    Key Deleted : HKCU\Software\System Optimizer
    Key Deleted : HKCU\Software\YorkNewCin
    Key Deleted : HKCU\Software\HighDefAction
    Key Deleted : HKCU\Software\ArenaHD
    Key Deleted : HKCU\Software\PRODUCTSETUP
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKCU\Software\AppDataLow\Software\mystart_ad
    Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\Email Notifier
    Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
    Key Deleted : HKLM\SOFTWARE\ParetoLogic
    Key Deleted : HKLM\SOFTWARE\SearchProtect
    Key Deleted : HKLM\SOFTWARE\simplitec
    Key Deleted : HKLM\SOFTWARE\systweak
    Key Deleted : HKLM\SOFTWARE\Uniblue
    Key Deleted : HKLM\SOFTWARE\MaxiGet
    Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
    Key Deleted : HKLM\SOFTWARE\zona
    Key Deleted : HKLM\SOFTWARE\SpeedBit
    Key Deleted : HKLM\SOFTWARE\AIM Toolbar
    Key Deleted : HKLM\SOFTWARE\YorkNewCin
    Key Deleted : HKLM\SOFTWARE\HighDefAction
    Key Deleted : HKLM\SOFTWARE\ArenaHD
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyStart Anti-phishing Domain Advisor
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zona
    Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
    Key Deleted : [x64] HKLM\SOFTWARE\Reimage
    Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
    Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
    Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17840


    -\\ Mozilla Firefox v38.0.5 (x86 da)

    [jz9ypvpn.default\prefs.js] - Line Deleted : user_pref( "extensions.84vws34HZwA9uo6L.scode ", "(function(){try{if(window.location.href.indexOf(\ "rja6pdU6qjUFpds5rdw7rHrHrTw\ ")>-1){return;}}catch(e){}try{var d=[[\ "cryptogmail.com\ ",\ "bancdebinary.c[...]
    [jz9ypvpn.default\prefs.js] - Line Deleted : user_pref( "extensions.SIhlkqvZp1sF6Bis.scode ", "(function(){try{if(window.location.href.indexOf(\ "rja6pdU6qjUFpds5rdw7rHrHrTw\ ")>-1){return;}}catch(e){}try{var d=[[\ "cryptogmail.com\ ",\ "bancdebinary.c[...]
    [jz9ypvpn.default\prefs.js] - Line Deleted : user_pref( "extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundledUrls.value ", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%[...]
    [jz9ypvpn.default\prefs.js] - Line Deleted : user_pref( "extensions.affddf830f24b489e9e90a42d11893b1cgmailcom67019.67019.internaldb.monetization_plugin_bundledUrls.value ", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
    [jz9ypvpn.default\prefs.js] - Line Deleted : user_pref( "extensions.crossrider.bic ", "14df84fb469a4906cbbcb14ce4b90e15 ");

    -\\ Google Chrome v43.0.2357.124

    [C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] :
    [C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : B637574F7E421C2668EDFEFF5F9A841E2174ED1FAD3C8EE6518676DDB9C625C6 "}, "software_reporter ":{ "prompt_reason ": "CFA8E0C06EE104FBB75FE50CD0550383B2D3EBF43B7EFAF183802FC6D4B5F319 ", "prompt_seed ": "52FBC372C62CFFDBF77D7E15CA1D2ECD16CC1D537658FD73F7C5BDF5EDC593CD ", "prompt_version ": "DF3B67AB62E9A34D8B1DD59684BF88CB95427C261FE17D2FF4555DF7681EBFAB "}, "sync ":{ "remaining_rollback_tries ": "BF7D3DF20574C47154ECCE2F24D74EFD7F40734D6E422D4D07C6C20779AC7FAB "}}, "super_mac ": "46BB86D010AAB203E8F7BFCC9BE9FAE2ADDA0A3D8189809F573093A9DE1B8D00 "}, "safebrowsing ":{ "incidents_sent ":{ "1 ":{ "extensions.settings ": "1898891068 "}, "6 ":{ "script_request_incident ": "42 "}}}, "session ":{ "restore_on_startup ":4, "startup_urls ":[ "hxxp://dk.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_pwrisofs_15_25&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Ddk%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0A0E0CyDyByE0B0AyB0CyC0A0E0AtN0D0Tzu0StCtByCtCtN1L2XzutAtFtCtDtFtCtDtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyBzztAtB0C0ByCyBtGtD0EtD0AtG0DtA0B0EtGyC0EtAtDtGyC0C0EyCtA0EyDtCtA0CzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0C0EyCtB0AzztBtG0BtCyDtAtGyEyByD0EtG0B0C0D0AtGyD0AyB0F0EtByB0E0B0F0F0F2QtN0A0LzutBtN1B2Z1V1T1S1NzuyBzyzy%26cr%3D2043191446%26a%3Dwncy_pwrisofs_15_25%26os%3DWindows 7 Ultimate
    [C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1429113741&from=wpc&uid=WDCXWD10EZEX-60ZF5A0_WD-WCC1S642975729757&q={searchTerms}
    [C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=1429113741&from=wpc&uid=WDCXWD10EZEX-60ZF5A0_WD-WCC1S642975729757

    -\\ Chromium v45.0.2420.0


    -\\ Comodo Dragon v


    -\\ Opera v30.0.1835.59


    -\\ Chrome Canary v


    *************************

    AdwCleaner[R0].txt - [17628 bytes] - [20/06/2015 20:48:35]
    AdwCleaner[S0].txt - [12158 bytes] - [20/06/2015 20:57:16]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12218 bytes] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 7.0.3 (06.19.2015:1)
    OS: Windows 7 Ultimate x64
    Ran by Gamer on 20-06-2015 at 21:17:01,48
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully stopped: [Service] bdsandbox
    Successfully deleted: [Service] bdsandbox



    ~~~ Tasks

    Successfully deleted: [Task] C:\Windows\system32\tasks\Uninstaller_SkipUac_Gamer



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util trolatunt



    ~~~ Files

    Successfully deleted: [File] C:\Users\Gamer\appdata\local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage
    Successfully deleted: [File] C:\Users\Gamer\appdata\local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
    Successfully deleted: [File] C:\Users\Gamer\appdata\local\google\chrome\user data\default\local storage\hxxp_www.allthelyrics.com_0.localstorage
    Successfully deleted: [File] C:\Users\Gamer\appdata\local\google\chrome\user data\default\local storage\hxxp_www.savemygame.fr_0.localstorage
    Successfully deleted: [File] C:\Users\Gamer\appdata\local\google\chrome\user data\default\local storage\hxxps_static.olark.com_0.localstorage



    ~~~ Folders

    Failed to delete: [Folder] C:\Windows\syswow64\number of results
    Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\optimizer pro v3.2
    Successfully deleted: [Folder] C:\ProgramData\productdata
    Successfully deleted: [Folder] C:\Users\Gamer\appdata\local\crashrpt
    Successfully deleted: [Folder] C:\Users\Gamer\documents\optimizer pro



    ~~~ Chrome


    [C:\Users\Gamer\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\Gamer\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\Gamer\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\Gamer\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    [
    dghncoeocefmhkhiphdgikkamjeglbfh
    ]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 20-06-2015 at 21:19:21,84
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
    marcusdk,
    #11
  13. 2015/06/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results ". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
    broni,
    #12
  14. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    ComboFix 15-06-18.01 - Gamer 20-06-2015 21:49:17.1.8 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.45.1033.18.8169.5964 [GMT 2:00]
    Kører fra: c:\users\Gamer\Desktop\ComboFix.exe
    AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
    FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
    SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\0.bak
    c:\program files (x86)\42121896-6ed0-459b-8568-e8f38f5494c2\009ecdd5-66c6-4a1f-88c0-5ba606d4a495.dll
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\background.html
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\content.js
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\lsdb.js
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\manifest.json
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\tYronJRjM.js
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\background.html
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\content.js
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\lsdb.js
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\manifest.json
    c:\users\Gamer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\X93.js
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\background.html
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\content.js
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\lsdb.js
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\manifest.json
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\tYronJRjM.js
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\background.html
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\content.js
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\lsdb.js
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\manifest.json
    c:\users\Gamer\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\X93.js
    c:\users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_leaoeoapppefhlagnafcmefjgmlbbgmc_0.localstorage
    c:\users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pnnfemgpilpdaojpnkjdgfgbnnjojfik_0.localstorage
    c:\users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Preferences
    c:\users\Gamer\AppData\Roaming\Local
    c:\users\Gamer\AppData\Roaming\Local\Skyrim\DLCList.txt
    c:\users\Gamer\AppData\Roaming\Local\Skyrim\plugins.txt
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\background.html
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\content.js
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\lsdb.js
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\manifest.json
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\tYronJRjM.js
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\background.html
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\content.js
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\lsdb.js
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\manifest.json
    c:\users\Marcus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\X93.js
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\background.html
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\content.js
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\lsdb.js
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\manifest.json
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abcehcackoplhongigmjnbpfdgebnahm\3.9\tYronJRjM.js
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\background.html
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\content.js
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\lsdb.js
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\manifest.json
    c:\users\Marcus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik\151\X93.js
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ggkmbngphgkcjlhmihplkkkfcelbjgmb
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ggkmbngphgkcjlhmihplkkkfcelbjgmb\CURRENT
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ggkmbngphgkcjlhmihplkkkfcelbjgmb\LOCK
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ggkmbngphgkcjlhmihplkkkfcelbjgmb\LOG
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ggkmbngphgkcjlhmihplkkkfcelbjgmb\MANIFEST-000001
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hlngmmdolgbdnnimbmblfhhndibdipaf
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hlngmmdolgbdnnimbmblfhhndibdipaf\CURRENT
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hlngmmdolgbdnnimbmblfhhndibdipaf\LOCK
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hlngmmdolgbdnnimbmblfhhndibdipaf\LOG
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hlngmmdolgbdnnimbmblfhhndibdipaf\MANIFEST-000001
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ggkmbngphgkcjlhmihplkkkfcelbjgmb_0.localstorage-journal
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ggkmbngphgkcjlhmihplkkkfcelbjgmb_0.localstorage
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hlngmmdolgbdnnimbmblfhhndibdipaf_0.localstorage-journal
    c:\users\test\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hlngmmdolgbdnnimbmblfhhndibdipaf_0.localstorage
    c:\windows\msdownld.tmp
    c:\windows\SysWow64\networkdlllsp.dll
    .
    .
    ((((((((((((((((((((((((((((( Filer skabt fra 2015-05-20 til 2015-06-20 )))))))))))))))))))))))))))))))))))
    .
    .
    2015-06-20 20:03 . 2015-06-20 20:03 -------- d-----w- c:\users\test\AppData\Local\temp
    2015-06-20 19:31 . 2015-06-20 19:31 82824 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
    2015-06-20 19:26 . 2015-06-20 19:26 -------- d-----w- c:\users\Gamer\AppData\Local\ESN
    2015-06-20 19:17 . 2015-06-20 19:17 -------- d-----w- C:\RegBackup
    2015-06-20 18:48 . 2015-06-20 18:58 -------- d-----w- C:\AdwCleaner
    2015-06-20 18:15 . 2015-06-20 19:03 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
    2015-06-20 18:15 . 2015-06-20 18:29 -------- d-----w- c:\programdata\RogueKiller
    2015-06-20 17:41 . 2015-06-20 17:41 -------- d-----w- c:\programdata\GridinSoft
    2015-06-19 22:58 . 2015-06-20 17:52 -------- d-----w- C:\FRST
    2015-06-19 11:49 . 2015-06-20 17:09 -------- d-----w- c:\program files (x86)\RemoveWAT
    2015-06-18 20:23 . 2015-06-18 20:23 -------- d-----w- C:\symbols
    2015-06-18 17:56 . 2015-06-18 20:36 -------- d-----w- c:\program files\Debugging Tools for Windows (x64)
    2015-06-18 17:54 . 2015-06-18 17:54 -------- d-----w- c:\program files\Microsoft SDKs
    2015-06-17 22:39 . 2015-06-17 22:49 -------- d-----w- c:\users\Gamer\AppData\Roaming\The Path
    2015-06-17 20:30 . 2015-06-17 20:30 160544 ----a-w- c:\windows\system32\drivers\gzflt.sys
    2015-06-17 20:30 . 2015-06-17 20:30 262544 ----a-w- c:\windows\system32\drivers\avchv.sys
    2015-06-17 20:29 . 2015-06-17 20:29 84848 ----a-w- c:\windows\system32\bdsandboxuiskin.dll
    2015-06-17 19:58 . 2013-11-13 13:41 93600 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
    2015-06-17 19:58 . 2012-04-17 12:34 76944 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
    2015-06-17 19:58 . 2015-06-17 20:29 677104 ----a-w- c:\windows\system32\drivers\avckf.sys
    2015-06-17 19:58 . 2015-06-17 20:29 1306464 ----a-w- c:\windows\system32\drivers\avc3.sys
    2015-06-17 19:58 . 2015-06-17 20:04 -------- d-----w- c:\users\Gamer\AppData\Roaming\Bitdefender
    2015-06-17 19:58 . 2013-08-13 11:38 3271472 ---ha-w- C:\bdr-bz01
    2015-06-17 19:56 . 2014-10-15 15:14 452040 ----a-w- c:\windows\system32\drivers\trufos.sys
    2015-06-17 17:22 . 2015-06-17 17:22 -------- d-----w- c:\programdata\Synaptics
    2015-06-17 17:19 . 2015-06-17 17:19 -------- d-----w- c:\program files\Speccy
    2015-06-17 15:59 . 2015-06-17 15:59 -------- d-----w- c:\windows\SysWow64\RTCOM
    2015-06-17 15:57 . 2015-03-08 10:22 3182104 ----a-w- c:\windows\system32\FMAPO64.dll
    2015-06-17 15:46 . 2015-06-17 15:46 -------- d-----w- c:\programdata\Logs
    2015-06-17 15:21 . 2015-06-17 15:21 -------- d-----w- c:\users\Gamer\AppData\Roaming\KSafe
    2015-06-17 15:21 . 2015-06-17 15:21 -------- d-----w- c:\programdata\KSafe
    2015-06-17 15:20 . 2015-06-17 15:23 -------- d-----w- c:\program files (x86)\DllTool
    2015-06-16 23:51 . 2015-06-16 23:51 219248 ----a-w- c:\windows\SysWow64\vm3dum.dll
    2015-06-16 23:50 . 2015-06-16 23:51 3223152 ----a-w- c:\windows\SysWow64\vm3dgl.dll
    2015-06-16 23:48 . 2015-06-17 14:51 63088 ----a-w- c:\windows\SysWow64\vsocklib.dll
    2015-06-16 23:48 . 2015-06-17 14:51 50800 ----a-w- c:\windows\SysWow64\vmhgfs.dll
    2015-06-16 23:48 . 2015-06-17 14:51 34416 ----a-w- c:\windows\SysWow64\vmGuestLibJava.dll
    2015-06-16 23:48 . 2015-06-17 14:51 53360 ----a-w- c:\windows\SysWow64\vmGuestLib.dll
    2015-06-16 23:48 . 2015-06-17 14:50 18432 ----a-w- c:\windows\SysWow64\corpol.dll
    2015-06-16 23:47 . 2015-06-17 14:50 73216 ----a-w- c:\windows\SysWow64\admparse.dll
    2015-06-16 23:47 . 2015-06-17 14:50 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
    2015-06-16 23:36 . 2015-06-16 23:36 -------- d-----w- c:\programdata\Weskysoft
    2015-06-16 23:33 . 2015-06-17 10:39 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
    2015-06-16 23:24 . 2015-06-17 15:24 -------- d-----w- c:\program files (x86)\DLLSuite
    2015-06-16 18:57 . 2015-06-16 18:57 -------- d-----w- c:\users\test\AppData\Roaming\ProductData
    2015-06-16 18:56 . 2015-06-16 18:57 -------- d-----w- c:\users\test\AppData\Roaming\IObit
    2015-06-16 18:30 . 2015-06-16 18:30 -------- d-----w- c:\windows\SysWow64\%LOCALAPPDATA%
    2015-06-16 18:18 . 2008-02-29 09:15 1920016 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
    2015-06-16 18:18 . 2008-02-29 09:14 54800 ----a-w- c:\windows\system32\drivers\SET955B.tmp
    2015-06-16 18:18 . 2008-02-29 09:14 54800 ----a-w- c:\windows\system32\drivers\LHidFilt.Sys
    2015-06-16 18:12 . 2015-06-17 17:22 -------- d-----w- C:\drivertemp
    2015-06-16 13:02 . 2014-10-16 08:27 27424 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
    2015-06-16 10:30 . 2015-06-16 10:30 108896 ----a-w- c:\windows\system32\drivers\WRkrn.sys
    2015-06-16 10:30 . 2015-06-16 10:30 -------- d-----w- c:\programdata\WRData
    2015-06-16 08:38 . 2015-06-16 09:33 -------- d-----w- c:\program files (x86)\b7309916-17af-47b1-b9c9-3299948276a3
    2015-06-15 21:51 . 2015-06-15 21:51 -------- d-----w- c:\program files (x86)\Running With Scissors
    2015-06-15 18:48 . 2015-06-15 18:48 -------- d-----w- c:\windows\SysWow64\Flash
    2015-06-15 17:51 . 2015-06-17 15:18 -------- d-----w- c:\programdata\1a8aa4000029ea
    2015-06-15 17:36 . 2015-06-20 20:02 -------- d-----w- c:\program files (x86)\42121896-6ed0-459b-8568-e8f38f5494c2
    2015-06-15 17:34 . 2015-06-16 11:39 -------- d-----w- c:\users\Gamer\AppData\Roaming\1E0063E0-1434389671-3F00-2DC1-BCAEC574BA7C
    2015-06-15 17:29 . 2015-06-15 17:29 -------- d-----w- c:\users\Gamer\AppData\Local\Chromium
    2015-06-14 09:56 . 2015-06-14 09:56 -------- d-----w- c:\programdata\regid.1995-08.com.techsmith
    2015-06-14 09:56 . 2015-06-14 09:56 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared
    2015-06-14 09:55 . 2015-06-14 09:55 -------- d-----w- c:\program files (x86)\TechSmith
    2015-06-12 14:53 . 2015-06-12 14:53 17568 ----a-w- c:\windows\system32\drivers\gtkdrv.sys
    2015-06-12 12:57 . 2015-06-12 12:57 -------- d-----w- c:\program files (x86)\SEGA
    2015-06-12 08:35 . 2015-06-12 08:35 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEB229CB-DCDE-4541-8F33-73D1E2FF4C0E}\offreg.1156.dll
    2015-06-11 06:01 . 2015-06-11 06:01 233472 ----a-w- c:\windows\SysWow64\SafeAppLM.ocx
    2015-06-10 08:41 . 2015-06-01 18:07 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
    2015-06-06 10:47 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEB229CB-DCDE-4541-8F33-73D1E2FF4C0E}\mpengine.dll
    2015-05-29 21:00 . 2015-06-11 17:35 -------- d-----w- c:\windows\hsperfdata_Gamer
    2015-05-29 12:39 . 2015-05-29 16:09 -------- d-----w- c:\users\Gamer\AppData\Roaming\ProductData
    2015-05-29 12:39 . 2015-05-29 12:39 -------- d-----w- c:\programdata\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
    2015-05-29 12:38 . 2015-05-29 12:38 -------- d-----w- c:\program files (x86)\Common Files\IObit
    2015-05-29 12:38 . 2015-05-29 12:39 -------- d-----w- c:\users\Gamer\AppData\Roaming\IObit
    2015-05-29 12:38 . 2015-06-20 16:28 -------- d-----w- c:\program files (x86)\IObit
    2015-05-29 12:38 . 2015-05-29 17:35 -------- d-----w- c:\programdata\IObit
    2015-05-23 13:49 . 2015-05-23 13:49 -------- d-----w- c:\programdata\EA Core
    2015-05-23 13:49 . 2015-06-17 15:19 -------- d-----w- c:\programdata\EA Logs
    2015-05-22 16:51 . 2015-05-22 22:59 -------- d-----w- C:\11498d677fb287d930e0
    2015-05-22 16:49 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
    2015-05-22 16:49 . 2015-01-29 03:19 1195008 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
    2015-05-22 16:49 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
    2015-05-22 16:48 . 2015-03-04 04:41 72192 ----a-w- c:\windows\system32\aelupsvc.dll
    2015-05-22 16:48 . 2015-03-04 04:41 342016 ----a-w- c:\windows\system32\apphelp.dll
    2015-05-22 16:48 . 2015-03-04 04:10 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
    2015-05-22 16:48 . 2015-03-04 04:41 23552 ----a-w- c:\windows\system32\sdbinst.exe
    2015-05-22 16:48 . 2015-03-04 04:41 6656 ----a-w- c:\windows\system32\shimeng.dll
    2015-05-22 16:48 . 2015-03-04 04:10 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
    2015-05-22 16:48 . 2015-03-04 04:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-06-20 20:03 . 2014-07-02 13:49 65536 ----a-w- c:\windows\system32\spu_storage.bin
    2015-06-20 19:29 . 2014-07-02 20:32 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2015-06-20 19:13 . 2015-05-02 16:29 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-06-17 20:29 . 2014-10-21 19:39 33360 ----a-w- c:\windows\system32\bdsandboxuh.dll
    2015-06-16 08:04 . 2015-02-27 19:35 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2015-06-16 08:04 . 2014-07-02 20:32 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2015-06-10 10:17 . 2014-04-16 02:33 140135120 ----a-w- c:\windows\system32\MRT.exe
    2015-06-10 10:01 . 2014-08-13 12:51 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2015-06-10 10:01 . 2014-08-13 12:51 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-06-08 02:59 . 2014-07-03 11:17 127760 ----a-w- c:\windows\system32\drivers\scdemu.sys
    2015-05-25 18:01 . 2015-06-10 08:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2015-05-23 14:54 . 2014-07-02 20:32 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
    2015-05-04 23:18 . 2015-05-04 23:18 3162112 ----a-w- c:\windows\SysWow64\UniSuitePlus_BDC0849A.ocx
    2015-05-03 17:37 . 2015-05-03 17:37 88480 ----a-w- c:\windows\system32\drivers\atksgt.sys
    2015-05-03 17:37 . 2015-05-03 17:37 46400 ----a-w- c:\windows\system32\drivers\lirsgt.sys
    2015-05-01 18:00 . 2014-10-21 19:38 74000 ----a-w- c:\windows\system32\bdsandboxuiskin32.dll
    2015-05-01 13:17 . 2015-05-15 11:48 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-01 13:16 . 2015-05-15 11:48 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2015-04-26 20:59 . 2014-10-21 16:50 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2015-04-20 03:17 . 2015-05-15 11:46 1647104 ----a-w- c:\windows\system32\DWrite.dll
    2015-04-20 03:17 . 2015-05-15 11:46 1179136 ----a-w- c:\windows\system32\FntCache.dll
    2015-04-20 02:56 . 2015-05-15 11:46 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
    2015-04-18 03:10 . 2015-05-15 11:46 460800 ----a-w- c:\windows\system32\certcli.dll
    2015-04-18 02:56 . 2015-05-15 11:46 342016 ----a-w- c:\windows\SysWow64\certcli.dll
    2015-04-15 18:26 . 2015-04-15 15:02 207872 ----a-w- c:\windows\PAExec.exe
    2015-04-14 07:37 . 2015-05-02 16:28 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
    2015-04-14 07:37 . 2015-05-02 16:28 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2015-04-14 07:37 . 2015-05-02 16:28 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
    2015-04-13 03:28 . 2015-05-15 11:46 328704 ----a-w- c:\windows\system32\services.exe
    2015-04-09 15:52 . 2015-04-09 15:52 13824 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
    2015-04-08 03:29 . 2015-05-15 11:46 275456 ----a-w- c:\windows\system32\InkEd.dll
    2015-04-08 03:29 . 2015-05-15 11:46 24576 ----a-w- c:\windows\system32\jnwmon.dll
    2015-04-08 03:14 . 2015-05-15 11:46 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
    2015-04-05 17:42 . 2015-04-05 17:42 15360 ----a-r- c:\users\Gamer\AppData\Roaming\Microsoft\Installer\{DD8408E9-9421-484F-979D-DB6361E3E828}\IconDD8408E910.exe
    2015-04-05 17:42 . 2015-04-05 17:42 11264 ----a-r- c:\users\Gamer\AppData\Roaming\Microsoft\Installer\{DD8408E9-9421-484F-979D-DB6361E3E828}\IconDD8408E96.exe
    2015-03-31 20:47 . 2015-03-31 20:47 102128 ----a-w- c:\windows\system32\amdave64.dll
    2015-03-31 20:47 . 2015-03-31 20:47 96448 ----a-w- c:\windows\SysWow64\amdave32.dll
    2015-03-31 20:47 . 2015-03-31 20:47 128384 ----a-w- c:\windows\system32\amdhcp64.dll
    2015-03-31 20:47 . 2015-03-31 20:47 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
    2015-03-31 20:47 . 2015-03-31 20:47 78432 ----a-w- c:\windows\system32\atimpc64.dll
    2015-03-31 20:47 . 2015-03-31 20:47 78432 ----a-w- c:\windows\system32\amdpcom64.dll
    2015-03-31 20:47 . 2015-03-31 20:47 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
    2015-03-31 20:47 . 2015-03-31 20:47 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
    2015-03-31 20:46 . 2015-03-31 20:46 144328 ----a-w- c:\windows\system32\atiuxp64.dll
    2015-03-31 20:46 . 2015-03-31 20:46 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
    2015-03-31 20:46 . 2015-03-31 20:46 118096 ----a-w- c:\windows\system32\atiu9p64.dll
    2015-03-31 20:46 . 2015-03-31 20:46 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
    2015-03-31 20:46 . 2015-03-31 20:46 1358192 ----a-w- c:\windows\system32\aticfx64.dll
    2015-03-31 20:46 . 2015-03-31 20:46 1134688 ----a-w- c:\windows\SysWow64\aticfx32.dll
    2015-03-31 20:46 . 2015-03-31 20:46 11083488 ----a-w- c:\windows\system32\atidxx64.dll
    2015-03-31 20:46 . 2015-03-31 20:46 9406624 ----a-w- c:\windows\SysWow64\atidxx32.dll
    2015-03-31 20:46 . 2015-03-31 20:46 7559840 ----a-w- c:\windows\SysWow64\atiumdva.dll
    2015-03-31 20:46 . 2015-03-31 20:46 7077264 ----a-w- c:\windows\SysWow64\atiumdag.dll
    2015-03-31 20:46 . 2015-03-31 20:46 8381280 ----a-w- c:\windows\system32\atiumd6a.dll
    2015-03-31 20:46 . 2015-03-31 20:46 8368872 ----a-w- c:\windows\system32\atiumd64.dll
    2015-03-31 20:43 . 2015-03-31 20:43 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
    2015-03-31 20:41 . 2015-03-31 20:41 19338752 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2015-03-31 20:33 . 2015-03-31 20:33 235008 ----a-w- c:\windows\system32\clinfo.exe
    2015-03-31 20:33 . 2015-03-31 20:33 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
    2015-03-31 20:33 . 2015-03-31 20:33 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
    2015-03-31 20:33 . 2015-03-31 20:33 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
    2015-03-31 20:33 . 2015-03-31 20:33 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
    2015-03-31 20:33 . 2015-03-31 20:33 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
    2015-03-31 20:33 . 2015-03-31 20:33 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
    2015-03-31 20:33 . 2015-03-31 20:33 86528 ----a-w- c:\windows\system32\OVDecode64.dll
    2015-03-31 20:33 . 2015-03-31 20:33 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
    2015-03-31 20:33 . 2015-03-31 20:33 47902208 ----a-w- c:\windows\system32\amdocl64.dll
    2015-03-31 20:32 . 2015-03-31 20:32 40990208 ----a-w- c:\windows\SysWow64\amdocl.dll
    2015-03-31 20:32 . 2015-03-31 20:32 65024 ----a-w- c:\windows\system32\OpenCL.dll
    2015-03-31 20:32 . 2015-03-31 20:32 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
    2015-03-31 20:30 . 2015-03-31 20:30 7915520 ----a-w- c:\windows\system32\amdhsasc64.dll
    2015-03-31 20:30 . 2015-03-31 20:30 6375936 ----a-w- c:\windows\SysWow64\amdhsasc.dll
    2015-03-31 20:26 . 2015-03-31 20:26 28354560 ----a-w- c:\windows\system32\atio6axx.dll
    2015-03-31 20:20 . 2015-03-31 20:20 23626752 ----a-w- c:\windows\SysWow64\atioglxx.dll
    2015-03-31 20:20 . 2015-03-31 20:20 127488 ----a-w- c:\windows\system32\mantle64.dll
    2015-03-31 20:20 . 2015-03-31 20:20 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
    2015-03-31 20:20 . 2015-03-31 20:20 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
    2015-03-31 20:20 . 2015-03-31 20:20 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
    2015-03-31 20:20 . 2015-03-31 20:20 5837824 ----a-w- c:\windows\system32\amdmantle64.dll
    2015-03-31 20:17 . 2015-03-31 20:17 367104 ----a-w- c:\windows\system32\atiapfxx.exe
    2015-03-31 20:17 . 2015-03-31 20:17 62464 ----a-w- c:\windows\system32\aticalrt64.dll
    2015-03-31 20:17 . 2015-03-31 20:17 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
    2015-03-31 20:17 . 2015-03-31 20:17 55808 ----a-w- c:\windows\system32\aticalcl64.dll
    2015-03-31 20:17 . 2015-03-31 20:17 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
    2015-03-31 20:17 . 2015-03-31 20:17 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
    2015-03-31 20:17 . 2015-03-31 20:17 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
    2015-03-31 20:16 . 2015-03-31 20:16 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
    2015-03-31 20:14 . 2015-03-31 20:14 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
    2015-03-31 20:14 . 2015-03-31 20:14 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
    2015-03-31 20:13 . 2015-03-31 20:13 442368 ----a-w- c:\windows\system32\atidemgy.dll
    2015-03-31 20:13 . 2015-03-31 20:13 31232 ----a-w- c:\windows\system32\atimuixx.dll
    2015-03-31 20:13 . 2015-03-31 20:13 776192 ----a-w- c:\windows\system32\atieclxx.exe
    2015-03-31 20:13 . 2015-03-31 20:13 246272 ----a-w- c:\windows\system32\atiesrxx.exe
    2015-03-31 20:13 . 2015-03-31 20:13 190976 ----a-w- c:\windows\system32\atitmm64.dll
    2015-03-31 20:10 . 2015-03-31 20:10 846848 ----a-w- c:\windows\system32\coinst_14.50.dll
    2015-03-31 20:10 . 2015-03-31 20:10 89088 ----a-w- c:\windows\system32\atisamu64.dll
    2015-03-31 20:10 . 2015-03-31 20:10 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
    2015-03-31 20:09 . 2015-03-31 20:09 1218560 ----a-w- c:\windows\system32\atiadlxx.dll
    2015-03-31 20:09 . 2015-03-31 20:09 905728 ----a-w- c:\windows\SysWow64\atiadlxy.dll
    2015-03-31 20:09 . 2015-03-31 20:09 75264 ----a-w- c:\windows\system32\atig6pxx.dll
    .
    .
    ((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Bemærk* tomme linier & lovlige standard linier vises ikke
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Bitdefender Wallet Agent "= "c:\program files\Bitdefender\Bitdefender 2015\bdwtxag.exe" [2015-06-17 790880]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin "= 0 (0x0)
    "ConsentPromptBehaviorUser "= 3 (0x3)
    "EnableLUA "= 0 (0x0)
    "EnableUIADesktopToggle "= 0 (0x0)
    "PromptOnSecureDesktop "= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs "=1 (0x1)
    "RequireSignedAppInit_DLLs "=0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @= "Service "
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
    R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
    R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
    R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\SYSNATIVE\drivers\bxdiaga.sys [x]
    R3 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [x]
    R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
    R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys;c:\windows\SYSNATIVE\drivers\Xeno7x64.sys [x]
    R3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys;c:\windows\SYSNATIVE\drivers\bxfcoe.sys [x]
    R3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\SYSNATIVE\drivers\bxois.sys [x]
    R3 clwvd6;CyberLink WebCam Virtual Driver 6.0 Service;c:\windows\system32\DRIVERS\clwvd6.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd6.sys [x]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
    R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
    R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
    R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
    R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
    R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
    R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
    R3 GalaxyClientService;GalaxyClientService;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
    R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
    R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
    R3 gfiutil;gfiutil;c:\windows\system32\drivers\gfiutil.sys;c:\windows\SYSNATIVE\drivers\gfiutil.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]
    R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]
    R3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
    R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    R3 RZSURROUNDVADService;Razer Surround Audio Service;c:\windows\system32\drivers\RzSurroundVAD.sys;c:\windows\SYSNATIVE\drivers\RzSurroundVAD.sys [x]
    R3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys;c:\windows\SYSNATIVE\DRIVERS\sbwtis.sys [x]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
    R3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\DRIVERS\gtkdrv.sys;c:\windows\SYSNATIVE\DRIVERS\gtkdrv.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 tsusbhub;tsusbhub;tsusbhub [x]
    R4 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x]
    S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
    S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
    S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
    S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
    S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
    S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
    S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x]
    S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
    S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
    S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
    S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
    S2 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe;c:\program files (x86)\GameTracker\GSInGameService.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
    S2 pdserv;Bitdefender 60-Second Virus Scanner Service;c:\program files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc;c:\program files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc [x]
    S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
    S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
    S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
    S2 RzSurroundVADStreamingService;RzSurroundVADStreamingService;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [x]
    S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
    S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
    S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
    S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
    S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2015-06-10 13:46 986440 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.124\Installer\chrmstp.exe
    .
    Indhold af mappen 'Planlagte Opgaver'
    .
    2015-06-20 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-13 10:01]
    .
    2015-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16 12:23]
    .
    2015-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16 12:23]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
    2015-05-29 12:38 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
    @= "{152C96EB-288E-4EDC-B7C6-D21F8250ADF3} "
    [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
    2014-07-04 15:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
    @= "{342DAA0B-D796-460D-8566-901E08A1CCAD} "
    [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
    2014-07-04 15:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
    @= "{57595DAE-1AE1-4D97-A49E-67CBB53B52DF} "
    [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
    2014-07-04 15:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
    @= "{33816773-98AE-4723-ADE0-EBE54C8B5A67} "
    [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
    2014-07-04 15:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs "=c:\windows\System32\d3dGearLoad64.dll
    .
    ------- Yderligere scanning -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = about:blank
    mStart Page = about:blank
    mLocal Page = c:\windows\SysWOW64\blank.htm
    mDefault_Page_URL = hxxp://www.google.com
    uSearchAssistant = hxxp://www.google.com
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
    FF - ProfilePath -
    .
    .
    ------- Fil Associationer -------
    .
    inifile= "%SystemRoot%\system32\NOTEPAD.EXE" %1
    txtfile= "%SystemRoot%\system32\NOTEPAD.EXE" %1
    .
    - - - - TOMME GENVEJE FJERNET - - - -
    .
    SafeBoot-Aadewb120.sys
    SafeBoot-Hizok120.sys
    SafeBoot-SBAMSvc
    SafeBoot-SBPIMSvc
    AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
    AddRemove-FAKEFACTORY CM2013beta 1 - c:\windows\Uninstaller\FAKEFACTORY CM2013\uninstall.exe
    AddRemove-Chromium - c:\users\Gamer\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE
    .
    .
    .
    --------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
    .
    [HKEY_USERS\S-1-5-21-373667173-139741353-2546641198-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "?? "=hex:6c,94,35,f7,77,78,ae,12,f7,d3,b1,a4,89,f0,e6,6a,da,a9,07,2f,45,8c,9d,
    31,d3,48,89,23,33,86,3e,8e,54,3b,29,c8,6f,e7,44,06,ee,ae,83,90,55,8a,8a,fe,\
    "?? "=hex:56,9e,fa,bf,93,9f,16,4f,75,7e,24,62,c6,33,4e,4c
    .
    [HKEY_USERS\S-1-5-21-373667173-139741353-2546641198-1001\Software\SecuROM\License information*]
    "datasecu "=hex:60,60,e8,a4,7d,01,28,70,2f,33,d3,8d,3c,bd,ab,24,69,4c,9a,00,54,
    8f,be,22,c8,e1,75,7a,ff,de,ce,fc,f7,b3,43,3b,f4,b9,7d,b8,fb,1a,db,ba,61,93,\
    "rkeysecu "=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @= "Shockwave Flash Object "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @= "c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx "
    "ThreadingModel "= "Apartment "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @= "0 "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @= "ShockwaveFlash.ShockwaveFlash.11 "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @= "c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1 "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @= "1.0 "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @= "ShockwaveFlash.ShockwaveFlash "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @= "Macromedia Flash Factory Object "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @= "c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx "
    "ThreadingModel "= "Apartment "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @= "FlashFactory.FlashFactory.1 "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @= "c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1 "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @= "1.0 "
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @= "FlashFactory.FlashFactory "
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Andre kørende processer ------------------------
    .
    c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
    c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
    .
    **************************************************************************
    .
    Gennemført tid: 2015-06-20 22:13:28 - maskinen blev genstartet
    ComboFix-quarantined-files.txt 2015-06-20 20:13
    .
    Pre-Kørsel: 8.076.668.928 byte ledig
    Post-Kørsel: 10.825.621.504 byte ledig
    .
    - - End Of File - - 62F64D605CF5CF56947331CE56664890
    A36C5E4F47E84449FF07ED3517B43A31
     
    marcusdk,
    #13
  15. 2015/06/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
    broni,
    #14
  16. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    LastRegBack: 2015-06-14 16:52

    ==================== End of log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
    Ran by Gamer at 2015-06-20 22:37:49
    Running from C:\Users\Gamer\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-373667173-139741353-2546641198-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-373667173-139741353-2546641198-1005 - Limited - Enabled)
    Gamer (S-1-5-21-373667173-139741353-2546641198-1001 - Administrator - Enabled) => C:\Users\Gamer
    Guest (S-1-5-21-373667173-139741353-2546641198-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-373667173-139741353-2546641198-1002 - Limited - Enabled)
    Marcus (S-1-5-21-373667173-139741353-2546641198-1003 - Administrator - Enabled) => C:\Users\Marcus
    test (S-1-5-21-373667173-139741353-2546641198-1007 - Administrator - Enabled) => C:\Users\test

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
    AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
    1Heart (HKLM-x32\...\Steam App 270190) (Version: - Chicken in The Corn)
    ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
    Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.20.2 - Mirillis)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Afraid of Monsters: Director's Cut v1.0 (HKLM-x32\...\Afraid of Monsters: Director's Cut) (Version: v1.0 - Andreas Rönnberg)
    Alien Isolation (HKLM-x32\...\Alien Isolation_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
    Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
    AMD Catalyst Install Manager (HKLM\...\{F37C2975-92EA-59CA-59E6-50E56F0E76DD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple-programunderstøttelse (32 bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple-programunderstøttelse (64 bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    ArtMoney PRO v7.32 (HKLM-x32\...\ArtMoney PRO_is1) (Version: 7.32 - System SoftLab)
    ArtMoney SE v7.43.1 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab)
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.4.1.540 - Online Media Technologies Ltd.)
    Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
    Battlefield 4â„¢ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
    Battlefield: Bad Companyâ„¢ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
    BattlePing (HKLM-x32\...\{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.5.5 - BattlePing)
    Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
    Betrayer (HKLM-x32\...\Steam App 243120) (Version: - Blackpowder Games)
    Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
    Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
    Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
    Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
    CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
    Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
    CorsixTH 0.40 (HKLM-x32\...\CorsixTH) (Version: 0.40 - CorsixTH Team)
    Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
    Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
    Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
    CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2326.0 - CyberLink Corp.)
    D3DGear (HKLM\...\D3DGear_is1) (Version: 4.9.1 - D3DGear Technologies)
    Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
    Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
    Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
    Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
    DawnOfWar (HKLM-x32\...\InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ)
    DawnOfWar (x32 Version: 1.00.00000 - THQ) Hidden
    Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
    Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
    Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
    Dragon Ageâ„¢: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
    Dropbox (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
    Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
    FAKEFACTORY Cinematic Mod 2013 (HKLM-x32\...\FAKEFACTORY CM2013beta 1) (Version: beta 1 - FAKEFACTORY)
    Far Cry 4 version 1.9.0 (HKLM-x32\...\{F425AE50-AEBE-46C8-887C-79F0D2106A79}_is1) (Version: 1.9.0 - REVOLUTiONiT)
    Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
    FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.2.0.2 - FlyVPN)
    Free GIF Viewer (HKLM-x32\...\{C178910D-907A-4FBD-9786-91AFDD85287D}) (Version: 1.0.0 - Media Freeware)
    GameStop App (HKLM-x32\...\GameStop App) (Version: 4.00 - GameStop)
    GameStop App (x32 Version: 4.00 - GameStop) Hidden
    GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg)
    GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
    GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
    Grey 1.1.0 Steam Pipe Fix (HKLM-x32\...\Grey) (Version: 1.1.0 Steam Pipe Fix - Deppresick Team)
    Guns'N'Zombies (HKLM-x32\...\Steam App 264300) (Version: - Krealit)
    H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
    Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve)
    Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
    Half-Life 2 (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Half-Life 2) (Version: - )
    Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve)
    Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
    Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
    Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve)
    Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version: - Valve)
    Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version: - Gearbox Software)
    Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version: - Gearbox Software)
    Half-Life: Source (HKLM-x32\...\Steam App 280) (Version: - Valve)
    HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
    inCloak VPN (HKLM-x32\...\{23493C78-637B-4A3F-BE08-CE9A2E6241A9}) (Version: 1.03 - Your Company Name)
    Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    K-Lite Mega Codec Pack 10.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.7.5 - )
    Kraven Manor (HKLM-x32\...\Steam App 296630) (Version: - Demon Wagon Studios)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
    liteCam HD (HKLM-x32\...\{73D0840C-FAE6-42F2-9F21-06322172CAAE}) (Version: 4.32.0000 - RSUPPORT)
    MAGIX Movie Edit Pro 2014 Premium (HKLM-x32\...\MX.{72510287-CB56-494C-A719-683B051F76EC}) (Version: 13.0.0.30 - MAGIX AG)
    MAGIX Movie Edit Pro 2014 Premium (Version: 13.0.0.30 - MAGIX AG) Hidden
    MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{056913A2-B256-4C31-8884-8AB78AF764F4}) (Version: 7.0.1.27 - MAGIX AG)
    MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX AG) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Max Payne (HKLM-x32\...\Steam App 12140) (Version: - Remedy Entertainment)
    Max Payne 2: The Fall of Max Payne (HKLM-x32\...\Steam App 12150) (Version: - Remedy Entertainment)
    Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
    Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
    Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
    Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
    Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
    Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
    Microsoft .NET Framework 4.5.2 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{64C12304-7010-43F3-A25B-BDC38DE41E46}) (Version: 4.0.4276.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
    Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
    MINERVA: Metastasis (HKLM-x32\...\Steam App 235780) (Version: - Adam Foster)
    Montague's Mount (HKLM-x32\...\Steam App 258950) (Version: - PolyPusher Studios)
    Mount & Blade (HKLM-x32\...\Mount & Blade) (Version: - GameStop)
    Mount & Blade: Warband (HKLM-x32\...\Mount & Blade: Warband) (Version: - GameStop)
    Mount & Blade: With Fire & Sword (HKLM-x32\...\Mount & Blade: With Fire & Sword) (Version: - GameStop)
    Mozilla Firefox 38.0.5 (x86 da) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 da)) (Version: 38.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    My Program version 1.5 (HKLM-x32\...\My Program_is1) (Version: 1.5 - )
    New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
    New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
    NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
    Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
    No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
    OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
    OpenVPN 2.3.6-I003 (HKLM\...\OpenVPN) (Version: 2.3.6-I003 - )
    Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM)
    Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.7 - Portforward, LLC)
    Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
    Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
    POSTAL 2 - Paradise Lost (HKLM-x32\...\POSTAL 2 - Paradise Lost_is1) (Version: - )
    POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
    Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.25 - NCH Software)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Raptr (HKLM-x32\...\Raptr) (Version: - )
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24735 - Razer Inc.)
    Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
    Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
    Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
    RSCC (HKLM-x32\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.00.0000 - RSUPPORT)
    simplitec simplicheck (HKLM-x32\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
    Skypeâ„¢ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    Smart Port Forwarding (HKLM-x32\...\Smart Port Forwarding) (Version: 1.0.0.1 - Brooks Younce Software)
    Source SDK (HKLM-x32\...\Steam App 211) (Version: - Valve)
    Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
    Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
    Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version: - )
    Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version: - )
    Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
    Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
    Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
    System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC)
    System Requirements Lab Detection (HKLM-x32\...\{18524A89-DDD9-4BF5-954B-4A0845786740}) (Version: 6.1.4.0 - Husdawg, LLC)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
    The Evil Within (HKLM-x32\...\The Evil Within_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
    The Path (HKLM-x32\...\Steam App 27000) (Version: - Tale of Tales)
    The Samaritan Paradox (HKLM-x32\...\Steam App 283180) (Version: - Faravid Interactive)
    The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
    Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Third Age - Total War 3.0 (Part 1of2)) (Version: - )
    Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Third Age - Total War 3.0 (Part 2of2)) (Version: - )
    Tyranid Mod 0.5b2 for Soulstorm (HKLM-x32\...\Tyranid Mod 0.5b2 for Soulstorm) (Version: - )
    Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Ultimate Apocalypse mod 1.73) (Version: - )
    Unity Web Player (HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
    Uplay (HKLM-x32\...\Uplay) (Version: 5.0 - Ubisoft)
    VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
    VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
    Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
    Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
    Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    18-06-2015 00:00:02 Scheduled Checkpoint
    19-06-2015 13:50:22 Windows Update

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 04:34 - 2015-06-20 22:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0553C6DF-3851-42E5-A7B5-4794265F55E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
    Task: {32F70AEA-790D-4C3E-9010-F3BA1691ABF6} - System32\Tasks\{C3F46888-6354-4767-8668-EBEA1963F5A4} => pcalua.exe -a "C:\Program Files (x86)\Desura\desura.exe" -c desura://uninstall/games/19040
    Task: {4765461A-431F-46FF-A315-9320D116FD36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
    Task: {4C93F505-8A6B-4B44-986A-C196AE8D5115} - System32\Tasks\{196EFF09-12C1-423E-ADB1-336D80E7B3D0} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=404
    Task: {4DBB518C-0728-48EB-98E7-C6DE01520D92} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
    Task: {59418C04-8D8A-4997-A1F8-89E850AAF475} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    Task: {5CA3B7B5-7609-4C02-A1A8-A8F9D42BD94D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {674437A2-F5D1-4B61-81C3-00081DE22E21} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-23] ()
    Task: {8501D42F-5317-44D0-B8D8-0CF8492C935F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {851C33FF-AEBC-4E39-B6C7-3679B8AC7610} - System32\Tasks\{81E052D7-167A-4A86-910B-4637C8259752} => pcalua.exe -a "C:\Users\Gamer\Downloads\winsdk_web (1).exe" -d C:\Users\Gamer\Downloads
    Task: {8AA53F03-1024-4A14-82A0-64BFD4C0ABAE} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-15] (Microsoft Corporation)
    Task: {A07F895A-E54A-42C1-AFE2-E33461F8ABE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
    Task: {A2EDBEAB-4813-4DFE-B35A-A0CF35CC36FC} - System32\Tasks\Uninstaller_SkipUac_Gamer => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
    Task: {AD6D717B-BCF7-41F3-B2C6-E4E284EFC469} - System32\Tasks\{98CC55C1-E7F6-4466-AF74-7AFFCB0EE658} => pcalua.exe -a "C:\Users\test\Downloads\dxwebsetup (1).exe" -d C:\Users\test\Downloads
    Task: {B4B280CC-C974-4C04-89DC-38AD203E2158} - System32\Tasks\{0EFAE886-2BBA-41DE-BE55-D34376BF6543} => pcalua.exe -a "C:\Users\Gamer\Desktop\Virtual Audio Cable\setup.exe" -d "C:\Users\Gamer\Desktop\Virtual Audio Cable "
    Task: {B568FE2A-BAC1-46E9-8E54-3450281F5A4D} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
    Task: {BCE69EE6-F67A-4AB2-A8A8-0BF68277124F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
    Task: {CFCB4AAA-CD12-4D67-B322-963C769F0A94} - System32\Tasks\{312EE32F-F529-4172-81F5-4EA066DF5598} => pcalua.exe -a "C:\Users\Gamer\Downloads\Empire Total War\Game\DVD 1\setup.exe" -d "C:\Users\Gamer\Downloads\Empire Total War\Game\DVD 1 "
    Task: {DC353B74-321C-4502-8DA2-7DBAF3630362} - System32\Tasks\Opera scheduled Autoupdate 1415202428 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
    Task: {F6F48529-7B07-4129-AC1F-CEE06580FCEF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {F93BF36C-AE8D-405E-9457-2CE4F848D38E} - System32\Tasks\{EF1171DF-E383-40A6-BA9F-9744C10D90A6} => pcalua.exe -a D:\OriginInstaller.exe -d D:\
    Task: {FE048D14-0A50-40A5-BCEA-1333C93EF777} - System32\Tasks\AdobeAAMUpdater-1.0-Gamer-PC-Gamer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-06-17 21:58 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
    2015-06-17 21:58 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
    2015-06-17 21:58 - 2014-12-17 14:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
    2015-06-17 21:58 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
    2015-06-17 22:08 - 2015-06-17 22:08 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpbr.mdl
    2015-06-17 22:08 - 2015-06-17 22:08 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpdsp.mdl
    2015-06-17 22:08 - 2015-06-17 22:08 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpph.mdl
    2015-06-17 22:08 - 2015-06-17 22:08 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttprbl.mdl
    2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-07-02 22:32 - 2015-05-23 16:54 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    2015-05-29 14:38 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
    2015-05-29 14:38 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
    2015-05-29 14:38 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
    2015-06-10 15:47 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
    2015-06-10 15:47 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBulider => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Audiosrv => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MMCSS => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => " "= "Service "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => " "= "Driver "
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => " "= "Enheder til lyd, video og spil "

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
    IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\clonewarsadventures.com -> clonewarsadventures.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\freerealms.com -> freerealms.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\soe.com -> soe.com
    IE trusted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\sony.com -> sony.com

    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\100sexlinks.com -> 100sexlinks.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\101hotteens.com -> 101hotteens.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\101lottery.com -> 101lottery.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\123expressview.com -> 123expressview.com
    IE restricted site: HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\123found.com -> 123found.com

    There are 4784 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-373667173-139741353-2546641198-1001\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 193.162.153.164 - 194.239.134.83

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
    MSCONFIG\startupreg: Bdagent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe "
    MSCONFIG\startupreg: Bitdefender Wallet Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe "
    MSCONFIG\startupreg: Desura =>
    MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: GalaxyClient => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
    MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe "
    MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe "
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe "
    MSCONFIG\startupreg: KrakenLauncher => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe /start
    MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    MSCONFIG\startupreg: pdiface => C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow
    MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe "
    MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
    MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe "
    MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
    MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
    MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
    MSCONFIG\startupreg: YouCam Service6 => "C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe" /s

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{96A32F8D-0D4D-4D82-8C64-0BDA98BF4726}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{EBDA7FDC-4554-4391-98C8-468D3FDB29F7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{5C19C430-DDAB-407A-846E-CD7B4DB46C91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{9C2AEE4E-58BE-41BA-A06D-F9F2E4989243}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{DC4DC004-A789-40B8-86AD-28B46CF743E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{37370DF9-1989-44C7-BB5C-1E8297EDC0C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{2EC6C24B-4246-45B6-AA30-9D9E45431F63}] => (Allow) C:\Users\Gamer\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{CAF981E6-629D-41F5-B77C-07C63A7F17E5}] => (Allow) C:\Users\Gamer\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{4142BC6A-00BB-48BB-B17C-679413294ACC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
    FirewallRules: [{D02E2FA0-5B3A-4DA8-B392-5BDC395C6495}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
    FirewallRules: [{B6D1E783-9D22-4802-8B16-87811EB1CFE8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{EA43E85A-7F04-47A7-9FBE-6735389BD851}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{C4C49A8B-A4FB-4DD1-9C9B-FB779E2255E8}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{FAED3C77-36D6-4088-BE6C-8119995C4C84}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [TCP Query User{403C39C1-6F25-47D6-B8DA-F6C8FA60C357}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [UDP Query User{3DA16981-036B-48BE-BB47-6A5B8D14B2F3}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
    FirewallRules: [{92B08B2A-87BC-4E27-A676-67557B76E9D2}] => (Allow) C:\Program Files (x86)\Crysis 3\Bin32\Crysis3.exe
    FirewallRules: [{4757B173-D6B1-4337-A89F-DCD8A995403C}] => (Allow) C:\Program Files (x86)\Crysis 3\Bin32\Crysis3.exe
    FirewallRules: [TCP Query User{B73AE3DA-902F-4A95-B280-372AE4B409A0}C:\users\gamer\appdata\local\temp\gw2.exe] => (Allow) C:\users\gamer\appdata\local\temp\gw2.exe
    FirewallRules: [UDP Query User{BA6E6336-4C4D-4668-9569-9AE4AFD0A1E4}C:\users\gamer\appdata\local\temp\gw2.exe] => (Allow) C:\users\gamer\appdata\local\temp\gw2.exe
    FirewallRules: [TCP Query User{43BA1D0A-0063-4BB2-9ED9-72F6FC93DCCD}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
    FirewallRules: [UDP Query User{7C96B6BB-40D0-41B3-809E-13EBBE432F87}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
    FirewallRules: [{B2FA1AA4-E0CE-42B2-8B5C-816E6CE06F37}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [{57E1F999-DDB2-4634-814D-4371C109165D}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
    FirewallRules: [TCP Query User{D5D7407B-07E7-4513-893E-9941E934190C}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
    FirewallRules: [UDP Query User{D0E18AE8-1859-4F52-B135-815B62AB30CE}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
    FirewallRules: [TCP Query User{300744FA-741B-4220-89DC-C6B202616D33}C:\users\gamer\desktop\the stanley parable\stanley.exe] => (Allow) C:\users\gamer\desktop\the stanley parable\stanley.exe
    FirewallRules: [UDP Query User{BC9545F4-21AF-430C-A00E-C8355E73D393}C:\users\gamer\desktop\the stanley parable\stanley.exe] => (Allow) C:\users\gamer\desktop\the stanley parable\stanley.exe
    FirewallRules: [{8A4D5287-6422-40CE-ACB0-7F854A561037}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
    FirewallRules: [{6330D0A4-1548-4974-9956-681124E92F88}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
    FirewallRules: [{5FEA2F0B-C104-42AB-81D4-0658B7AAFD31}] => (Block) %ProgramFiles% (x86)\Microsoft Studios\State of Decay - Breakdown\StateOfDecay.exe
    FirewallRules: [{934C1F40-404C-4D5E-B576-26234B9A24EB}] => (Block) %ProgramFiles% (x86)\Microsoft Studios\State of Decay - Lifeline\StateOfDecay.exe
    FirewallRules: [{7F191DCC-4FC9-488D-A461-F3A4389FDDD0}] => (Allow) C:\Users\Gamer\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{0F1C9B1C-3071-45B3-83F8-DB6DAF5E39DB}] => (Allow) C:\Users\Gamer\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{F806138E-7DC3-4639-BAB5-1B65FD5F0E90}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{1179CF64-4EC1-4501-967D-AF0FE050F1F8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{EA3CF586-FCE9-4316-84CF-5BD7D0AC83DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{4B911AA6-15D9-4EA9-8F61-27B70FC7821E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{4F94C6B5-21A4-4C1C-8C22-41839BDFCAF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{9CDD927E-B5DA-4A4B-963C-01056C42773A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{832DE301-6010-41DD-88E4-45D266320951}C:\program files (x86)\smart port forwarding\spf.exe] => (Allow) C:\program files (x86)\smart port forwarding\spf.exe
    FirewallRules: [UDP Query User{B27C556F-AE14-49F6-B7FB-4808718C8C75}C:\program files (x86)\smart port forwarding\spf.exe] => (Allow) C:\program files (x86)\smart port forwarding\spf.exe
    FirewallRules: [{3C376FFD-7BB5-4DB7-B3B0-EBCD20DC7C45}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
    FirewallRules: [{F48474BD-35D3-4283-BFF3-7B69EC648AAF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
    FirewallRules: [{FE4DD569-576F-40A9-9798-F648CB657FB7}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
    FirewallRules: [{EB3E987E-975F-4F9B-A1F3-0E4AB826CAEC}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
    FirewallRules: [{676FFA98-F885-4FA2-96BF-22EA0A859AB2}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
    FirewallRules: [{CD79ADCD-5620-4F2F-B944-E81EA9D08011}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
    FirewallRules: [{3625F94E-EF43-4A53-BFDF-FAA4E0CEC89C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
    FirewallRules: [TCP Query User{26F88241-6DC2-410E-8E47-2C2006E0DD2D}C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
    FirewallRules: [UDP Query User{54462482-E56B-4F40-8CF6-4AAD51160868}C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
    FirewallRules: [TCP Query User{92E0E364-771D-4C33-98FF-466B0C7C0C34}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe
    FirewallRules: [UDP Query User{B4F123BB-9B17-43C8-B910-80C7D244EF95}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe
    FirewallRules: [{B6147634-2E6A-489A-A5AE-94F92B3A2794}] => (Block) %ProgramFiles% (x86)\Mirillis\Action!\Action.exe
    FirewallRules: [{4C6A942C-84C2-45DB-B4EB-609F25E677AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
    FirewallRules: [{14D9D5A2-EB43-4427-821F-EFFB22A9939F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaW.exe
    FirewallRules: [{7B562762-FFC7-4868-AB8C-680EE4428360}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
    FirewallRules: [{1B6485D5-BADF-433A-9DA1-9E18E84C1189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty World at War\CoDWaWmp.exe
    FirewallRules: [{45D368D5-11BD-4CBA-A991-2C094F969186}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
    FirewallRules: [{DE7C548C-5232-4AF7-AF74-8A6265149EF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
    FirewallRules: [{5E5AF8EE-BB7B-4346-A027-5640609431ED}] => (Allow)
     
    marcusdk,
    #15
  17. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    part 2
    C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{B5D47B4E-B83D-4AEE-9B7E-2813528ED3A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [TCP Query User{971B4BF0-1808-4D11-BAB0-AF7EA19470E4}C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
    FirewallRules: [UDP Query User{B4A09EBE-F856-4F4A-A4AB-757F4DA1049A}C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
    FirewallRules: [TCP Query User{4C976B5D-D058-43EE-BA87-AB2C34A1292B}C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
    FirewallRules: [UDP Query User{9C30F989-5582-410B-A67A-DD42077DBEFF}C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\gamer\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
    FirewallRules: [TCP Query User{9607645A-76EE-4769-9853-6F82DAD44472}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
    FirewallRules: [UDP Query User{A7714D31-0B6C-4EDC-8D72-915AD92C692B}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
    FirewallRules: [TCP Query User{B7C71649-C726-4267-833F-5027B9028336}C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe
    FirewallRules: [UDP Query User{E9E1957A-D99B-4639-AE86-C2B88FCC0763}C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\gamer\appdata\local\popcorn time\node-webkit\popcorn time.exe
    FirewallRules: [{CF6C9CF4-7593-40F1-8016-5CF009A5A029}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
    FirewallRules: [{1A497A0B-F7C6-40B9-9CA1-BD4655B391BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
    FirewallRules: [{C5F9E2AE-7B3D-4C23-BCBF-2EA7134E2FA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
    FirewallRules: [{DB13FE71-93C0-431C-8AC5-5E96D1126C9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
    FirewallRules: [{2E21FA0C-C587-4D13-B9E5-4C4186F0DE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
    FirewallRules: [{1BCD1C6D-0394-49AC-8788-D55D8D6B7EC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
    FirewallRules: [{0AD89E79-2B90-40B4-B9EB-76024F2E4A05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
    FirewallRules: [{BD3B9AA8-30B7-42E2-9064-77CACEC89DD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
    FirewallRules: [{26880BD1-0387-44E8-A072-71DCC138B38F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
    FirewallRules: [{83D296BB-41D3-49F3-8688-BE1C83DE0518}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
    FirewallRules: [{52EC1F8F-1689-4F9E-AF95-BF3619507EA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 1 Source Deathmatch\hl2.exe
    FirewallRules: [{8B2C23F2-D0A6-4894-93CA-BDED167A785B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 1 Source Deathmatch\hl2.exe
    FirewallRules: [{D5661AB3-FFA2-496B-871B-BA468B8C291D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
    FirewallRules: [{BEC0E920-0E8B-48BC-9164-5202651E239F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
    FirewallRules: [{ED6C8977-68E7-409B-AFEE-2A55F44AB3A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
    FirewallRules: [{D781DF8A-0212-4A6D-A16B-EDEBC4BFCA24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
    FirewallRules: [{71018267-FEB9-4AF1-A96F-4DF4428E7CB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{1F69BF5B-3768-4FFC-A75C-6A256A632DC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{A7D9A470-F95B-4539-BA75-78A3A77C6B3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
    FirewallRules: [{DD87F69D-089E-4DC9-93E4-E6A972B985DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Singleplayer\hl2.exe
    FirewallRules: [{6E78FB3F-FA12-4EAF-8C61-03A68E72D01E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
    FirewallRules: [{55C7A297-1453-457B-A54C-7B3ACD0FDB53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
    FirewallRules: [{4D7779C5-2391-4EA5-8C2F-166A5BED39E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\hl2.exe
    FirewallRules: [{8060D73F-C37A-4EC4-B0E4-70B47A9B67A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\hl2.exe
    FirewallRules: [{5F75A064-EBAC-46F6-8915-442503AE2795}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
    FirewallRules: [{512B6D82-45A4-4AB3-A97A-FF2FD25A5D93}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
    FirewallRules: [{4F5733B0-DE36-4B20-A839-98A0599CDC46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
    FirewallRules: [{4F704927-10F3-49F6-A97F-8D02BFC5220F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
    FirewallRules: [TCP Query User{FA616438-13E6-43B6-921D-D747F4672BAB}C:\users\gamer\desktop\u1404.exe] => (Allow) C:\users\gamer\desktop\u1404.exe
    FirewallRules: [UDP Query User{78E6C013-D6D8-41FA-A87F-665B7D134946}C:\users\gamer\desktop\u1404.exe] => (Allow) C:\users\gamer\desktop\u1404.exe
    FirewallRules: [{8F7AEF00-034D-450F-9643-C662C19E6F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{3C765918-6E0F-43AE-9054-1353AEA5814A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{F0219DF5-2F01-4668-BD7E-86BDA0396F90}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{5BCFD48F-AA41-4E64-B99B-6ED0EEB76475}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
    FirewallRules: [{6BD67B00-6715-4B9D-8799-48D22CB1C5FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{3030A058-B5A9-4992-8568-9989D3355E1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{D2397A20-C0DE-493C-87D1-F7E04FCD2F41}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MINERVA\hl2.exe
    FirewallRules: [{167A2892-C066-4B9E-8FFB-B0EE892B5272}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MINERVA\hl2.exe
    FirewallRules: [TCP Query User{2F1FB032-2E24-455B-B0DE-29E7DDB9BD69}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [UDP Query User{AF1AADA8-9256-4011-AF01-57749625A19B}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
    FirewallRules: [TCP Query User{092D6429-8D3E-4E44-87C7-190DD1EEDB2C}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe
    FirewallRules: [UDP Query User{2D354797-0671-4AF0-927F-B6A82D20EE1A}C:\games\warcraft iii\war3.exe] => (Allow) C:\games\warcraft iii\war3.exe
    FirewallRules: [TCP Query User{F26CAC42-7E58-4FE4-84C1-081112CA9CAC}C:\users\gamer\downloads\pokemon3dserver.exe] => (Allow) C:\users\gamer\downloads\pokemon3dserver.exe
    FirewallRules: [UDP Query User{6B027B61-403F-4CC1-80FD-8155DD19FAE0}C:\users\gamer\downloads\pokemon3dserver.exe] => (Allow) C:\users\gamer\downloads\pokemon3dserver.exe
    FirewallRules: [{F266A92B-BCD8-41BB-9673-E644894D60B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
    FirewallRules: [{7DA7F672-AAD0-4EBF-BD25-C068CA08768D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
    FirewallRules: [TCP Query User{06CEA6AB-1E14-4230-8DAF-AED725AB1BA6}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3668\agent.exe
    FirewallRules: [UDP Query User{CE3EEEDF-973D-4C44-B3A1-BA4311057684}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3668\agent.exe
    FirewallRules: [{6EC0D022-E350-4164-9E49-810B91BDD0C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
    FirewallRules: [{614D5DCF-DD03-486E-9E1A-7A30A228EEB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
    FirewallRules: [{9101DE3F-01D5-4132-8E1B-01ED1B388635}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
    FirewallRules: [{43E41D3E-FDF8-49CB-9672-A845361F1277}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
    FirewallRules: [TCP Query User{1B67C77D-98BC-4BC0-A132-075D0CD13DF9}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [UDP Query User{C10C1890-A52E-4CD2-9B83-AE69D7AD0344}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [{46105EEA-E487-47AD-AB0F-218C221BBEEA}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [{A08BBDC4-B0DA-421A-A7B1-41BDEA1B5769}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
    FirewallRules: [{AC651655-7CFE-4979-8D62-8E49775BA574}] => (Allow) C:\Program Files (x86)\Zona\Zona.exe
    FirewallRules: [{59126C8E-F0B6-4E48-AF2E-CAB00949C97B}] => (Allow) C:\Program Files (x86)\Zona\Zona.exe
    FirewallRules: [{3C2C34C1-95E6-4A35-86F2-741BABE7C005}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
    FirewallRules: [{1ABDE0EA-5A06-4232-9F62-77A9ABE344C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
    FirewallRules: [{D631A343-14CD-4038-B16A-CBD2318660B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{C50C2FC7-2719-4C02-8EC9-C217E5B643B1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{6B1A0016-4B62-4EB1-82CD-D38C5D7EEE32}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
    FirewallRules: [{9E8FF55B-5CC8-4E2D-A36C-55FD0734D72D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{9ABABBFE-A4EE-427F-ACBE-0344C3C1E0E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
    FirewallRules: [{4E48D79B-9503-473D-9C3F-1D92A3DB8559}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
    FirewallRules: [{CB069EDC-B1C3-4DB5-8EF1-2BFA08DDCA01}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
    FirewallRules: [{02358839-E2D7-4011-A982-2BFEEEC74111}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Multiplayer\hl2.exe
    FirewallRules: [{4C07F9A3-AF89-49D2-BB30-604E6D7192DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2013 Multiplayer\hl2.exe
    FirewallRules: [{1FD0FAFF-70DB-4E46-96F7-EA6E8F8E583A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
    FirewallRules: [{2FC86E15-4A27-42B2-933F-343ADBAACDEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
    FirewallRules: [TCP Query User{B3E10CD7-501F-4C97-BE66-CE033A4569B7}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe
    FirewallRules: [UDP Query User{65AB79FC-B346-4CED-A2D4-51AE84908272}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe
    FirewallRules: [{9E3C56FC-5AA9-4A3E-87FA-D59CDE412175}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
    FirewallRules: [{9415EBB8-455C-48D9-ABC8-402F219A9832}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
    FirewallRules: [{48877635-AB20-49AC-A356-0D840A7DBF09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
    FirewallRules: [{7B1C834E-BE30-4D6A-B72B-3191B8F2E8C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
    FirewallRules: [{09DF5213-BA8D-4799-B6DF-330FF11373C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne\maxpayne.exe
    FirewallRules: [{CD09819D-AC7A-4675-95D1-F7B4B60B95D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne\maxpayne.exe
    FirewallRules: [{ED5B84B1-2AE8-4555-A2B1-908966F47A57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
    FirewallRules: [{1EF9368A-725B-4D80-86B0-EB0AA888D65B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
    FirewallRules: [{A3ECB390-D7FC-4D3A-B47E-0BA93E8A0C9C}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
    FirewallRules: [{2E2FAAE8-1FC9-49DB-9688-CC4F26F37BE2}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
    FirewallRules: [{E9B564BE-1C16-4D17-B352-B71901944518}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
    FirewallRules: [{5BD48F21-0F81-48AE-B0A9-732DCA6742BE}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
    FirewallRules: [TCP Query User{E258C6F8-18B1-418F-B185-F9E15BF4832E}C:\users\gamer\desktop\u1405.exe] => (Allow) C:\users\gamer\desktop\u1405.exe
    FirewallRules: [UDP Query User{87ADF2D1-8D80-4D10-B590-936EF9CEABD6}C:\users\gamer\desktop\u1405.exe] => (Allow) C:\users\gamer\desktop\u1405.exe
    FirewallRules: [TCP Query User{4B4D199F-820F-4CBC-80CD-5C9344FB6630}C:\program files (x86)\thq\dawn of war\w40k.exe] => (Allow) C:\program files (x86)\thq\dawn of war\w40k.exe
    FirewallRules: [UDP Query User{DC04AA72-E24A-4BBA-AB78-351953CF5DAD}C:\program files (x86)\thq\dawn of war\w40k.exe] => (Allow) C:\program files (x86)\thq\dawn of war\w40k.exe
    FirewallRules: [TCP Query User{E9D75C4A-3F80-4787-8A61-DA7DFB52B903}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
    FirewallRules: [UDP Query User{D43CA216-3CAB-4E8C-9B0B-8CFB525FDC02}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
    FirewallRules: [{378757B0-707C-403F-AD51-9D6E935DC76F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{64F4C6D7-DB25-476D-BEF8-A76CA6E4E49D}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
    FirewallRules: [{D95F328A-8DB3-4335-B3FF-B8B4258B4314}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
    FirewallRules: [TCP Query User{41E45D04-696D-45B3-BB5C-5433C5D28037}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
    FirewallRules: [UDP Query User{88B61EC2-FD7D-45A7-8957-D3DA03076E5C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
    FirewallRules: [{122C8226-E19E-4BC6-85CF-3F50B56DB405}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
    FirewallRules: [{66631818-CF2C-4513-BEB6-18F539F2636D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
    FirewallRules: [{6F8DB49A-E8FE-4678-8DB0-E65AC271EF3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
    FirewallRules: [{3C49B4A7-28C7-447D-9A9D-14ECC96343CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
    FirewallRules: [TCP Query User{EF7CEC4A-C47F-4CD4-A97F-54E1D38A173B}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
    FirewallRules: [UDP Query User{76BE733B-F797-41F4-B5EC-8150FC75260B}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
    FirewallRules: [{4B844D15-9472-4DB5-9A4B-37887309C778}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
    FirewallRules: [{91B6B835-776B-4D44-B5A0-4CF9EFBD1DAE}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
    FirewallRules: [{4B5BD469-086C-4612-B02D-CF44C4F40F8D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{80E979EF-3BC2-4086-892B-6A56A82FE571}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
    FirewallRules: [{0E923688-1C19-4D43-8CD4-F92C8A1EF954}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{70BCF1EE-774F-4EF1-A6DA-813417F19A46}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
    FirewallRules: [{A524D06D-C96D-4D61-9B94-2C29EA7F9CD7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{8CCEF6F3-749E-4419-9D51-813EBF490D76}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{F32D569B-AC27-4331-B660-06E49D184296}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{9A50A055-AE0A-4392-8610-147C40204E52}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{FDB14860-73B9-4CF4-AA54-87106198924B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
    FirewallRules: [{46E1D2D1-777C-4989-9812-FC5411CAFDDF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
    FirewallRules: [{BAE83461-716E-4EE4-A945-C3E56FA4380B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
    FirewallRules: [{20FBABC8-ECD5-4103-ADB2-0759E117A390}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
    FirewallRules: [{0A1DAE53-5EFC-4EB2-94EE-5D236BA536A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{46A24069-126C-4112-A152-6D12345FC934}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{224892A0-AB2B-4EBE-B398-41207AB08B7D}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
    FirewallRules: [UDP Query User{9131F07D-8CF8-4636-9402-DA11E860A8B6}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
    FirewallRules: [{3CD4ED17-7126-436D-9C6F-E96FF1C0759E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{CC08DD28-11F2-4D47-8A1C-D4FFCDE6398E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1Heart\1Heart.exe
    FirewallRules: [{4B7F3751-B60E-46CE-B354-8D6AB446DBA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1Heart\1Heart.exe
    FirewallRules: [{3DD59CD3-F983-4056-A139-17B4721DA4FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Betrayer\Binaries\Win32\Betrayer.exe
    FirewallRules: [{F5E8E8D1-3796-46AE-A93C-BB472B1DEF45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Betrayer\Binaries\Win32\Betrayer.exe
    FirewallRules: [{2D7F44EF-51D4-4A97-BC83-CC5C52230F44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GunsNZombies\GNZ.exe
    FirewallRules: [{9BB442F8-25DF-4109-A7FA-BF6AB2154F82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GunsNZombies\GNZ.exe
    FirewallRules: [{5C98FFDF-8924-4DC1-BA43-A1CF280006F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kraven Manor\Binaries\Win32\KravenManor.exe
    FirewallRules: [{86EC65FC-26C9-4093-96D6-AEBB921DD9FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kraven Manor\Binaries\Win32\KravenManor.exe
    FirewallRules: [{5DF0CF1B-4ADE-42B8-9D92-5B10F724FE52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Path\PathViewer.exe
    FirewallRules: [{E1480FF3-5A36-4511-AADF-E6D620CA05E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Path\PathViewer.exe
    FirewallRules: [{1A218A8F-0A9C-48EC-9524-84C7BDCADCDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheSamaritanParadox\samaritan.exe
    FirewallRules: [{5232423A-1FD8-4E6C-B5CA-78E2CF9C9C94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheSamaritanParadox\samaritan.exe
    FirewallRules: [{F07D95A3-0DFD-4263-89A4-722E3BF6D41F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\MontaguesMount.exe
    FirewallRules: [{EE3F0054-6162-4121-B63F-B5B99EA7D26D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\MontaguesMount.exe
    FirewallRules: [{7B51E911-DBF0-456A-8DD0-83DBF5316320}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe
    FirewallRules: [{B96CD24A-32E7-45AB-972F-29511A129F61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling-adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/20/2015 10:06:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 10:05:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 10:05:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 10:05:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 10:05:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 09:40:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 09:39:30 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 09:39:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 09:39:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.

    Error: (06/20/2015 09:39:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: Windows kan ikke indlæse registreringsdatabasefilen for klasser.
    DETALJER - The system cannot find the file specified.


    System errors:
    =============
    Error: (06/20/2015 10:07:19 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
    Description: 0x800700b7

    Error: (06/20/2015 10:07:19 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
    Description: 00x800700b7http://+:10243/WMPNSSv4/989726095/

    Error: (06/20/2015 10:07:19 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
    Description: 0x800700b7

    Error: (06/20/2015 10:07:19 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
    Description: 00x800700b7http://+:10243/WMPNSSv4/989726095/

    Error: (06/20/2015 10:06:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Følgende boot-start- eller system-start-driver kunne ikke indlæses:
    UimBus
    Uim_DEVIM
    Uim_IM

    Error: (06/20/2015 10:03:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: Tjenesten PEVSystemStart er markeret som en interaktiv tjeneste. Systemet er dog konfigureret til ikke at tillade interaktive tjenester. Denne tjeneste fungerer muligvis ikke korrekt.

    Error: (06/20/2015 10:02:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
    Description: Indlæsning af \??\C:\ComboFix\catchme.sys er blevet blokeret på grund af inkompatibilitet med dette system. Kontakt softwareleverandøren for at få en kompatibel version af driveren.

    Error: (06/20/2015 09:57:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: Tjenesten PEVSystemStart er markeret som en interaktiv tjeneste. Systemet er dog konfigureret til ikke at tillade interaktive tjenester. Denne tjeneste fungerer muligvis ikke korrekt.

    Error: (06/20/2015 09:40:47 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
    Description: 0x800700b7

    Error: (06/20/2015 09:40:47 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
    Description: 00x800700b7http://+:10243/WMPNSSv4/989726095/


    Microsoft Office:
    =========================
    Error: (06/20/2015 10:06:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 10:05:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 10:05:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 10:05:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 10:05:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 09:40:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (06/20/2015 09:39:30 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 09:39:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 09:39:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.

    Error: (06/20/2015 09:39:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
    Description: The system cannot find the file specified.


    CodeIntegrity Errors:
    ===================================
    Date: 2015-06-20 22:02:53.484
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-20 22:02:53.453
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.880
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.850
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.818
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.790
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.758
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.729
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.697
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-06-16 22:16:55.669
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
    Percentage of memory in use: 29%
    Total physical RAM: 8168.88 MB
    Available physical RAM: 5749.92 MB
    Total Pagefile: 15876.23 MB
    Available Pagefile: 13217.11 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.41 GB) (Free:10.61 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4B186D8A)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

    ==================== End of log ============================
     
    marcusdk,
    #16
  18. 2015/06/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I still need FRST.txt log.
     
    broni,
    #17
  19. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    This was all there was in the FRST.txt log



    LastRegBack: 2015-06-14 16:52

    ==================== End of log ============================
     
    marcusdk,
    #18
  20. 2015/06/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    That's not it.
    Re-run FRST.
     
    broni,
    #19
  21. 2015/06/20
    marcusdk

    marcusdk Inactive Thread Starter

    Joined:
    2015/06/17
    Messages:
    44
    Likes Received:
    0
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
    Ran by Gamer (administrator) on GAMER-PC on 21-06-2015 00:23:34
    Running from C:\Users\Gamer\Desktop
    Loaded Profiles: Gamer (Available Profiles: Gamer & Marcus & test)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Engelsk (USA)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
    (A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
    (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (D3DGear Technologies.) C:\Program Files\D3DGear\d3dGear.exe
    (D3DGear Technologies.) C:\Program Files\D3DGear\d3dGear64.exe
    (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
    (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Camtasia Studio 8\TscHelp.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-17] (Bitdefender)
    AppInit_DLLs: C:\Windows\System32\d3dGearLoad64.dll => C:\Windows\System32\d3dGearLoad64.dll [256288 2014-09-18] (D3DGear Technologies.)
    AppInit_DLLs-x32: d3dgearload.dll => "d3dgearload.dll" File not found
    ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
    ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
    ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
    ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-373667173-139741353-2546641198-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-05-29] (IObit)
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-17] (Bitdefender)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-17] (Bitdefender)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation)
    Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-17] (Bitdefender)
    Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-17] (Bitdefender)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 193.162.153.164 194.239.134.83

    FireFox:
    ========
    FF ProfilePath: C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default
    FF DefaultSearchEngine: Yahoo! (Avast)
    FF DefaultSearchUrl: https://dk.search.yahoo.com/yhs/search
    FF SearchEngineOrder.1: Yahoo! (Avast)
    FF SelectedSearchEngine: Yahoo! (Avast)
    FF Homepage: google.dk
    FF Keyword.URL: https://dk.search.yahoo.com/yhs/search
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
    FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll No File
    FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll No File
    FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
    FF Plugin HKU\S-1-5-21-373667173-139741353-2546641198-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gamer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Users\Gamer\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
    FF SearchPlugin: C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\searchplugins\yahoo-avast.xml [2015-01-16]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-co-uk.xml [2015-05-14]
    FF Extension: Cinem Plus 2.4cV15.06 - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.com [2015-06-15]
    FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\iobitascsurfingprotection@iobit.com [2015-05-29]
    FF Extension: Widevine Media Optimizer - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2015-02-20]
    FF Extension: MEGA - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\firefox@mega.co.nz.xpi [2015-04-29]
    FF Extension: Adblock Plus - C:\Users\Gamer\AppData\Roaming\Mozilla\Firefox\Profiles\jz9ypvpn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-23]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
    FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-06-17]
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
    FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
    FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-06-17]
    FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-20]
    CHR Extension: (Unfriend Notify for Facebook) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2015-04-30]
    CHR Extension: (Google Docs) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-20]
    CHR Extension: (Google Drive) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-20]
    CHR Extension: (YouTube) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-20]
    CHR Extension: (Google Search) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-20]
    CHR Extension: (Bitdefender Wallet) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-06-17]
    CHR Extension: (Google Sheets) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-20]
    CHR Extension: (AdBlock) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-30]
    CHR Extension: (Google Wallet) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]
    CHR Extension: (Enhanced Steam) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-06-14]
    CHR Extension: (Gmail) - C:\Users\Gamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-20]
    CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

    Opera:
    =======
    OPR Extension: (Shop and Save Up) - C:\Users\Gamer\AppData\Roaming\Opera Software\Opera Stable\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-06-16]
    OPR Extension: (Cinem Plus 2.4cV15.06) - C:\Users\Gamer\AppData\Roaming\Opera Software\Opera Stable\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh [2015-06-15]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
    R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
    S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
    S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1751096 2015-05-28] (GOG.com)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-16] (GOG.com)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2585376 2015-03-26] (IObit)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    S3 OpenVPNService; c:\Users\Gamer\.openvpn\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-09] (Electronic Arts)
    R2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-27] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-23] ()
    R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
    R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4250624 2015-02-03] (A-Volute) [File not signed]
    S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-06-17] (Bitdefender)
    S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-15] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2015-03-31] (Advanced Micro Devices)
    R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
    R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-03] ()
    R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-06-17] (BitDefender)
    R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-06-17] (BitDefender)
    S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-06-17] (BitDefender)
    S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
    R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-06-17] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
    S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
    R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
    S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
    S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
    S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
    S3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
    S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-09] (Phoenix Technologies) [File not signed]
    S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
    U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc.)
    S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
    S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
    R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-06-17] (BitDefender LLC)
    S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
    S3 LHidFilt; C:\Windows\System32\DRIVERS\LHidFilt.Sys [54800 2008-02-29] (Logicool, Inc.)
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-03] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-20] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
    R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
    R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
    S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
    R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2014-11-20] (ThreatTrack Security, Inc.)
    S3 sbwtis; C:\Windows\System32\DRIVERS\sbwtis.sys [95608 2014-11-20] (ThreatTrack Security)
    R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
    R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-03-11] (Synaptics Incorporated)
    S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [17568 2015-06-12] (Windows (R) Win 7 DDK provider)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-20] ()
    R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
    S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-02-10] ()
    S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-02-10] ()
    S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700424 2014-02-10] ()
    S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
    R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [108896 2015-06-16] (Webroot)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-20 22:38 - 2015-06-21 00:23 - 00024793 _____ C:\Users\Gamer\Desktop\FRST.txt
    2015-06-20 22:14 - 2015-06-20 22:14 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Gamer
    2015-06-20 22:13 - 2015-06-20 22:14 - 00000000 ____D C:\ProgramData\ProductData
    2015-06-20 22:13 - 2015-06-20 22:13 - 00045430 _____ C:\ComboFix.txt
    2015-06-20 21:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
    2015-06-20 21:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
    2015-06-20 21:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2015-06-20 21:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2015-06-20 21:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2015-06-20 21:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
    2015-06-20 21:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
    2015-06-20 21:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
    2015-06-20 21:43 - 2015-06-20 22:13 - 00000000 ____D C:\Qoobox
    2015-06-20 21:43 - 2015-06-20 22:11 - 00000000 ____D C:\Windows\erdnt
    2015-06-20 21:33 - 2015-06-20 21:33 - 05628633 ____R (Swearware) C:\Users\Gamer\Desktop\ComboFix.exe
    2015-06-20 21:33 - 2015-06-20 21:33 - 05628633 _____ (Swearware) C:\Users\Gamer\Downloads\ComboFix.exe
    2015-06-20 21:31 - 2015-06-20 21:31 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
    2015-06-20 21:26 - 2015-06-20 21:26 - 00000000 ____D C:\Users\Gamer\AppData\Local\ESN
    2015-06-20 21:25 - 2015-06-20 21:25 - 01640768 _____ C:\Users\Gamer\Downloads\battlelog-web-plugins_2.7.1_162.exe
    2015-06-20 21:19 - 2015-06-20 21:19 - 00002776 _____ C:\Users\Gamer\Desktop\JRT.txt
    2015-06-20 21:17 - 2015-06-20 21:17 - 00000207 _____ C:\Windows\tweaking.com-regbackup-GAMER-PC-Windows-7-Ultimate-(64-bit).dat
    2015-06-20 21:17 - 2015-06-20 21:17 - 00000000 ____D C:\RegBackup
    2015-06-20 21:16 - 2015-06-20 21:16 - 02950750 _____ (Thisisu) C:\Users\Gamer\Downloads\JRT.exe
    2015-06-20 20:48 - 2015-06-20 20:58 - 00000000 ____D C:\AdwCleaner
    2015-06-20 20:48 - 2015-06-20 20:48 - 02231296 _____ C:\Users\Gamer\Downloads\adwcleaner_4.206.exe
    2015-06-20 20:46 - 2015-06-20 20:46 - 00001407 _____ C:\Users\Gamer\Desktop\scan malware.txt
    2015-06-20 20:15 - 2015-06-20 21:03 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2015-06-20 20:15 - 2015-06-20 20:29 - 00000000 ____D C:\ProgramData\RogueKiller
    2015-06-20 20:14 - 2015-06-20 20:13 - 17659640 _____ C:\Users\Gamer\Desktop\RogueKiller.exe
    2015-06-20 20:12 - 2015-06-20 20:13 - 17659640 _____ C:\Users\Gamer\Downloads\RogueKiller.exe
    2015-06-20 19:44 - 2015-06-20 19:44 - 00010739 _____ C:\Users\Gamer\Downloads\fixlist.txt
    2015-06-20 19:41 - 2015-06-20 19:41 - 00003246 _____ C:\Windows\System32\Tasks\Trojan Killer
    2015-06-20 19:41 - 2015-06-20 19:41 - 00000000 ____D C:\ProgramData\GridinSoft
    2015-06-20 19:40 - 2015-06-20 19:41 - 68149520 _____ (GridinSoft LLC) C:\Users\Gamer\Downloads\gtk-2.2.7.4-setup.exe
    2015-06-20 18:32 - 2015-06-20 18:32 - 03279147 _____ C:\Users\Gamer\Downloads\kavremover.zip
    2015-06-20 13:50 - 2015-06-20 13:50 - 00003554 _____ C:\Users\Gamer\Downloads\Ikke bekræftet 602898.crdownload
    2015-06-20 01:26 - 2015-06-20 21:36 - 00004251 _____ C:\Users\Gamer\Desktop\Nyt tekstdokument.txt
    2015-06-20 00:58 - 2015-06-21 00:23 - 00000000 ____D C:\FRST
    2015-06-20 00:57 - 2015-06-20 00:57 - 02109952 _____ (Farbar) C:\Users\Gamer\Downloads\FRST64.exe
    2015-06-20 00:57 - 2015-06-20 00:57 - 02109952 _____ (Farbar) C:\Users\Gamer\Desktop\FRST64.exe
    2015-06-19 21:51 - 2015-06-19 21:51 - 00045310 _____ C:\Users\Gamer\Downloads\Result.txt
    2015-06-19 21:50 - 2015-06-19 21:50 - 00403456 _____ (Farbar) C:\Users\Gamer\Downloads\MiniToolBox.exe
    2015-06-19 14:14 - 2015-06-19 14:14 - 02335697 _____ C:\Users\Gamer\Downloads\RemoveWAT(1).exe
    2015-06-19 13:49 - 2015-06-19 13:49 - 02335697 _____ C:\Users\Gamer\Downloads\RemoveWAT.exe
    2015-06-19 00:49 - 2015-06-19 00:49 - 00000000 ____D C:\Users\Gamer\Desktop\Ny mappe
    2015-06-19 00:46 - 2015-06-19 00:46 - 00593693 _____ C:\Users\Gamer\Downloads\Autoruns.zip
    2015-06-19 00:36 - 2015-06-20 22:05 - 00001176 _____ C:\Windows\setupact.log
    2015-06-19 00:36 - 2015-06-19 00:36 - 00000000 _____ C:\Windows\setuperr.log
    2015-06-19 00:34 - 2015-06-20 22:04 - 00041394 _____ C:\Windows\PFRO.log
    2015-06-18 23:37 - 2015-06-18 23:37 - 02335697 _____ C:\Users\Gamer\Downloads\Ikke bekræftet 125746.crdownload
    2015-06-18 22:23 - 2015-06-18 22:23 - 00000000 ____D C:\symbols
    2015-06-18 22:23 - 2015-06-16 17:17 - 00325600 _____ C:\Windows\Minidump\061615-32775-01.dmp
    2015-06-18 22:13 - 2015-06-18 22:13 - 00031631 _____ C:\Users\Gamer\Downloads\061615-32775-01.zip
    2015-06-18 19:56 - 2015-06-18 22:36 - 00000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
    2015-06-18 19:56 - 2015-06-18 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
    2015-06-18 19:54 - 2015-06-18 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
    2015-06-18 19:54 - 2015-06-18 19:54 - 00000000 ____D C:\Program Files\Microsoft SDKs
    2015-06-18 19:51 - 2015-06-18 19:51 - 00003140 _____ C:\Windows\System32\Tasks\{81E052D7-167A-4A86-910B-4637C8259752}
    2015-06-18 19:44 - 2015-06-18 19:44 - 00509264 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\winsdk_web (1).exe
    2015-06-18 19:43 - 2015-06-18 19:43 - 00998056 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\sdksetup.exe
    2015-06-18 18:44 - 2009-02-03 21:42 - 00116232 _____ (WindowsBBS) C:\Users\Gamer\Desktop\debugwiz.exe
    2015-06-18 18:43 - 2015-06-18 18:43 - 00063344 _____ C:\Users\Gamer\Downloads\debugwiz.zip
    2015-06-18 18:41 - 2015-06-18 18:41 - 00509264 _____ (Microsoft Corporation) C:\Users\Gamer\Downloads\winsdk_web.exe
    2015-06-18 00:39 - 2015-06-18 00:49 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\The Path
    2015-06-18 00:39 - 2015-06-18 00:39 - 00000000 ____D C:\Users\Gamer\Documents\The Path
    2015-06-18 00:38 - 2015-06-18 00:38 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Gamer\Downloads\flashplayer18_ga_install.exe
    2015-06-18 00:30 - 2015-06-18 00:30 - 00000000 ____D C:\Users\Gamer\AppData\Temp
    2015-06-17 22:30 - 2015-06-17 22:30 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
    2015-06-17 22:30 - 2015-06-17 22:30 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
    2015-06-17 22:29 - 2015-06-17 22:29 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
    2015-06-17 21:59 - 2015-06-17 21:59 - 00000684 ____H C:\bdr-cf01
    2015-06-17 21:58 - 2015-06-17 22:29 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
    2015-06-17 21:58 - 2015-06-17 22:29 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
    2015-06-17 21:58 - 2015-06-17 22:04 - 00000000 ____D C:\Users\Gamer\AppData\Roaming\Bitdefender
    2015-06-17 21:58 - 2015-06-17 21:59 - 00253404 ____H C:\bdr-ld01
    2015-06-17 21:58 - 2015-06-17 21:59 - 00009216 ____H C:\bdr-ld01.mbr
    2015-06-17 21:58 - 2015-06-17 21:58 - 00002082 _____ C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
    2015-06-17 21:58 - 2015-06-17 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
    2015-06-17 21:58 - 2014-07-04 17:49 - 49563064 ____H C:\bdr-im01.gz
    2015-06-17 21:58 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC)
     
    marcusdk,
    #20
Page 1 of 2

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...